diff --git a/CHANGELOG.md b/CHANGELOG.md index 040b619..b113039 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [5.1.0] - 2024-02-15 + +- Allow configuring NodeAffinity for ingress-nginx controller. + ## [5.0.0] - 2024-01-21 - Add dynamic root volume name depending on the AMI that is being used for the worker nodes. diff --git a/README.md b/README.md index c0c78de..b63d73b 100644 --- a/README.md +++ b/README.md @@ -110,6 +110,11 @@ module "eks_main" { helm_cluster_autoscaler_enabled = true helm_metrics_server_enabled = true helm_cert_manager_enabled = true + ingress_node_affinity = { + enabled = true, + label_key = "nodegroup", + label_value = "${var.env}-eks-spot" + } create_ebs_csi_role = true @@ -230,6 +235,7 @@ module "eks_main" { | ingress\_http\_nodeport | Set port for ingress http nodePort | `int` | `32080` | no | | ingress\_https\_nodeport | Set port for ingress https nodePort | `int` | `32443` | no | | ingress\_https\_traffic\_enabled | Set https traffic for ingress | `bool` | `false` | no | +| ingress\_node\_affinity | Set nodeAffinity for ingress | `map` | `{ enabled = false, label_key = null, label_value = null}` | no | | ingress\_requests\_cpu | Set how much cpu will be assigned to the request | `string` | `100m` | no | | ingress\_requests\_memory | Set how much memory will be assigned to the request | `string` | `90Mi` | no | | ingress\_service\_monitor\_enabled | Enable serviceMonitor for ingress-nginx helm chart | `bool` | `false` | no | diff --git a/helm-values/ingress-nginx.yaml b/helm-values/ingress-nginx.yaml deleted file mode 100644 index 8801be4..0000000 --- a/helm-values/ingress-nginx.yaml +++ /dev/null @@ -1,23 +0,0 @@ -controller: - service: - type: NodePort - nodePorts: - http: 32080 - https: 32443 - tcp: - 8080: 32808 - - admissionWebhooks: - enabled: false - - metrics: - port: 10254 - # if this port is changed, change healthz-port: in extraArgs: accordingly - service: - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "10254" - - serviceMonitor: - additionalLabels: - release: prometheus-stack \ No newline at end of file diff --git a/helm-values/ingress-nginx.yaml.tpl b/helm-values/ingress-nginx.yaml.tpl new file mode 100644 index 0000000..c88330c --- /dev/null +++ b/helm-values/ingress-nginx.yaml.tpl @@ -0,0 +1,34 @@ +controller: + service: + type: NodePort + nodePorts: + http: 32080 + https: 32443 + tcp: + 8080: 32808 + + admissionWebhooks: + enabled: false + + metrics: + port: 10254 + service: + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "10254" + serviceMonitor: + additionalLabels: + release: prometheus-stack + + %{if enableNodeAffinity } + affinity: + nodeAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + preference: + matchExpressions: + - key: ${nodeAffinityLabelKey} + operator: In + values: + - ${nodeAffinityLabelValue} + %{endif} diff --git a/helm.tf b/helm.tf index 589990e..3bb24aa 100644 --- a/helm.tf +++ b/helm.tf @@ -11,7 +11,12 @@ resource "helm_release" "ingress_nginx" { version = var.ingress_chart_version values = [ - file("${path.module}/helm-values/ingress-nginx.yaml") + templatefile("${path.module}/helm-values/ingress-nginx.yaml.tpl", + { + enableNodeAffinity = var.ingress_node_affinity["enabled"], + nodeAffinityLabelKey = var.ingress_node_affinity["label_key"], + nodeAffinityLabelValue = var.ingress_node_affinity["label_value"] + }) ] set { diff --git a/variables.tf b/variables.tf index a368297..8418a99 100644 --- a/variables.tf +++ b/variables.tf @@ -186,10 +186,19 @@ variable "ingress_requests_cpu" { variable "ingress_requests_memory" { default = "90Mi" } + variable "ingress_priority_class_name"{ default = "" } +variable "ingress_node_affinity" { + default = { + enabled = "false", + label_key = null, + label_value = null + } +} + # ================== ingress-nginx-additional ================= variable "helm_ingress_nginx_additional_enabled" {