Add Tags to ASG when using node groups

[marianobilli]

Is your request related to a new offering from AWS?

No

Is your request related to a problem? Please describe.

When using nodegroups it is necessary to be able to add tags to the autoscaling groups as described in AWS EKS Cluster Autoscaler Doc

in my case I need to add tags related to taints
Key: k8s.io/cluster-autoscaler/node-template/taint/$TAINT_KEY Value: NoSchedule

Describe the solution you'd like.

Include in the node group module, the positiblity to add asg_tags per each nodegroup and in the module use the terraform resource aws_autoscaling_group_tag

Describe alternatives you've considered.

Manually mantain the ASG tags. t(-_-t)

[daroga0002]

you have map node_groups_defaults where you can specify key additional_tags or specify this directly in node group map as additional_tags and then those tags can be added.

terraform-aws-eks/modules/node_groups/node_groups.tf

Lines 79 to 83 in 979d62d

	tags = merge(
	var.tags,
	lookup(var.node_groups_defaults, "additional_tags", {}),
	lookup(var.node_groups[each.key], "additional_tags", {}),
	)

[marianobilli]

you have map node_groups_defaults where you can specify key additional_tags or specify this directly in node group map as additional_tags and then those tags can be added.

terraform-aws-eks/modules/node_groups/node_groups.tf

Lines 79 to 83 in 979d62d

	tags = merge(
	var.tags,
	lookup(var.node_groups_defaults, "additional_tags", {}),
	lookup(var.node_groups[each.key], "additional_tags", {}),
	)

But those tags are going to the node group not to the autoscaling group related to the node group

[daroga0002]

autoscaling group for node groups is done thru EKS api, so you cannot influence it. If you want have own autoscaling group then follow worker nodes approach with custom AMI

[marianobilli]

or node groups is done thru EKS api, so you cannot influence it. If you want have own autoscaling group then follow worker nodes approach with custom AMI

I like the nodegroups managed by aws.
Currently I added this code outside the EKS module, but adding it inside the node_group module would be so much easier

resource "aws_autoscaling_group_tag" "tag" {
  for_each = local.asg_tags
  autoscaling_group_name = module.eks_cluster.node_groups[split("_",each.key)[0]].resources[0].autoscaling_groups[0].name

  tag {
    key   = each.value.key
    value = each.value.value
    propagate_at_launch = each.value.propagate_at_launch
  }
}

I can do a proposed PR but only if the maintainers agree to the idea

[daroga0002]

this approach is not supported by AWS, so probably we shouldn't implement it (even if possible).

EKS node group has own limitations which people must accept choosing it, if they want to hack or use unsupported tricks then I think they make it on own responsibility.

[bryantbiggs]

@marianobilli you can do this with a new resource that will be released this week, but as @daroga0002 stated, we won't be adding that here hashicorp/terraform-provider-aws#20009

[marianobilli]

@marianobilli you can do this with a new resource that will be released this week, but as @daroga0002 stated, we won't be adding that here hashicorp/terraform-provider-aws#20009

@bryantbiggs the resource you shared is exactly the same I proposed, which I am proposing to add in the terraform-aws-eks module for easier use.

[marianobilli]

this approach is not supported by AWS, so probably we shouldn't implement it (even if possible).

EKS node group has own limitations which people must accept choosing it, if they want to hack or use unsupported tricks then I think they make it on own responsibility.

man you need to relax a bit, if you are in krakow I'll buy you a beer.
I dont think it is a bad idea to add that new resource to the module, but if you dont want to Its your decision I guess.

[bryantbiggs]

I will admit, I just don't see the benefit of adding it here; adding it externally seems to be a very good approach. The module is already overly complex and we are trying to be thoughtful in what gets added because currently its quite involved in managing it, and tags are an area that create a lot of noise because you can have 100 different users of the module and 199 different ways they want to manage tags

[wgj]

The module is already overly complex and we are trying to be thoughtful in what gets added because currently its quite involved in managing it[.]

@bryantbiggs I can appreciate being defensive on adding new features; terraform-aws-eks is a beast of a module for users. Hats off to everyone involved. In fact, I think @marianobilli was suggesting adding it to the node_groupssubmodule, which as I understand it should help with maintenance concerns of terraform-aws-eks proper.

[Y]ou can have 100 different users of the module and 199 different ways they want to manage tags

I think the argument to add it isn't quite that complex. I see it more as "do you want your node group tagged by the module that created it?" bringing 199 (at least!) usecases to one "yes or no" question ;), such that 'yes' is passing a map through to provider resource (aws_autoscaling_group_tag), and 'no' is current behavior. And the combinatorial problem of satisfying everyone's tagging preference is encapsulated. "You can have any tagging pattern you like, so long as it's mapped" ;)

[bryantbiggs]

I guess lets see what a PR looks like then

[wgj]

@marianobilli Let me know if you're still keen to open a PR or want me to run with it.

[marianobilli]

@marianobilli Let me know if you're still keen to open a PR or want me to run with it.
go ahead @wgj I am super busy and I would not be able to do it any time soon. thanks!