Update defaults for addons

pulumi · Dec 9, 2024 · 3aa448a · 3aa448a
1 parent 76afbf2
commit 3aa448a
Show file tree

Hide file tree

Showing 15 changed files with 59 additions and 41 deletions.
diff --git a/nodejs/eks/cluster.ts b/nodejs/eks/cluster.ts
@@ -544,7 +544,8 @@ export function createCore(
         );
     }
 
-    const skipDefaultSecurityGroups = args.skipDefaultSecurityGroups || args.autoMode?.enabled;
+    // Do not create the default security group if the user makes an explicit decision or if EKS Auto Mode is enabled.
+    const skipDefaultSecurityGroups = args.skipDefaultSecurityGroups ?? args.autoMode?.enabled;
 
     // Create the EKS cluster security group
     let eksClusterSecurityGroup: aws.ec2.SecurityGroup | undefined;
@@ -733,7 +734,8 @@ export function createCore(
         },
     );
 
-    if (args.kubeProxyAddonOptions?.enabled ?? true) {
+    const kubeProxyAddonEnabled = args.kubeProxyAddonOptions?.enabled ?? !args.autoMode?.enabled;
+    if (kubeProxyAddonEnabled) {
         const kubeProxyVersion: pulumi.Output<string> = args.kubeProxyAddonOptions?.version
             ? pulumi.output(args.kubeProxyAddonOptions?.version)
             : aws.eks
@@ -890,7 +892,9 @@ export function createCore(
         { parent: parent },
     );
 
-    const skipDefaultNodeGroup = args.skipDefaultNodeGroup || args.fargate || args.autoMode?.enabled;
+    // create the default node group unless the user opts out of it or if Fargate/EKS Auto Mode is enabled
+    const skipDefaultNodeGroup =
+        args.skipDefaultNodeGroup || args.fargate || args.autoMode?.enabled;
 
     let instanceRoles: pulumi.Output<aws.iam.Role[]>;
     let defaultInstanceRole: pulumi.Output<aws.iam.Role> | undefined;
@@ -1053,10 +1057,13 @@ export function createCore(
         }
     }
 
+    // Create the VPC CNI addon if the user has not explicitly disabled it. The VPC CNI addon is enabled by default
+    // unless EKS Auto Mode is enabled.
+    const vpcCniAddonEnabled =
+        args.useDefaultVpcCni !== undefined ? !args.useDefaultVpcCni : !args.autoMode?.enabled;
     // Create the VPC CNI addon
-    const vpcCni = args.useDefaultVpcCni
-        ? undefined
-        : new VpcCniAddon(
+    const vpcCni = vpcCniAddonEnabled
+        ? new VpcCniAddon(
               `${name}-vpc-cni`,
               {
                   ...args.vpcCniOptions,
@@ -1072,7 +1079,8 @@ export function createCore(
                       kubernetes: k8sProvider,
                   },
               },
-          );
+          )
+        : undefined;
 
     const fargateProfile: pulumi.Output<aws.eks.FargateProfile | undefined> = pulumi
         .output(args.fargate)
@@ -2198,7 +2206,8 @@ export function createCluster(
 
     let nodeSecurityGroup: aws.ec2.SecurityGroup | undefined;
     let eksClusterIngressRule: aws.ec2.SecurityGroupRule | undefined;
-    if (!args.skipDefaultSecurityGroups) {
+    const skipDefaultSecurityGroups = args.skipDefaultSecurityGroups ?? args.autoMode?.enabled ?? false;
+    if (skipDefaultSecurityGroups) {
         if (!core.clusterSecurityGroup) {
             throw new pulumi.ResourceError(
                 "clusterSecurityGroup is required when creating the default node group.",

diff --git a/provider/cmd/pulumi-gen-eks/main.go b/provider/cmd/pulumi-gen-eks/main.go
@@ -418,7 +418,8 @@ func generateSchema(version semver.Version, outdir string) schema.PackageSpec {
 							Type:  "boolean",
 							Plain: true,
 						},
-						Description: "Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.",
+						Description: "Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.\n" +
+							"Defaults to true, unless `autoMode` is enabled.",
 					},
 					"instanceType": {
 						TypeSpec:    schema.TypeSpec{Type: "string"}, // TODO: aws.ec2.InstanceType is a string enum.
@@ -1430,7 +1431,8 @@ func generateSchema(version semver.Version, outdir string) schema.PackageSpec {
 								Type:  "boolean",
 								Plain: true,
 							},
-							Description: "Whether to enable EKS Auto Mode. If enabled, EKS will manage node pools, EBS volumes and Load Balancers for you.",
+							Description: "Whether to enable EKS Auto Mode. If enabled, EKS will manage node pools, EBS volumes and Load Balancers for you.\n" +
+								"When enabled, the vpc-cni and kube-proxy will not be enabled by default because EKS Auto Mode includes pod networking capabilities.",
 						},
 						"createNodeRole": {
 							TypeSpec: schema.TypeSpec{
@@ -2107,8 +2109,7 @@ func generateSchema(version semver.Version, outdir string) schema.PackageSpec {
 					Properties: map[string]schema.PropertySpec{
 						"enabled": {
 							TypeSpec:    schema.TypeSpec{Type: "boolean", Plain: true},
-							Default:     true,
-							Description: "Whether or not to create the `kube-proxy` Addon in the cluster",
+							Description: "Whether or not to create the `kube-proxy` Addon in the cluster. Defaults to true, unless `autoMode` is enabled.",
 						},
 						"version": {
 							TypeSpec: schema.TypeSpec{Type: "string"},

diff --git a/provider/cmd/pulumi-resource-eks/schema.json b/provider/cmd/pulumi-resource-eks/schema.json
@@ -245,7 +245,7 @@
                 "enabled": {
                     "type": "boolean",
                     "plain": true,
-                    "description": "Whether to enable EKS Auto Mode. If enabled, EKS will manage node pools, EBS volumes and Load Balancers for you."
+                    "description": "Whether to enable EKS Auto Mode. If enabled, EKS will manage node pools, EBS volumes and Load Balancers for you.\nWhen enabled, the vpc-cni and kube-proxy will not be enabled by default because EKS Auto Mode includes pod networking capabilities."
                 }
             },
             "type": "object",
@@ -700,8 +700,7 @@
                 "enabled": {
                     "type": "boolean",
                     "plain": true,
-                    "description": "Whether or not to create the `kube-proxy` Addon in the cluster",
-                    "default": true
+                    "description": "Whether or not to create the `kube-proxy` Addon in the cluster. Defaults to true, unless `autoMode` is enabled."
                 },
                 "resolveConflictsOnCreate": {
                     "type": "string",
@@ -1530,7 +1529,7 @@
                 "useDefaultVpcCni": {
                     "type": "boolean",
                     "plain": true,
-                    "description": "Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`."
+                    "description": "Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.\nDefaults to true, unless `autoMode` is enabled."
                 },
                 "userMappings": {
                     "type": "array",

diff --git a/sdk/dotnet/Cluster.cs b/sdk/dotnet/Cluster.cs
@@ -720,6 +720,7 @@ public InputMap<string> Tags
 
         /// <summary>
         /// Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.
+        /// Defaults to true, unless `autoMode` is enabled.
         /// </summary>
         [Input("useDefaultVpcCni")]
         public bool? UseDefaultVpcCni { get; set; }

diff --git a/sdk/dotnet/Inputs/AutoModeOptionsArgs.cs b/sdk/dotnet/Inputs/AutoModeOptionsArgs.cs
@@ -31,6 +31,7 @@ public sealed class AutoModeOptionsArgs : global::Pulumi.ResourceArgs
 
         /// <summary>
         /// Whether to enable EKS Auto Mode. If enabled, EKS will manage node pools, EBS volumes and Load Balancers for you.
+        /// When enabled, the vpc-cni and kube-proxy will not be enabled by default because EKS Auto Mode includes pod networking capabilities.
         /// </summary>
         [Input("enabled", required: true)]
         public bool Enabled { get; set; }

diff --git a/sdk/dotnet/Inputs/KubeProxyAddonOptionsArgs.cs b/sdk/dotnet/Inputs/KubeProxyAddonOptionsArgs.cs
@@ -25,7 +25,7 @@ public InputMap<object> ConfigurationValues
         }
 
         /// <summary>
-        /// Whether or not to create the `kube-proxy` Addon in the cluster
+        /// Whether or not to create the `kube-proxy` Addon in the cluster. Defaults to true, unless `autoMode` is enabled.
         /// </summary>
         [Input("enabled")]
         public bool? Enabled { get; set; }
@@ -50,7 +50,6 @@ public InputMap<object> ConfigurationValues
 
         public KubeProxyAddonOptionsArgs()
         {
-            Enabled = true;
             ResolveConflictsOnCreate = Pulumi.Eks.ResolveConflictsOnCreate.Overwrite;
             ResolveConflictsOnUpdate = Pulumi.Eks.ResolveConflictsOnUpdate.Overwrite;
         }

diff --git a/sdk/go/eks/cluster.go b/sdk/go/eks/cluster.go
diff --git a/sdk/go/eks/pulumiTypes.go b/sdk/go/eks/pulumiTypes.go
diff --git a/sdk/java/src/main/java/com/pulumi/eks/ClusterArgs.java b/sdk/java/src/main/java/com/pulumi/eks/ClusterArgs.java
@@ -1047,13 +1047,15 @@ public Optional<Output<Map<String,String>>> tags() {
 
     /**
      * Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.
+     * Defaults to true, unless `autoMode` is enabled.
      * 
      */
     @Import(name="useDefaultVpcCni")
     private @Nullable Boolean useDefaultVpcCni;
 
     /**
      * @return Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.
+     * Defaults to true, unless `autoMode` is enabled.
      * 
      */
     public Optional<Boolean> useDefaultVpcCni() {
@@ -2520,6 +2522,7 @@ public Builder tags(Map<String,String> tags) {
 
         /**
          * @param useDefaultVpcCni Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.
+         * Defaults to true, unless `autoMode` is enabled.
          * 
          * @return builder
          * 

diff --git a/sdk/java/src/main/java/com/pulumi/eks/inputs/AutoModeOptionsArgs.java b/sdk/java/src/main/java/com/pulumi/eks/inputs/AutoModeOptionsArgs.java
@@ -56,13 +56,15 @@ public Optional<Boolean> createNodeRole() {
 
     /**
      * Whether to enable EKS Auto Mode. If enabled, EKS will manage node pools, EBS volumes and Load Balancers for you.
+     * When enabled, the vpc-cni and kube-proxy will not be enabled by default because EKS Auto Mode includes pod networking capabilities.
      * 
      */
     @Import(name="enabled", required=true)
     private Boolean enabled;
 
     /**
      * @return Whether to enable EKS Auto Mode. If enabled, EKS will manage node pools, EBS volumes and Load Balancers for you.
+     * When enabled, the vpc-cni and kube-proxy will not be enabled by default because EKS Auto Mode includes pod networking capabilities.
      * 
      */
     public Boolean enabled() {
@@ -129,6 +131,7 @@ public Builder createNodeRole(@Nullable Boolean createNodeRole) {
 
         /**
          * @param enabled Whether to enable EKS Auto Mode. If enabled, EKS will manage node pools, EBS volumes and Load Balancers for you.
+         * When enabled, the vpc-cni and kube-proxy will not be enabled by default because EKS Auto Mode includes pod networking capabilities.
          * 
          * @return builder
          * 

diff --git a/sdk/java/src/main/java/com/pulumi/eks/inputs/KubeProxyAddonOptionsArgs.java b/sdk/java/src/main/java/com/pulumi/eks/inputs/KubeProxyAddonOptionsArgs.java
@@ -37,14 +37,14 @@ public Optional<Output<Map<String,Object>>> configurationValues() {
     }
 
     /**
-     * Whether or not to create the `kube-proxy` Addon in the cluster
+     * Whether or not to create the `kube-proxy` Addon in the cluster. Defaults to true, unless `autoMode` is enabled.
      * 
      */
     @Import(name="enabled")
     private @Nullable Boolean enabled;
 
     /**
-     * @return Whether or not to create the `kube-proxy` Addon in the cluster
+     * @return Whether or not to create the `kube-proxy` Addon in the cluster. Defaults to true, unless `autoMode` is enabled.
      * 
      */
     public Optional<Boolean> enabled() {
@@ -146,7 +146,7 @@ public Builder configurationValues(Map<String,Object> configurationValues) {
         }
 
         /**
-         * @param enabled Whether or not to create the `kube-proxy` Addon in the cluster
+         * @param enabled Whether or not to create the `kube-proxy` Addon in the cluster. Defaults to true, unless `autoMode` is enabled.
          * 
          * @return builder
          * 
@@ -200,7 +200,6 @@ public Builder version(String version) {
         }
 
         public KubeProxyAddonOptionsArgs build() {
-            $.enabled = Codegen.booleanProp("enabled").arg($.enabled).def(true).getNullable();
             $.resolveConflictsOnCreate = Codegen.objectProp("resolveConflictsOnCreate", ResolveConflictsOnCreate.class).arg($.resolveConflictsOnCreate).def(ResolveConflictsOnCreate.Overwrite).getNullable();
             $.resolveConflictsOnUpdate = Codegen.objectProp("resolveConflictsOnUpdate", ResolveConflictsOnUpdate.class).arg($.resolveConflictsOnUpdate).def(ResolveConflictsOnUpdate.Overwrite).getNullable();
             return $;

diff --git a/sdk/nodejs/cluster.ts b/sdk/nodejs/cluster.ts
@@ -596,6 +596,7 @@ export interface ClusterArgs {
     tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
     /**
      * Use the default VPC CNI instead of creating a custom one. Should not be used in conjunction with `vpcCniOptions`.
+     * Defaults to true, unless `autoMode` is enabled.
      */
     useDefaultVpcCni?: boolean;
     /**