feat: Remove spegel layer configuration

Author: bmagic

cluster_connect.sh.tpl

@@ -69,7 +69,7 @@ resource "aws_iam_instance_profile" "quortex" {
 data "aws_ami" "eks_worker_image" {
   filter {
     name   = "name"
-    values = ["amazon-eks-node-al2023-x86_64-standard-${local.kubernetes_worker_nodes_version}-v*"]
+    values = var.ami_al2023 ? ["amazon-eks-node-al2023-x86_64-standard-${local.kubernetes_worker_nodes_version}-v*"] : ["amazon-eks-node-${local.kubernetes_worker_nodes_version}-v*"]
   }
   most_recent = true
   owners      = ["self", "amazon"]
@@ -91,12 +91,23 @@ resource "aws_launch_template" "quortex_launch_tpl" {
 
   update_default_version = true
 
-  user_data = base64encode(
+  user_data = var.ami_al2023 ? base64encode(
     templatefile(
-      "${path.module}/userdata.sh.tpl",
+      "${path.module}/templates/al2023_user_data.tpl",
+      {
+        cluster_name            = aws_eks_cluster.quortex.name
+        cluster_endpoint        = aws_eks_cluster.quortex.endpoint
+        cluster_auth_base64     = aws_eks_cluster.quortex.certificate_authority[0].data
+        cluster_service_cidr    = aws_eks_cluster.quortex.kubernetes_network_config[0].service_ipv4_cidr
+        discard_unpacked_layers = var.discard_unpacked_layers
+      }
+    )
+    ) : base64encode(
+    templatefile(
+      "${path.module}/templates/al2_user_data.tpl",
       {
         warm_pool = lookup(each.value, "warm_pool_enabled", false)
-        script = templatefile("${path.module}/cluster_connect.sh.tpl",
+        script = templatefile("${path.module}/templates/cluster_connect.sh.tpl",
           {
             cluster_name       = aws_eks_cluster.quortex.name
             base64_cluster_ca  = aws_eks_cluster.quortex.certificate_authority[0].data

node_group_advanced.tf

@@ -0,0 +1,16 @@
+
+---
+apiVersion: node.eks.aws/v1alpha1
+kind: NodeConfig
+spec:
+  cluster:
+    name: ${cluster_name}
+    apiServerEndpoint: ${cluster_endpoint}
+    certificateAuthority: ${cluster_auth_base64}
+    cidr: ${cluster_service_cidr}
+%{ if discard_unpacked_layers == false }
+  containerd:
+    config: |
+      [plugins."io.containerd.grpc.v1.cri".containerd]
+      discard_unpacked_layers = false
+%{ endif }

templates/al2023_user_data.tpl

@@ -0,0 +1,31 @@
+%{ if ami_al2023 == false }
+  %{ if use_max_pods == false }
+  # Calculate max pods
+  KUBELET_CONFIG=/etc/kubernetes/kubelet/kubelet-config.json
+  set +o pipefail
+  CNI_VERSION=$(echo "${cni_version}" | sed 's/^v//')
+  MAX_PODS=$(/etc/eks/max-pods-calculator.sh --instance-type-from-imds \
+  --cni-version $CNI_VERSION \
+  %{ if show_max_allowed } --show-max-allowed%{ endif } \
+  --cni-custom-networking-enabled)
+  set -o pipefail
+  if [[ -n "$MAX_PODS" ]]; then
+    echo "$(jq ".maxPods=$MAX_PODS" $KUBELET_CONFIG)" > $KUBELET_CONFIG
+  else
+    echo "Not able to determine maxPods for instance. Not setting max pods for kubelet"
+  fi
+  %{ endif }
+
+  /etc/eks/bootstrap.sh ${cluster_name} \
+    --use-max-pods ${use_max_pods} \
+    --kubelet-extra-args '--node-labels=${node_labels} --register-with-taints=${node_taints} ${kubelet_extra_args}' \
+    --b64-cluster-ca ${base64_cluster_ca} \
+    --apiserver-endpoint ${api_server_url}
+
+  %{ if discard_unpacked_layers == false  }
+  # Retain unpacked layers. We avoid using the configuration merge capability of containerd due to a known bug.
+  # For more details, refer to: https://github.com/containerd/containerd/issues/5837
+  sed -i '/discard_unpacked_layers = true/s/true/false/' /etc/containerd/config.toml
+  systemctl restart containerd
+  %{ endif }
+%{ endif }

userdata.sh.tpl templates/al2_user_data.tpluserdata.sh.tpl renamed to templates/al2_user_data.tpl

@@ -216,6 +216,12 @@ variable "discard_unpacked_layers" {
   description = "Set to false to keep unpacked layers on the node after the image is pulled. By default, EKS will clean up the unpacked layers to save disk space."
 }
 
+variable "ami_al2023" {
+  description = "Whether to use Amazon Linux 2023 AMI for worker nodes (only applies to advanced_node_groups)."
+  type        = bool
+  default     = false
+}
+
 variable "node_use_max_pods_allowed" {
   type        = bool
   default     = false