Skip to content

Z4ck404/terraform-aws-eks-ebs-csi-driver

BranchesTags

Repository files navigation

add-ebs-csi-driver-to-eks

Create the IAM resources for the EBS CSI Driver and install the add-on on an existing EKS cluster.

Usage

  • version 0.0.x

    module "eks-ebs-csi-driver" {
  source           = "Z4ck404/eks-ebs-csi-driver/aws"
  version          = "0.0.6"

  aws_profile      = "zack-aws-profile"
  aws_region       = "us-west-1"
  eks_cluster_name = "zack-eks"
}

  • version 0.1.x

    module "eks-ebs-csi-driver" {
  source           = "Z4ck404/eks-ebs-csi-driver/aws"

  aws_profile      = "zack-aws-profile"
  aws_region       = "us-west-1"
  eks_cluster_name = "zack-eks"

+ install_vpc_cni_addon = true
}

    The module will also install the aws_vpc_cni add on if the variables install_vpc_cni_addon is set to true (defaults to false).

Examples:

You can find examples in /examples. The example /examples/default-with-k8s-resources creates a pvc and a pod to test if the csi in installed and working properly.

Troubleshooting:

1. I applied the terraform, everything seems to be created and installed correctly but the csi driver still throws an unauthorized error, why ?

A: It could be because of an explicit deny tp create EBS volumes in a CSP policy, make sure to check that.

2. I applied the terraform, everything seems to be created and installed correctly but driver fails to provision the volume and throws an error of type Parameters on this idempotent request are inconsistent with parameters used in previous request(s)

A: It could be because you enabled automatic automatic encryption of EBS volumes with a specific KMS key that the IAM role the terraform created for the driver doesn't have access to. Make sure to allow the role to use the KMS key used to encrypt EBS volumes. Support for that will be added to this module in the future.

The module:

Requirements

No requirements.

Providers

Name Version
aws 5.17.0

Modules

Name Source Version
ebs_csi_irsa_role terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks 5.17.0
vpc_cni_ipv4_irsa_role terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks 5.17.0

Resources

Name Type
aws_eks_addon.ebs_csi resource
aws_eks_addon.vpc-cni resource
aws_eks_addon_version.ebs_csi data source
aws_eks_addon_version.vpc-cni data source
aws_eks_cluster.this data source
aws_iam_openid_connect_provider.this data source

Inputs

Name Description Type Default Required
aws_profile n/a string "" no
aws_region n/a string n/a yes
eks_cluster_name n/a string n/a yes
install_vpc_cni_addon n/a bool false no

Outputs

No outputs.

About

A terraform module install ebs csi driver on an eks cluster

registry.terraform.io/modules/Z4ck404/eks-ebs-csi-driver/aws/latest

Topics

aws ebs-volumes eks ebs-csi-driver

Resources

Readme

License

Unlicense license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 13

v0.1.5 Latest
Aug 7, 2024
+ 12 releases

Languages