From 2a226038a545f745b6dcb05e3a85103ff6299a94 Mon Sep 17 00:00:00 2001
From: Sam <sam@braingu.com>
Date: Sat, 13 Feb 2021 13:00:05 -0500
Subject: [PATCH 1/2] feat: add variable for setting the cpu_credits parameter
 in the nodepool launch template

also updates existing README files
---
 README.md                           |  7 +++++--
 main.tf                             |  1 +
 modules/agent-nodepool/README.md    |  7 +++++--
 modules/agent-nodepool/main.tf      |  3 ++-
 modules/agent-nodepool/variables.tf | 11 ++++++++++-
 modules/nodepool/main.tf            |  5 +++++
 modules/nodepool/variables.tf       |  9 +++++++++
 variables.tf                        | 11 ++++++++++-
 8 files changed, 47 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 70d62f4..5dbdbe4 100644
--- a/README.md
+++ b/README.md
@@ -149,14 +149,17 @@ Optional policies have the option of being created by default, but are specified
 | controlplane\_allowed\_cidrs | Server pool security group allowed cidr ranges | `list(string)` | <pre>[<br>  "0.0.0.0/0"<br>]</pre> | no |
 | controlplane\_enable\_cross\_zone\_load\_balancing | Toggle between controlplane cross zone load balancing | `bool` | `true` | no |
 | controlplane\_internal | Toggle between public or private control plane load balancer | `bool` | `true` | no |
+| cpu\_credits | n/a | `string` | `"standard"` | no |
+| download | Toggle best effort download of rke2 dependencies (rke2 and aws cli), if disabled, dependencies are assumed to exist in $PATH | `bool` | `true` | no |
 | enable\_ccm | Toggle enabling the cluster as aws aware, this will ensure the appropriate IAM policies are present | `bool` | `false` | no |
 | iam\_instance\_profile | Server pool IAM Instance Profile, created if left blank | `string` | `""` | no |
 | instance\_type | Server pool instance type | `string` | `"t3a.medium"` | no |
 | post\_userdata | Custom userdata to run immediately after rke2 node attempts to join cluster | `string` | `""` | no |
 | pre\_userdata | Custom userdata to run immediately before rke2 node attempts to join cluster, after required rke2, dependencies are installed | `string` | `""` | no |
 | rke2\_config | Server pool additional configuration passed as rke2 config file, see https://docs.rke2.io/install/install_options/server_config for full list of options | `string` | `""` | no |
-| rke2\_version | Version to use for RKE2 server nodes | `string` | `"v1.18.10+rke2r1"` | no |
+| rke2\_version | Version to use for RKE2 server nodes | `string` | `"v1.19.7+rke2r1"` | no |
 | servers | Number of servers to create | `number` | `1` | no |
+| spot | Toggle spot requests for server pool | `bool` | `false` | no |
 | ssh\_authorized\_keys | Server pool list of public keys to add as authorized ssh keys | `list(string)` | `[]` | no |
 | subnets | List of subnet IDs to create resources in | `list(string)` | n/a | yes |
 | tags | Map of tags to add to all resources created | `map(string)` | `{}` | no |
@@ -172,9 +175,9 @@ Optional policies have the option of being created by default, but are specified
 | iam\_instance\_profile | IAM instance profile attached to server nodes |
 | iam\_role | IAM role of server nodes |
 | iam\_role\_arn | IAM role arn of server nodes |
+| kubeconfig\_path | n/a |
 | server\_nodepool\_arn | n/a |
 | server\_nodepool\_id | n/a |
 | server\_nodepool\_name | n/a |
 | server\_sg | n/a |
 | server\_url | n/a |
-
diff --git a/main.tf b/main.tf
index 46a5666..6b301c5 100644
--- a/main.tf
+++ b/main.tf
@@ -183,6 +183,7 @@ module "servers" {
   vpc_security_group_ids = [aws_security_group.server.id, aws_security_group.cluster.id]
   spot                   = var.spot
   load_balancers         = [module.cp_lb.name]
+  cpu_credits            = var.cpu_credits
 
   # Overrideable variables
   userdata             = data.template_cloudinit_config.this.rendered
diff --git a/modules/agent-nodepool/README.md b/modules/agent-nodepool/README.md
index 35c4745..5ca55d8 100644
--- a/modules/agent-nodepool/README.md
+++ b/modules/agent-nodepool/README.md
@@ -12,6 +12,8 @@
 | asg | Node pool AutoScalingGroup scaling definition | <pre>object({<br>    min     = number<br>    max     = number<br>    desired = number<br>  })</pre> | <pre>{<br>  "desired": 1,<br>  "max": 10,<br>  "min": 1<br>}</pre> | no |
 | block\_device\_mappings | Node pool block device mapping configuration | `map(string)` | <pre>{<br>  "size": 30,<br>  "type": "gp2"<br>}</pre> | no |
 | cluster\_data | Required data relevant to joining an existing rke2 cluster, sourced from main rke2 module, do NOT modify | <pre>object({<br>    name       = string<br>    server_url = string<br>    cluster_sg = string<br>    token = object({<br>      bucket          = string<br>      bucket_arn      = string<br>      object          = string<br>      policy_document = string<br>    })<br>  })</pre> | n/a | yes |
+| cpu\_credits | n/a | `string` | `"standard"` | no |
+| download | Toggle best effort download of rke2 dependencies (rke2 and aws cli), if disabled, dependencies are assumed to exist in $PATH | `bool` | `true` | no |
 | enable\_autoscaler | Toggle configure the nodepool for cluster autoscaler, this will ensure the appropriate IAM policies are present, you are still responsible for ensuring cluster autoscaler is installed | `bool` | `false` | no |
 | enable\_ccm | Toggle enabling the cluster as aws aware, this will ensure the appropriate IAM policies are present | `bool` | `false` | no |
 | iam\_instance\_profile | Node pool IAM Instance Profile, created if node specified | `string` | `""` | no |
@@ -20,7 +22,8 @@
 | post\_userdata | Custom userdata to run immediately after rke2 node attempts to join cluster | `string` | `""` | no |
 | pre\_userdata | Custom userdata to run immediately before rke2 node attempts to join cluster, after required rke2, dependencies are installed | `string` | `""` | no |
 | rke2\_config | Node pool additional configuration passed as rke2 config file, see https://docs.rke2.io/install/install_options/agent_config for full list of options | `string` | `""` | no |
-| rke2\_version | Version to use for RKE2 server nodepool | `string` | `"v1.18.10+rke2r1"` | no |
+| rke2\_version | Version to use for RKE2 server nodepool | `string` | `"v1.19.7+rke2r1"` | no |
+| spot | Toggle spot requests for node pool | `bool` | `false` | no |
 | ssh\_authorized\_keys | Node pool list of public keys to add as authorized ssh keys, not required | `list(string)` | `[]` | no |
 | subnets | List of subnet IDs to create resources in | `list(string)` | n/a | yes |
 | tags | Map of additional tags to add to all resources created | `map(string)` | `{}` | no |
@@ -32,8 +35,8 @@
 |------|-------------|
 | iam\_instance\_profile | IAM instance profile attached to nodes in nodepool |
 | iam\_role | IAM role of node pool |
+| iam\_role\_arn | IAM role arn of node pool |
 | nodepool\_arn | n/a |
 | nodepool\_id | n/a |
 | nodepool\_name | n/a |
 | security\_group | n/a |
-
diff --git a/modules/agent-nodepool/main.tf b/modules/agent-nodepool/main.tf
index 2424770..54a84a6 100644
--- a/modules/agent-nodepool/main.tf
+++ b/modules/agent-nodepool/main.tf
@@ -116,8 +116,9 @@ module "nodepool" {
   iam_instance_profile   = var.iam_instance_profile == "" ? module.iam[0].iam_instance_profile : var.iam_instance_profile
   asg                    = var.asg
   spot                   = var.spot
+  cpu_credits            = var.cpu_credits
 
   tags = merge({
     "Role" = "agent",
   }, local.default_tags, local.ccm_tags, local.autoscaler_tags, var.tags)
-}
\ No newline at end of file
+}
diff --git a/modules/agent-nodepool/variables.tf b/modules/agent-nodepool/variables.tf
index 9a7ea2b..a673dd3 100644
--- a/modules/agent-nodepool/variables.tf
+++ b/modules/agent-nodepool/variables.tf
@@ -134,4 +134,13 @@ variable "post_userdata" {
   description = "Custom userdata to run immediately after rke2 node attempts to join cluster"
   type        = string
   default     = ""
-}
\ No newline at end of file
+}
+
+variable "cpu_credits" {
+  type    = string
+  default = "standard"
+  validation {
+    condition     = contains(["standard", "unlimited"], var.cpu_credits)
+    error_message = "Unsupported CPU Credit option supplied. Can be 'standard', or 'unlimited'."
+  }
+}
diff --git a/modules/nodepool/main.tf b/modules/nodepool/main.tf
index 6d726f0..9db13ba 100644
--- a/modules/nodepool/main.tf
+++ b/modules/nodepool/main.tf
@@ -34,6 +34,11 @@ resource "aws_launch_template" "this" {
   }
 
   tags = merge({}, var.tags)
+
+  credit_specification {
+    cpu_credits = var.cpu_credits
+  }
+
 }
 
 #
diff --git a/modules/nodepool/variables.tf b/modules/nodepool/variables.tf
index c1c7648..1795d94 100644
--- a/modules/nodepool/variables.tf
+++ b/modules/nodepool/variables.tf
@@ -80,3 +80,12 @@ variable "min_elb_capacity" {
   type    = number
   default = null
 }
+
+variable "cpu_credits" {
+  type    = string
+  default = "standard"
+  validation {
+    condition     = contains(["standard", "unlimited"], var.cpu_credits)
+    error_message = "Unsupported CPU Credit option supplied. Can be 'standard', or 'unlimited'."
+  }
+}
diff --git a/variables.tf b/variables.tf
index a3dcf04..598d4e7 100644
--- a/variables.tf
+++ b/variables.tf
@@ -128,4 +128,13 @@ variable "enable_ccm" {
   description = "Toggle enabling the cluster as aws aware, this will ensure the appropriate IAM policies are present"
   type        = bool
   default     = false
-}
\ No newline at end of file
+}
+
+variable "cpu_credits" {
+  type    = string
+  default = "standard"
+  validation {
+    condition     = contains(["standard", "unlimited"], var.cpu_credits)
+    error_message = "Unsupported CPU Credit option supplied. Can be 'standard', or 'unlimited'."
+  }
+}

From 4ef09e5452b9481df84b2d4655cb44f6bdf54f7d Mon Sep 17 00:00:00 2001
From: Sam <sam@braingu.com>
Date: Thu, 1 Apr 2021 12:29:46 -0400
Subject: [PATCH 2/2] style: fix terraform style issue

---
 main.tf                        | 4 ++--
 modules/agent-nodepool/main.tf | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/main.tf b/main.tf
index 1562a49..2af092c 100644
--- a/main.tf
+++ b/main.tf
@@ -175,8 +175,8 @@ resource "aws_iam_role_policy" "put_kubeconfig" {
 # Server Nodepool
 #
 module "servers" {
-  source = "./modules/nodepool"
-  name   = "${local.uname}-server"
+  source                      = "./modules/nodepool"
+  name                        = "${local.uname}-server"
   vpc_id                      = var.vpc_id
   subnets                     = var.subnets
   ami                         = var.ami
diff --git a/modules/agent-nodepool/main.tf b/modules/agent-nodepool/main.tf
index 454305a..253bb5e 100644
--- a/modules/agent-nodepool/main.tf
+++ b/modules/agent-nodepool/main.tf
@@ -106,8 +106,8 @@ data "template_cloudinit_config" "init" {
 # RKE2 Node Pool
 #
 module "nodepool" {
-  source = "../nodepool"
-  name   = "${local.name}-agent"
+  source                      = "../nodepool"
+  name                        = "${local.name}-agent"
   vpc_id                      = var.vpc_id
   subnets                     = var.subnets
   ami                         = var.ami