From a6a79883b7a0e458c72bd3cf30bb483c55fb8018 Mon Sep 17 00:00:00 2001 From: SOPHAL HONG Date: Tue, 15 Feb 2022 06:12:30 +0900 Subject: [PATCH] Fix: Error when creating subnets more than AZ (#8516) --- contrib/terraform/aws/create-infrastructure.tf | 14 +++++--------- contrib/terraform/aws/modules/elb/main.tf | 2 +- contrib/terraform/aws/modules/vpc/main.tf | 8 ++++---- 3 files changed, 10 insertions(+), 14 deletions(-) diff --git a/contrib/terraform/aws/create-infrastructure.tf b/contrib/terraform/aws/create-infrastructure.tf index 29e90eb53..930168ffd 100644 --- a/contrib/terraform/aws/create-infrastructure.tf +++ b/contrib/terraform/aws/create-infrastructure.tf @@ -20,7 +20,7 @@ module "aws-vpc" { aws_cluster_name = var.aws_cluster_name aws_vpc_cidr_block = var.aws_vpc_cidr_block - aws_avail_zones = slice(data.aws_availability_zones.available.names, 0, length(var.aws_cidr_subnets_public) <= length(data.aws_availability_zones.available.names) ? length(var.aws_cidr_subnets_public) : length(data.aws_availability_zones.available.names)) + aws_avail_zones = data.aws_availability_zones.available.names aws_cidr_subnets_private = var.aws_cidr_subnets_private aws_cidr_subnets_public = var.aws_cidr_subnets_public default_tags = var.default_tags @@ -31,7 +31,7 @@ module "aws-elb" { aws_cluster_name = var.aws_cluster_name aws_vpc_id = module.aws-vpc.aws_vpc_id - aws_avail_zones = slice(data.aws_availability_zones.available.names, 0, length(var.aws_cidr_subnets_public) <= length(data.aws_availability_zones.available.names) ? length(var.aws_cidr_subnets_public) : length(data.aws_availability_zones.available.names)) + aws_avail_zones = data.aws_availability_zones.available.names aws_subnet_ids_public = module.aws-vpc.aws_subnet_ids_public aws_elb_api_port = var.aws_elb_api_port k8s_secure_api_port = var.k8s_secure_api_port @@ -54,7 +54,6 @@ resource "aws_instance" "bastion-server" { instance_type = var.aws_bastion_size count = var.aws_bastion_num associate_public_ip_address = true - availability_zone = element(slice(data.aws_availability_zones.available.names, 0, length(var.aws_cidr_subnets_public) <= length(data.aws_availability_zones.available.names) ? length(var.aws_cidr_subnets_public) : length(data.aws_availability_zones.available.names)), count.index) subnet_id = element(module.aws-vpc.aws_subnet_ids_public, count.index) vpc_security_group_ids = module.aws-vpc.aws_security_group @@ -79,8 +78,7 @@ resource "aws_instance" "k8s-master" { count = var.aws_kube_master_num - availability_zone = element(slice(data.aws_availability_zones.available.names, 0, length(var.aws_cidr_subnets_public) <= length(data.aws_availability_zones.available.names) ? length(var.aws_cidr_subnets_public) : length(data.aws_availability_zones.available.names)), count.index) - subnet_id = element(module.aws-vpc.aws_subnet_ids_private, count.index) + subnet_id = element(module.aws-vpc.aws_subnet_ids_private, count.index) vpc_security_group_ids = module.aws-vpc.aws_security_group @@ -110,8 +108,7 @@ resource "aws_instance" "k8s-etcd" { count = var.aws_etcd_num - availability_zone = element(slice(data.aws_availability_zones.available.names, 0, length(var.aws_cidr_subnets_public) <= length(data.aws_availability_zones.available.names) ? length(var.aws_cidr_subnets_public) : length(data.aws_availability_zones.available.names)), count.index) - subnet_id = element(module.aws-vpc.aws_subnet_ids_private, count.index) + subnet_id = element(module.aws-vpc.aws_subnet_ids_private, count.index) vpc_security_group_ids = module.aws-vpc.aws_security_group @@ -134,8 +131,7 @@ resource "aws_instance" "k8s-worker" { count = var.aws_kube_worker_num - availability_zone = element(slice(data.aws_availability_zones.available.names, 0, length(var.aws_cidr_subnets_public) <= length(data.aws_availability_zones.available.names) ? length(var.aws_cidr_subnets_public) : length(data.aws_availability_zones.available.names)), count.index) - subnet_id = element(module.aws-vpc.aws_subnet_ids_private, count.index) + subnet_id = element(module.aws-vpc.aws_subnet_ids_private, count.index) vpc_security_group_ids = module.aws-vpc.aws_security_group diff --git a/contrib/terraform/aws/modules/elb/main.tf b/contrib/terraform/aws/modules/elb/main.tf index 07491162d..0bc589db9 100644 --- a/contrib/terraform/aws/modules/elb/main.tf +++ b/contrib/terraform/aws/modules/elb/main.tf @@ -28,7 +28,7 @@ resource "aws_security_group_rule" "aws-allow-api-egress" { # Create a new AWS ELB for K8S API resource "aws_elb" "aws-elb-api" { name = "kubernetes-elb-${var.aws_cluster_name}" - subnets = var.aws_subnet_ids_public + subnets = length(var.aws_subnet_ids_public) <= length(var.aws_avail_zones) ? var.aws_subnet_ids_public : slice(var.aws_subnet_ids_public, 0, length(var.aws_avail_zones)) security_groups = [aws_security_group.aws-elb.id] listener { diff --git a/contrib/terraform/aws/modules/vpc/main.tf b/contrib/terraform/aws/modules/vpc/main.tf index d86f0c6c7..ef9110fab 100644 --- a/contrib/terraform/aws/modules/vpc/main.tf +++ b/contrib/terraform/aws/modules/vpc/main.tf @@ -25,8 +25,8 @@ resource "aws_internet_gateway" "cluster-vpc-internetgw" { resource "aws_subnet" "cluster-vpc-subnets-public" { vpc_id = aws_vpc.cluster-vpc.id - count = length(var.aws_avail_zones) - availability_zone = element(var.aws_avail_zones, count.index) + count = length(var.aws_cidr_subnets_public) + availability_zone = element(var.aws_avail_zones, count.index % length(var.aws_avail_zones)) cidr_block = element(var.aws_cidr_subnets_public, count.index) tags = merge(var.default_tags, tomap({ @@ -43,8 +43,8 @@ resource "aws_nat_gateway" "cluster-nat-gateway" { resource "aws_subnet" "cluster-vpc-subnets-private" { vpc_id = aws_vpc.cluster-vpc.id - count = length(var.aws_avail_zones) - availability_zone = element(var.aws_avail_zones, count.index) + count = length(var.aws_cidr_subnets_private) + availability_zone = element(var.aws_avail_zones, count.index % length(var.aws_avail_zones)) cidr_block = element(var.aws_cidr_subnets_private, count.index) tags = merge(var.default_tags, tomap({