Auto rotate managed node groups by setting node group name

[splieth]

When creating managed node groups, the name is auto generated. This doesn't change once the node group is created. Apparently, this also means that a terraform apply doesn't rotate the EC2 instances, leaving patch management up to the user.
This could be changed if there was a way to set the name manually.

Hence what I'd like to see is the possibility of setting a name for the node groups, like this:

  node_groups = {
    some_group = {
      name = "some_group-12345"
      desired_capacity = 2
      max_capacity = 3
      min_capacity = 1
      subnets = data.aws_subnet_ids.some.ids
      instance_type = "m5.large"
    }
  }

If node_group_name inside the (sub) module would be determined like this:

node_group_name = lookup(each.value, "name", "") != "" ? each.value["name"] : join("-", [var.cluster_name, each.key, random_pet.node_groups[each.key].id])

one could choose between having an auto generated name or setting it manually – and therefore being able to rotate all nodes by just doing a terraform apply.

Open for a PR?

[wwentland]

It would be great if we could explicitly specify MNG names.

[splieth]

@max-rocket-internet any feedback on this?

[barryib]

Is using the node group key is ok for you ?

node_groups = {
    some_group-12345 = {
      desired_capacity = 2
      max_capacity = 3
      min_capacity = 1
      subnets = data.aws_subnet_ids.some.ids
      instance_type = "m5.large"
    }
  }

Actually the map key and cluster name are used to build the MNG name prefix.

[splieth]

Apparently not since this produces a different behavior. An example: a cluster with 3 nodes and 3 Pods with a pod disruption budget that targets 2/3 of the pods up and running.
Using your suggestion, a second node group would be created parallel to deleting the old one. The node deletion process would start immediately which would leave the fresh pod that spawns after that pending until the new node comes up.
My suggestion would lead to a different flow: first, the new nodes would be created and once that is done, draining & terminating the old ones will start.

My concern with the first approach is that in high load situations, I would be forced to provision a larger replica set since a pod can be pending for a couple of minutes.

[splieth]

@barryib any feedback on this? I would like to open a PR for that in case there is a chance that it gets merged :)

[max-rocket-internet]

If we can't set the MNG names now, sure open a PR for that.

But I don't really undestand how an autogenerated name or being able to specify a name affects your process? Either way, there a name and you can create and remove the groups as you wish?

[max-rocket-internet]

one could choose between having an auto generated name or setting it manually – and therefore being able to rotate all nodes by just doing a terraform apply.

I think my lack of experience with MNGs here is show. If you want to create a PR, go for it 😃

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.