Add configuration parameter for nodeadm configuration to node groups (#…

…1340)

This change adds a new input property called `nodeadmExtraConfig` to the
node group components. This property will allow injecting additional
nodeadm sections into the user data.
This can be virtually anything. Some data, a shell script, or additional
nodeadm
[`NodeConfig`](https://awslabs.github.io/amazon-eks-ami/nodeadm/).

The nodeadm user data is a MIME multipart/mixed document. And every
section has string based `content` and a MIME multipart `contentType`.

Right now there's no straight forward way to generate types for the
nodeadm `NodeConfig` because it's not schematized. Work for enhancing
this is tracked here: #1341.

examples/examples_nodejs_test.go

@@ -882,7 +882,7 @@ func TestAccManagedNodeGroupOS(t *testing.T) {
 					info.Outputs["kubeconfig"],
 				)
 
-				assert.NoError(t, utils.ValidateNodePodCapacity(t, info.Outputs["kubeconfig"], 5, 100, "increased-pod-capacity"))
+				assert.NoError(t, utils.ValidateNodePodCapacity(t, info.Outputs["kubeconfig"], 6, 100, "increased-pod-capacity"))
 				assert.NoError(t, utils.ValidateNodeStorage(t, info.Outputs["kubeconfig"], 4, 100*1_000_000_000, "increased-storage-capacity"))
 
 				assert.NoError(t, utils.ValidateNodes(t, info.Outputs["kubeconfig"], func(nodes *corev1.NodeList) {

examples/examples_py_test.go

@@ -159,8 +159,8 @@ func TestAccManagedNodeGroupOSPy(t *testing.T) {
 					info.Outputs["kubeconfig"],
 				)
 
-				// expect 3 nodes with increased pod capacity of 100
-				assert.NoError(t, utils.ValidateNodePodCapacity(t, info.Outputs["kubeconfig"], 3, 100, "increased-pod-capacity"))
+				// expect 4 nodes with increased pod capacity of 100
+				assert.NoError(t, utils.ValidateNodePodCapacity(t, info.Outputs["kubeconfig"], 4, 100, "increased-pod-capacity"))
 			},
 		})
 

examples/tests/managed-ng-os-py/__main__.py

@@ -71,6 +71,27 @@
                                            labels={ "increased-pod-capacity": "true" },
                                            kubelet_extra_args="--max-pods=100")
 
+nodeadm_extra_config = """---
+apiVersion: node.eks.aws/v1alpha1
+kind: NodeConfig
+spec:
+  kubelet:
+    flags:
+      - '--max-pods=100 --node-labels=increased-pod-capacity=true'
+"""
+mng_al2023_arm_nodeadm = eks.ManagedNodeGroup(f'{project_name}-al2023-arm-nodeadm',
+                                           cluster=cluster,
+                                           node_role=role,
+                                           instance_types=["t4g.medium"],
+                                           scaling_config=scaling_config,
+                                           operating_system=eks.OperatingSystem.AL2023,
+                                           nodeadm_extra_options=[
+                                               eks.NodeadmOptionsArgs(
+                                                   content_type="application/node.eks.aws",
+                                                   content=nodeadm_extra_config
+                                                )
+                                           ])
+
 mng_bottlerocket = eks.ManagedNodeGroup(f'{project_name}-bottlerocket',
                                            cluster=cluster,
                                            node_role=role,

examples/tests/managed-ng-os/index.ts

@@ -1,3 +1,4 @@
+
 import * as pulumi from "@pulumi/pulumi";
 import * as aws from "@pulumi/aws";
 import * as awsx from "@pulumi/awsx";
@@ -187,3 +188,21 @@ const managedNodeGroupAL2023CustomUserData = eks.createManagedNodeGroup("al-2023
   userData: customUserData,
   amiId,
 });
+
+const managedNodeGroupAL2023NodeadmExtraOptions = eks.createManagedNodeGroup("al-2023-mng-extra-options", {
+  ...scalingConfig,
+  operatingSystem: eks.OperatingSystem.AL2023,
+  cluster: cluster,
+  instanceTypes: ["t3.medium"],
+  nodeRole: role,
+  nodeadmExtraOptions: [
+    {
+      contentType: "application/node.eks.aws",
+      content: userdata.customFlags(`--max-pods=${increasedPodCapacity} --node-labels=increased-pod-capacity=true`),
+    },
+    {
+      contentType: `text/x-shellscript; charset="us-ascii"`,
+      content: `#!/bin/bash\necho "Hello Pulumi!"`,
+    },
+  ]
+});

examples/tests/managed-ng-os/userdata.ts

@@ -28,7 +28,11 @@ spec:
 --BOUNDARY
 Content-Type: application/node.eks.aws
 
----
+${customFlags(kubeletFlags)}`.apply((ud) => Buffer.from(ud, "utf-8").toString("base64"));
+}
+
+export function customFlags(kubeletFlags: string): string {
+    return `---
 apiVersion: node.eks.aws/v1alpha1
 kind: NodeConfig
 spec:
@@ -37,5 +41,5 @@ spec:
       - '${kubeletFlags}'
 
 --BOUNDARY--
-`.apply((ud) => Buffer.from(ud, "utf-8").toString("base64"));
+`;
 }

nodejs/eks/__snapshots__/userdata.test.ts.snap

@@ -82,6 +82,105 @@ exports[`createUserData linux should return the correct user data for a basic No
 "
 `;
 
+exports[`createUserData nodeadm should allow adding extra nodeadm options for a ManagedNodeGroup 1`] = `
+"MIME-Version: 1.0
+Content-Type: multipart/mixed; boundary="BOUNDARY"
+
+--BOUNDARY
+Content-Type: application/node.eks.aws
+
+---
+apiVersion: node.eks.aws/v1alpha1
+kind: NodeConfig
+spec:
+  cluster:
+    name: example-managed-nodegroups-eksCluster-b27184c
+    apiServerEndpoint: https://CE21F68965F7FB2C00423B4483130C27.gr7.us-west-2.eks.amazonaws.com
+    certificateAuthority: >-
+      LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJQWNzUG82b0t1S293RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TkRBMk1ETXhPVEl3TWpoYUZ3MHpOREEyTURFeE9USTFNamhhTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUURqU0VRWFFkcjhmcDNOc2JYRG5RZTY1VGVGb1RkTUFiSVhzVjJua0t4V3dzdTM3dUJJSDBDSHV4b2gKYU9ZY1IzNmd5OVA2K0ZZSndhc3pyRGMvL0M1dGtsV0JLaGpySkRKbk5mcU0vUVBqOXRoK3dHWE4xeW5zR2VKbQpPVTZ4ek8yd290Uk1aYlBHTmx2UnlQQWtHMFZrM3Z0dEVINU8rcGl1NU44MkFnY3hWOGpWN3M0RHA3Qnd1L0xVCjFPRXRaN0RoVy9vWllPdTltRVJkK29CMkg4OS9ERDhZclBrejlvVlZCOEQycXp2UlRGUEhiR1VwaHNKK1VkZmcKNndhdjQySlRHS1RJRjc1OHRtbWZpL2lyaEJGMUlDcHI4bDJLVG9jNElKMWdVM0loS1lDOStHYlB2Y2VRK2ZwNgpTMlBTZStzVElGS2thY3JtRnNWM0hETEFvenJ6QWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJSZWpnZC84THN3eHpDTVpGQWRsUUdvM1lYdnp6QVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRRGE4TU5VQnNvbQpWYmx2dzRaaTYxaUxFZEVKTkxkMG5TNnIxQTVidjZLZHFjd0VNN0VDVldyTlB3TFVWYklaOTEzeEMxNnN1M2szCnZkTWllWEhkSDNPZTdkTzZ3RXNxbzdyTDdYc0FUblRlZEQ4OFRyVU13TjFVcEY1VHRjMUlRaHVaM1pnUnJmVUUKV09RZnFrcU8waVljNUl0ZUZvV1Q1ZHlseHd0eWpwMDhCZmFNVGZvc2cvYW1BUnhvRnptVGV6dkRSTnlEVllwdwovVWRFR0FmT0lBY3ZJNy9oNmhTay8wMkFTOGRXSm0xZWlMZ3p0czhCUGZJME1KaFFjdjlhL1dZc3I4aDREaTFpCmNsNlhnb0hWZ3VzZ1UwQVQ3SHdqelQ4WFN0N0xzb08rMFlTUTZOck9wZTlwL283N0FwaGFEQ3hIZHhJZlF1LysKRGttNUJhR05VaWFxCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+    cidr: 10.100.0.0/16
+
+--BOUNDARY
+Content-Type: application/node.eks.aws
+
+---
+apiVersion: node.eks.aws/v1alpha1
+kind: NodeConfig
+spec:
+  kubelet:
+    flags:
+      - '--max-pods=500'
+
+--BOUNDARY
+Content-Type: text/x-shellscript; charset="us-ascii"
+
+#!/bin/bash
+echo "Hello, World!"
+--BOUNDARY--
+"
+`;
+
+exports[`createUserData nodeadm should allow adding extra nodeadm options for a NodeGroup 1`] = `
+"MIME-Version: 1.0
+Content-Type: multipart/mixed; boundary="BOUNDARY"
+
+--BOUNDARY
+Content-Type: application/node.eks.aws
+
+---
+apiVersion: node.eks.aws/v1alpha1
+kind: NodeConfig
+spec:
+  cluster:
+    name: example-managed-nodegroups-eksCluster-b27184c
+    apiServerEndpoint: https://CE21F68965F7FB2C00423B4483130C27.gr7.us-west-2.eks.amazonaws.com
+    certificateAuthority: >-
+      LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJQWNzUG82b0t1S293RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TkRBMk1ETXhPVEl3TWpoYUZ3MHpOREEyTURFeE9USTFNamhhTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUURqU0VRWFFkcjhmcDNOc2JYRG5RZTY1VGVGb1RkTUFiSVhzVjJua0t4V3dzdTM3dUJJSDBDSHV4b2gKYU9ZY1IzNmd5OVA2K0ZZSndhc3pyRGMvL0M1dGtsV0JLaGpySkRKbk5mcU0vUVBqOXRoK3dHWE4xeW5zR2VKbQpPVTZ4ek8yd290Uk1aYlBHTmx2UnlQQWtHMFZrM3Z0dEVINU8rcGl1NU44MkFnY3hWOGpWN3M0RHA3Qnd1L0xVCjFPRXRaN0RoVy9vWllPdTltRVJkK29CMkg4OS9ERDhZclBrejlvVlZCOEQycXp2UlRGUEhiR1VwaHNKK1VkZmcKNndhdjQySlRHS1RJRjc1OHRtbWZpL2lyaEJGMUlDcHI4bDJLVG9jNElKMWdVM0loS1lDOStHYlB2Y2VRK2ZwNgpTMlBTZStzVElGS2thY3JtRnNWM0hETEFvenJ6QWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJSZWpnZC84THN3eHpDTVpGQWRsUUdvM1lYdnp6QVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRRGE4TU5VQnNvbQpWYmx2dzRaaTYxaUxFZEVKTkxkMG5TNnIxQTVidjZLZHFjd0VNN0VDVldyTlB3TFVWYklaOTEzeEMxNnN1M2szCnZkTWllWEhkSDNPZTdkTzZ3RXNxbzdyTDdYc0FUblRlZEQ4OFRyVU13TjFVcEY1VHRjMUlRaHVaM1pnUnJmVUUKV09RZnFrcU8waVljNUl0ZUZvV1Q1ZHlseHd0eWpwMDhCZmFNVGZvc2cvYW1BUnhvRnptVGV6dkRSTnlEVllwdwovVWRFR0FmT0lBY3ZJNy9oNmhTay8wMkFTOGRXSm0xZWlMZ3p0czhCUGZJME1KaFFjdjlhL1dZc3I4aDREaTFpCmNsNlhnb0hWZ3VzZ1UwQVQ3SHdqelQ4WFN0N0xzb08rMFlTUTZOck9wZTlwL283N0FwaGFEQ3hIZHhJZlF1LysKRGttNUJhR05VaWFxCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+    cidr: 10.100.0.0/16
+
+--BOUNDARY
+Content-Type: text/x-shellscript; charset="us-ascii"
+
+#!/bin/bash
+echo "Hello, World!"
+--BOUNDARY
+Content-Type: text/x-shellscript; charset="us-ascii"
+
+#!/bin/bash
+
+/opt/aws/bin/cfn-signal --exit-code $? --stack example-cluster-1-98075617 --resource NodeGroup --region us-west-2
+
+--BOUNDARY--
+"
+`;
+
+exports[`createUserData nodeadm should allow adding extra nodeadm options for a NodeGroupV2 1`] = `
+"MIME-Version: 1.0
+Content-Type: multipart/mixed; boundary="BOUNDARY"
+
+--BOUNDARY
+Content-Type: application/node.eks.aws
+
+---
+apiVersion: node.eks.aws/v1alpha1
+kind: NodeConfig
+spec:
+  cluster:
+    name: example-managed-nodegroups-eksCluster-b27184c
+    apiServerEndpoint: https://CE21F68965F7FB2C00423B4483130C27.gr7.us-west-2.eks.amazonaws.com
+    certificateAuthority: >-
+      LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJQWNzUG82b0t1S293RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TkRBMk1ETXhPVEl3TWpoYUZ3MHpOREEyTURFeE9USTFNamhhTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUURqU0VRWFFkcjhmcDNOc2JYRG5RZTY1VGVGb1RkTUFiSVhzVjJua0t4V3dzdTM3dUJJSDBDSHV4b2gKYU9ZY1IzNmd5OVA2K0ZZSndhc3pyRGMvL0M1dGtsV0JLaGpySkRKbk5mcU0vUVBqOXRoK3dHWE4xeW5zR2VKbQpPVTZ4ek8yd290Uk1aYlBHTmx2UnlQQWtHMFZrM3Z0dEVINU8rcGl1NU44MkFnY3hWOGpWN3M0RHA3Qnd1L0xVCjFPRXRaN0RoVy9vWllPdTltRVJkK29CMkg4OS9ERDhZclBrejlvVlZCOEQycXp2UlRGUEhiR1VwaHNKK1VkZmcKNndhdjQySlRHS1RJRjc1OHRtbWZpL2lyaEJGMUlDcHI4bDJLVG9jNElKMWdVM0loS1lDOStHYlB2Y2VRK2ZwNgpTMlBTZStzVElGS2thY3JtRnNWM0hETEFvenJ6QWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJSZWpnZC84THN3eHpDTVpGQWRsUUdvM1lYdnp6QVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRRGE4TU5VQnNvbQpWYmx2dzRaaTYxaUxFZEVKTkxkMG5TNnIxQTVidjZLZHFjd0VNN0VDVldyTlB3TFVWYklaOTEzeEMxNnN1M2szCnZkTWllWEhkSDNPZTdkTzZ3RXNxbzdyTDdYc0FUblRlZEQ4OFRyVU13TjFVcEY1VHRjMUlRaHVaM1pnUnJmVUUKV09RZnFrcU8waVljNUl0ZUZvV1Q1ZHlseHd0eWpwMDhCZmFNVGZvc2cvYW1BUnhvRnptVGV6dkRSTnlEVllwdwovVWRFR0FmT0lBY3ZJNy9oNmhTay8wMkFTOGRXSm0xZWlMZ3p0czhCUGZJME1KaFFjdjlhL1dZc3I4aDREaTFpCmNsNlhnb0hWZ3VzZ1UwQVQ3SHdqelQ4WFN0N0xzb08rMFlTUTZOck9wZTlwL283N0FwaGFEQ3hIZHhJZlF1LysKRGttNUJhR05VaWFxCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+    cidr: 10.100.0.0/16
+
+--BOUNDARY
+Content-Type: text/x-shellscript; charset="us-ascii"
+
+#!/bin/bash
+echo "Hello, World!"
+--BOUNDARY--
+"
+`;
+
 exports[`createUserData nodeadm should return the correct user data for a basic ManagedNodeGroup 1`] = `
 "MIME-Version: 1.0
 Content-Type: multipart/mixed; boundary="BOUNDARY"