nodejs: support all EC2 LaunchConfiguration params for EKS cluster no…

…de root volumes

CHANGELOG.md

@@ -1,4 +1,6 @@
 ## Unreleased
+- Add support for all EC2 LaunchConfiguration EBS parameters related to cluster root node volumes
+  [#597](https://github.com/pulumi/pulumi-eks/issues/597)
 - Add support for setting `WARM_PREFIX_TARGET` and `ENABLE_PREFIX_DELEGATION`
   [#618](https://github.com/pulumi/pulumi-eks/pull/618)
 - NodeGroups accept strings as InstanceTypes

nodejs/eks/nodegroup.ts

@@ -99,6 +99,9 @@ export interface NodeGroupBaseOptions {
 
     /**
      * Encrypt the root block device of the nodes in the node group.
+     * 
+     * @deprecated This option has been deprecated for parameter naming coherence.
+     * Use the nodeRootVolumeEncrypted option instead.
      */
     encryptRootBlockDevice?: pulumi.Input<boolean>;
 
@@ -119,6 +122,33 @@ export interface NodeGroupBaseOptions {
      */
     nodeRootVolumeSize?: pulumi.Input<number>;
 
+    /**
+     * Whether to delete a cluster node's root volume on termination. Defaults to true.
+     */
+    nodeRootVolumeDeleteOnTermination?: pulumi.Input<boolean>;
+
+    /**
+     * Whether to encrypt a cluster node's root volume. Defaults to false.
+     */
+    nodeRootVolumeEncrypted?: pulumi.Input<boolean>;
+
+    /**
+     * Provisioned IOPS for a cluster node's root volume.
+     * Only valid for io1 volumes.
+     */
+    nodeRootVolumeIops?: pulumi.Input<number> | undefined;
+
+    /**
+     * Provisioned throughput performance in integer MiB/s for a cluster node's root volume.
+     * Only valid for gp3 volumes.
+     */
+    nodeRootVolumeThroughput?: pulumi.Input<number> | undefined;
+
+    /**
+     * Configured EBS type for a cluster node's root volume. Default is gp2.
+     */
+    nodeRootVolumeType?: "standard" | "gp2" | "gp3" | "st1" | "sc1" | "io1"
+
     /**
      * Extra code to run on node startup. This code will run after the AWS EKS bootstrapping code and before the node
      * signals its readiness to the managing CloudFormation stack. This code must be a typical user data script:
@@ -485,6 +515,28 @@ ${customUserData}
         nodeAssociatePublicIpAddress = args.nodeAssociatePublicIpAddress;
     }
 
+    const numeric = new RegExp('^\d+$');
+
+    if (args.nodeRootVolumeIops && args.nodeRootVolumeType != 'io1') {
+        throw new Error('Cannot create a cluster node root volume of non-io1 type with provisioned IOPS (nodeRootVolumeIops).')
+    }
+
+    if (args.nodeRootVolumeType == 'io1' && args.nodeRootVolumeIops) {
+        if (!numeric.test(args.nodeRootVolumeIops?.toString())) {
+            throw new Error('Cannot create a cluster node root volume of io1 type without provisioned IOPS (nodeRootVolumeIops) as integer value.')
+        }
+    }
+
+    if (args.nodeRootVolumeThroughput && args.nodeRootVolumeType != 'gp3') {
+        throw new Error('Cannot create a cluster node root volume of non-gp3 type with provisioned throughput (nodeRootVolumeThroughput).')
+    }
+
+    if (args.nodeRootVolumeType == 'gp3' && args.nodeRootVolumeThroughput) {
+        if (!numeric.test(args.nodeRootVolumeThroughput?.toString())) {
+            throw new Error('Cannot create a cluster node root volume of gp3 type without provisioned throughput (nodeRootVolumeThroughput) as integer value.')
+        }
+    }
+
     const nodeLaunchConfiguration = new aws.ec2.LaunchConfiguration(`${name}-nodeLaunchConfiguration`, {
         associatePublicIpAddress: nodeAssociatePublicIpAddress,
         imageId: amiId,
@@ -494,10 +546,12 @@ ${customUserData}
         securityGroups: [nodeSecurityGroupId, ...extraNodeSecurityGroupIds],
         spotPrice: args.spotPrice,
         rootBlockDevice: {
-            encrypted: args.encryptRootBlockDevice || args.encryptRootBockDevice,
-            volumeSize: args.nodeRootVolumeSize || 20, // GiB
-            volumeType: "gp2", // default is "standard"
-            deleteOnTermination: true,
+            encrypted: ((args.encryptRootBlockDevice ?? args.encryptRootBockDevice) ?? args.nodeRootVolumeEncrypted) ?? false,
+            volumeSize: args.nodeRootVolumeSize ?? 20, // GiB
+            volumeType: args.nodeRootVolumeType ?? "gp2",
+            iops: args.nodeRootVolumeIops,
+            throughput: args.nodeRootVolumeThroughput,
+            deleteOnTermination: args.nodeRootVolumeDeleteOnTermination ?? true,
         },
         userData: args.nodeUserDataOverride || userdata,
     }, { parent, provider });

provider/cmd/pulumi-gen-eks/main.go

@@ -396,6 +396,30 @@ func generateSchema() schema.PackageSpec {
 					"nodeRootVolumeSize": {
 						TypeSpec:    schema.TypeSpec{Type: "integer"},
 						Description: "The size in GiB of a cluster node's root volume. Defaults to 20.",
+						Default:     20,
+					},
+					"nodeRootVolumeDeleteOnTermination": {
+						TypeSpec:    schema.TypeSpec{Type: "boolean"},
+						Description: "Whether to delete a cluster node's root volume on termination. Defaults to true.",
+						Default:     true,
+					},
+					"nodeRootVolumeEncrypted": {
+						TypeSpec:    schema.TypeSpec{Type: "boolean"},
+						Description: "Whether to encrypt a cluster node's root volume. Defaults to false.",
+						Default:     false,
+					},
+					"nodeRootVolumeIops": {
+						TypeSpec:    schema.TypeSpec{Type: "integer"},
+						Description: "Provisioned IOPS for a cluster node's root volume. Only valid for io1 volumes.",
+					},
+					"nodeRootVolumeThroughput": {
+						TypeSpec:    schema.TypeSpec{Type: "integer"},
+						Description: "Provisioned throughput performance in integer MiB/s for a cluster node's root volume. Only valid for gp3 volumes.",
+					},
+					"nodeRootVolumeType": {
+						TypeSpec:    schema.TypeSpec{Type: "string"},
+						Description: "Configured EBS type for a cluster node's root volume. Default is gp2.",
+						Default:     "gp2",
 					},
 					"nodeUserData": {
 						TypeSpec: schema.TypeSpec{Type: "string"},
@@ -1498,7 +1522,7 @@ func vpcCniProperties(kubeconfig bool) map[string]schema.PropertySpec {
 				"Ref: https://github.com/aws/amazon-vpc-cni-k8s/blob/master/docs/prefix-and-ip-target.md",
 		},
 		"enablePrefixDelegation": {
-			TypeSpec: schema.TypeSpec{Type: "boolean"},
+			TypeSpec:    schema.TypeSpec{Type: "boolean"},
 			Description: "IPAMD will start allocating (/28) prefixes to the ENIs with ENABLE_PREFIX_DELEGATION set to true.",
 		},
 		"logLevel": {

provider/cmd/pulumi-resource-eks/schema.json

@@ -100,7 +100,31 @@
                 },
                 "nodeRootVolumeSize": {
                     "type": "integer",
-                    "description": "The size in GiB of a cluster node's root volume. Defaults to 20."
+                    "description": "The size in GiB of a cluster node's root volume. Defaults to 20.",
+                    "default": 20
+                },
+                "nodeRootVolumeDeleteOnTermination": {
+                    "type": "boolean",
+                    "description": "Whether to delete a cluster node's root volume on termination. Defaults to true.",
+                    "default": true
+                },
+                "nodeRootVolumeEncrypted": {
+                    "type": "boolean",
+                    "description": "Whether to encrypt a cluster node's root volume. Defaults to false.",
+                    "default": false
+                },
+                "nodeRootVolumeIops": {
+                    "type": "integer",
+                    "description": "Provisioned IOPS for a cluster node's root volume. Only valid for io1 volumes."
+                },
+                "nodeRootVolumeThroughput": {
+                    "type": "integer",
+                    "description": "Provisioned throughput performance in integer MiB/s for a cluster node's root volume. Only valid for gp3 volumes."
+                },
+                "nodeRootVolumeType": {
+                    "type": "string",
+                    "description": "Configured EBS type for a cluster node's root volume. Default is gp2.",
+                    "default": "gp2"
                 },
                 "nodeSecurityGroup": {
                     "$ref": "/aws/v4.15.0/schema.json#/resources/aws:ec2%2FsecurityGroup:SecurityGroup",

sdk/go/eks/cluster.go

@@ -48,6 +48,19 @@ func NewCluster(ctx *pulumi.Context,
 		args = &ClusterArgs{}
 	}
 
+	if args.NodeRootVolumeDeleteOnTermination == nil {
+		args.NodeRootVolumeDeleteOnTermination = pulumi.BoolPtr(true)
+	}
+	if args.NodeRootVolumeEncrypted == nil {
+		args.NodeRootVolumeEncrypted = pulumi.BoolPtr(false)
+	}
+	if args.NodeRootVolumeSize == nil {
+		args.NodeRootVolumeSize = pulumi.IntPtr(20)
+	}
+	if args.NodeRootVolumeType == nil {
+		args.NodeRootVolumeType = pulumi.StringPtr("gp2")
+	}
+
 	var resource Cluster
 	err := ctx.RegisterRemoteComponentResource("eks:index:Cluster", name, args, &resource, opts...)
 	if err != nil {
@@ -153,8 +166,18 @@ type clusterArgs struct {
 	// https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
 	// If not provided, no SSH access is enabled on VMs.
 	NodePublicKey *string `pulumi:"nodePublicKey"`
+	// Whether to delete a cluster node's root volume on termination. Defaults to true.
+	NodeRootVolumeDeleteOnTermination *bool `pulumi:"nodeRootVolumeDeleteOnTermination"`
+	// Whether to encrypt a cluster node's root volume. Defaults to false.
+	NodeRootVolumeEncrypted *bool `pulumi:"nodeRootVolumeEncrypted"`
+	// Provisioned IOPS for a cluster node's root volume. Only valid for io1 volumes.
+	NodeRootVolumeIops *int `pulumi:"nodeRootVolumeIops"`
 	// The size in GiB of a cluster node's root volume. Defaults to 20.
 	NodeRootVolumeSize *int `pulumi:"nodeRootVolumeSize"`
+	// Provisioned throughput performance in integer MiB/s for a cluster node's root volume. Only valid for gp3 volumes.
+	NodeRootVolumeThroughput *int `pulumi:"nodeRootVolumeThroughput"`
+	// Configured EBS type for a cluster node's root volume. Default is gp2.
+	NodeRootVolumeType *string `pulumi:"nodeRootVolumeType"`
 	// The tags to apply to the default `nodeSecurityGroup` created by the cluster.
 	//
 	// Note: The `nodeSecurityGroupTags` option and the node group option `nodeSecurityGroup` are mutually exclusive.
@@ -357,8 +380,18 @@ type ClusterArgs struct {
 	// https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html
 	// If not provided, no SSH access is enabled on VMs.
 	NodePublicKey pulumi.StringPtrInput
+	// Whether to delete a cluster node's root volume on termination. Defaults to true.
+	NodeRootVolumeDeleteOnTermination pulumi.BoolPtrInput
+	// Whether to encrypt a cluster node's root volume. Defaults to false.
+	NodeRootVolumeEncrypted pulumi.BoolPtrInput
+	// Provisioned IOPS for a cluster node's root volume. Only valid for io1 volumes.
+	NodeRootVolumeIops pulumi.IntPtrInput
 	// The size in GiB of a cluster node's root volume. Defaults to 20.
 	NodeRootVolumeSize pulumi.IntPtrInput
+	// Provisioned throughput performance in integer MiB/s for a cluster node's root volume. Only valid for gp3 volumes.
+	NodeRootVolumeThroughput pulumi.IntPtrInput
+	// Configured EBS type for a cluster node's root volume. Default is gp2.
+	NodeRootVolumeType pulumi.StringPtrInput
 	// The tags to apply to the default `nodeSecurityGroup` created by the cluster.
 	//
 	// Note: The `nodeSecurityGroupTags` option and the node group option `nodeSecurityGroup` are mutually exclusive.