FACT-1485 All external-dns resources deploy with a random suffix so t…

…hat it can be deployed more than once per zone (allows us to utilize annotation filters)

.gitignore

@@ -2,6 +2,7 @@
 *.tfstate*
 *.auto.tfvars
 .terraform
+.terraform.lock.hcl
 .terraform/*
 terraform.tfvars
 terraform.tfvars.example

iam.tf

@@ -12,7 +12,7 @@ data "aws_iam_policy_document" "eks_assume_role" {
 }
 
 resource "aws_iam_role" "external_dns" {
-  name        = "aws-eks-external-dns-viewer-${lower(var.hosted_zone_id)}-${lower(var.k8s_cluster_name)}"
+  name        = local.iam_name
   description = "Permissions required by the Kubernetes AWS EKS External Name controller to do it's job."
   path        = "/"
 
@@ -38,7 +38,7 @@ data "aws_iam_policy_document" "external_dns" {
 }
 
 resource "aws_iam_policy" "external_dns" {
-  name        = "aws-eks-external-dns-viewer-${lower(var.hosted_zone_id)}-${lower(var.k8s_cluster_name)}"
+  name        = local.iam_name
   description = "Allows access to resources needed to run external dns."
   policy      = data.aws_iam_policy_document.external_dns.json
 }

main.tf

@@ -1,27 +1,37 @@
 locals {
   external_dns_docker_image = "k8s.gcr.io/external-dns/external-dns:v${var.external_dns_version}"
   external_dns_version      = var.external_dns_version
+
+  default_name = "aws-eks-istio-external-dns-${lower(var.hosted_zone_id)}-${random_string.suffix.result}"
+
+  iam_name = "eks-external-dns-${lower(var.hosted_zone_id)}-${lower(var.k8s_cluster_name)}-${random_string.suffix.result}"
+}
+
+resource "random_string" "suffix" {
+  length  = 6
+  special = false
+  upper   = false
 }
 
 
 resource "kubernetes_service_account" "this" {
   automount_service_account_token = true
   metadata {
-    name      = "aws-eks-external-dns-${lower(var.hosted_zone_id)}"
+    name      = local.default_name
     namespace = var.k8s_namespace
     labels = {
-      "app.kubernetes.io/name"       = "aws-eks-external-dns-${lower(var.hosted_zone_id)}"
+      "app.kubernetes.io/name"       = local.default_name
       "app.kubernetes.io/managed-by" = "terraform"
     }
   }
 }
 
 resource "kubernetes_cluster_role" "this" {
   metadata {
-    name = "aws-eks-external-dns-${lower(var.hosted_zone_id)}"
+    name = local.default_name
 
     labels = {
-      "app.kubernetes.io/name"       = "aws-eks-external-dns-${lower(var.hosted_zone_id)}"
+      "app.kubernetes.io/name"       = local.default_name
       "app.kubernetes.io/managed-by" = "terraform"
     }
   }
@@ -131,11 +141,11 @@ resource "kubernetes_deployment" "this" {
   depends_on = [kubernetes_cluster_role_binding.this]
 
   metadata {
-    name      = "aws-eks-external-dns-${lower(var.hosted_zone_id)}"
+    name      = local.default_name
     namespace = var.k8s_namespace
 
     labels = {
-      "app.kubernetes.io/name"       = "aws-eks-external-dns-${lower(var.hosted_zone_id)}"
+      "app.kubernetes.io/name"       = local.default_name
       "app.kubernetes.io/version"    = "v${local.external_dns_version}"
       "app.kubernetes.io/managed-by" = "terraform"
     }
@@ -151,7 +161,7 @@ resource "kubernetes_deployment" "this" {
 
     selector {
       match_labels = {
-        "app.kubernetes.io/name" = "aws-eks-external-dns-${lower(var.hosted_zone_id)}"
+        "app.kubernetes.io/name" = local.default_name
       }
     }
 
@@ -163,7 +173,7 @@ resource "kubernetes_deployment" "this" {
       metadata {
         labels = merge(
           {
-            "app.kubernetes.io/name"    = "aws-eks-external-dns-${lower(var.hosted_zone_id)}"
+            "app.kubernetes.io/name"    = local.default_name
             "app.kubernetes.io/version" = local.external_dns_version
           },
           var.k8s_pod_labels
@@ -180,7 +190,7 @@ resource "kubernetes_deployment" "this" {
                   match_expressions {
                     key      = "app.kubernetes.io/name"
                     operator = "In"
-                    values   = ["aws-eks-external-dns-${lower(var.hosted_zone_id)}"]
+                    values   = [local.default_name]
                   }
                 }
                 topology_key = "kubernetes.io/hostname"