If you use Terraform to create AWS infrastructure like VPCs or subnets and then create clusters that use that infrastructure with DKP2.x, you may notice that the items created by your Terraform modules have additional tags added to them by DKP.
For example, DKP 2.x will add the following tags to any externally managed subnets:
konvoy.d2iq.io/cluster-name = <name of cluster>
konvoy.d2iq.io/version = <dkp version>
kubernetes.io/cluster/<cluster-name>="shared"
These tags are used by DKP and the underlying CAPA provider to manage and track these resources.
However, since Terraform did not create these tags, it will remove them when you run Terraform again. Subsequently, DKP will add them back. There is no harm in this 'back and forth' but it can create confusing and noisy Terraform output.
Solution
To avoid this issue, add a lifecycle meta-argument block in your Terraform modules for each external resource you create for use with DKP. For example, if you create aws_subnets using Terraform, add the lifecycle block as show here:
resource "aws_subnet" "example" { # ... lifecycle { ignore_changes = [ # Ignore changes to tags because CAPA in DKP adds additional tags tags, ] } }
After adding this, Terraform will stop trying to remove the DKP tags.