Ensure Alibaba Cloud Kubernetes node pools are set to auto repair

Error: Alibaba Cloud Kubernetes node pools are not set to auto repair

Bridgecrew Policy ID: BC_ALI_KUBERNETES_2
Checkov Check ID: CKV_ALI_31
Severity: LOW

Alibaba Cloud Kubernetes node pools are not set to auto repair

Description

By enabling auto repair for Alibaba Cloud Kubernetes node pools, you can help ensure that your node pool is highly available and can automatically recover from failures or disruptions. If a node in the pool fails or becomes unavailable, auto repair can automatically replace the node to restore full functionality to the pool.

Fix - Runtime

Fix - Buildtime

Terraform

resource "alicloud_cs_kubernetes_node_pool" "pass" {
  name           = var.name
  cluster_id     = alicloud_cs_managed_kubernetes.default.0.id
  vswitch_ids    = [alicloud_vswitch.default.id]
  instance_types = [data.alicloud_instance_types.default.instance_types.0.id]

  system_disk_category = "cloud_efficiency"
  system_disk_size     = 40
  key_name             = alicloud_key_pair.default.key_name

  # comment out node_count and specify a new field desired_size
  # node_count = 1

  desired_size = 1

  management {
    auto_repair     = true
    auto_upgrade    = false #default
    surge           = 1
    max_unavailable = 1
  }
}

Updated 12 months ago