eksctl
eksctl copied to clipboard
eksctl-io
[Bug] Error : 1 error(s) occurred and cluster hasn't been created properly, you may wish to check CloudFormation console
What were you trying to accomplish?
Creating EKS Outpost local private cluster
What happened?
EKS Outpost local private cluster was successfully created, no error in CFN however eksctl fails with following error :
2023-05-19 01:28:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:28:14 [▶] processing stack outputs
2023-05-19 01:28:14 [▶] completed task: create cluster control plane "mycluster-localv3"
2023-05-19 01:28:14 [▶] started task: wait for control plane to become ready
2023-05-19 01:28:14 [▶] started task: wait for control plane to become ready
2023-05-19 01:28:14 [▶] started task: wait for control plane to become ready
2023-05-19 01:28:15 [▶] failed task: wait for control plane to become ready (will not run other sequential tasks)
2023-05-19 01:28:15 [▶] failed task: wait for control plane to become ready (will not run other sequential tasks)
2023-05-19 01:28:15 [▶] failed task: wait for control plane to become ready (will not run other sequential tasks)
2023-05-19 01:28:15 [!] 1 error(s) occurred and cluster hasn't been created properly, you may wish to check CloudFormation console
2023-05-19 01:28:15 [ℹ] to cleanup resources, run 'eksctl delete cluster --region=us-east-1 --name=mycluster-localv3'
2023-05-19 01:28:15 [✖] error creating Clientset: getting list of API resources for raw REST client: Unauthorized
Error: failed to create cluster "mycluster-localv3"
How to reproduce it?
#Outpost-local-cluster.yaml
apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
name: mycluster-localv3
region: us-east-1
version: "1.26"
iam:
serviceRoleARN: arn:aws:iam::12345678901:role/eks-outpost-local-cluster-ServiceRole
vpc:
# manageSharedNodeSecurityGroupRules: false #Automatically add security group rules to and from the default cluster security group and the shared node security group.
securityGroup: "sg-1234567890129123" #outpost-local-eks-cluster-sg
sharedNodeSecurityGroup: "sg-2270e6ce789012123" #outpost-local-eks-node-sg
clusterEndpoints:
privateAccess: true
id: "vpc-01d9f7a247e61c123"
subnets:
private:
outpost-subnet-1:
id: "subnet-0874b9eeff669c123"
outpost:
controlPlaneOutpostARN: arn:aws:outposts:us-east-1:12345678901:outpost/op-12345678901291234
controlPlaneInstanceType: m5.2xlarge
Logs
eksctl create cluster -d -v 5 -f Outpost-local-cluster.yaml
2023-05-19 01:17:12 [▶] role ARN for the current session is "arn:aws:iam::12345678901:user/mycluster"
2023-05-19 01:17:12 [ℹ] eksctl version 0.140.0
2023-05-19 01:17:12 [ℹ] using region us-east-1
2023-05-19 01:17:12 [!] security group rules may be added by eksctl; see vpc.manageSharedNodeSecurityGroupRules to disable this behavior
2023-05-19 01:17:13 [✔] using existing VPC (vpc-01d9f7a247e61c123) and subnets (private:map[outpost-subnet-1:{subnet-0874b9eeff669c097 us-east-1d 10.10.0.0/19 0 }] public:map[])
2023-05-19 01:17:13 [!] custom VPC/subnets will be used; if resulting cluster doesn't function as expected, make sure to review the configuration of VPC/subnets
2023-05-19 01:17:13 [ℹ] using Kubernetes version 1.26
2023-05-19 01:17:13 [ℹ] creating EKS cluster "mycluster-localv3" in "us-east-1" region with
2023-05-19 01:17:13 [▶] cfg.json = \
{
"kind": "ClusterConfig",
"apiVersion": "eksctl.io/v1alpha5",
"metadata": {
"name": "mycluster-localv3",
"region": "us-east-1",
"version": "1.26"
},
"iam": {
"serviceRoleARN": "arn:aws:iam::12345678901:role/eks-outpost-local-cluster-ServiceRole",
"withOIDC": false,
"vpcResourceControllerPolicy": true
},
"vpc": {
"id": "vpc-01d9f7a247e61c123",
"cidr": "10.10.0.0/16",
"securityGroup": "sg-04f5e2f0a73d29123",
"subnets": {
"private": {
"outpost-subnet-1": {
"id": "subnet-0874b9eeff669123",
"az": "us-east-1d",
"cidr": "10.10.0.0/19"
}
}
},
"sharedNodeSecurityGroup": "sg-089740d3f2270e123",
"manageSharedNodeSecurityGroupRules": true,
"nat": {
"gateway": "Single"
},
"clusterEndpoints": {
"privateAccess": true,
"publicAccess": false
}
},
"privateCluster": {
"enabled": false,
"skipEndpointCreation": false
},
"availabilityZones": [
"us-east-1d"
],
"outpost": {
"controlPlaneOutpostARN": "arn:aws:outposts:us-east-1:12345678901:outpost/op-0c067488d8261234",
"controlPlaneInstanceType": "m5.2xlarge"
}
}
2023-05-19 01:17:13 [ℹ] will create a CloudFormation stack for cluster itself and 0 nodegroup stack(s)
2023-05-19 01:17:13 [ℹ] will create a CloudFormation stack for cluster itself and 0 managed nodegroup stack(s)
2023-05-19 01:17:13 [ℹ] if you encounter any issues, check CloudFormation console or try 'eksctl utils describe-stacks --region=us-east-1 --cluster=mycluster-localv3'
2023-05-19 01:17:13 [ℹ] Kubernetes API endpoint access will use provided values {publicAccess=false, privateAccess=true} for cluster "mycluster-localv3" in "us-east-1"
2023-05-19 01:17:13 [ℹ] CloudWatch logging will not be enabled for cluster "mycluster-localv3" in "us-east-1"
2023-05-19 01:17:13 [ℹ] you can enable it with 'eksctl utils update-cluster-logging --enable-types={SPECIFY-YOUR-LOG-TYPES-HERE (e.g. all)} --region=us-east-1 --cluster=mycluster-localv3'
2023-05-19 01:17:13 [ℹ]
2 sequential tasks: { create cluster control plane "mycluster-localv3", wait for control plane to become ready
}
2023-05-19 01:17:13 [▶] started task: create cluster control plane "mycluster-localv3"
2023-05-19 01:17:13 [ℹ] building cluster stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:17:13 [▶] CreateStackInput = &cloudformation.CreateStackInput{StackName:(*string)(0xc000beba90), Capabilities:[]types.Capability(nil), ClientRequestToken:(*string)(nil), DisableRollback:(*bool)(0xc000d605a0), EnableTerminationProtection:(*bool)(nil), NotificationARNs:[]string(nil), OnFailure:"", Parameters:[]types.Parameter(nil), ResourceTypes:[]string(nil), RoleARN:(*string)(nil), RollbackConfiguration:(*types.RollbackConfiguration)(nil), StackPolicyBody:(*string)(nil), StackPolicyURL:(*string)(nil), Tags:[]types.Tag{types.Tag{Key:(*string)(0xc000dd2290), Value:(*string)(0xc000dd22a0), noSmithyDocumentSerde:document.NoSerde{}}, types.Tag{Key:(*string)(0xc000dd22b0), Value:(*string)(0xc000dd22c0), noSmithyDocumentSerde:document.NoSerde{}}, types.Tag{Key:(*string)(0xc000dd22d0), Value:(*string)(0xc000dd22e0), noSmithyDocumentSerde:document.NoSerde{}}, types.Tag{Key:(*string)(0xc000d5a9d0), Value:(*string)(0xc000d5a9e0), noSmithyDocumentSerde:document.NoSerde{}}}, TemplateBody:(*string)(0xc000d5a9f0), TemplateURL:(*string)(nil), TimeoutInMinutes:(*int32)(nil), noSmithyDocumentSerde:document.NoSerde{}}
2023-05-19 01:17:13 [ℹ] deploying stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:17:43 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:18:13 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:19:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:20:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:21:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:22:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:23:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:24:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:25:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:26:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:27:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:28:14 [ℹ] waiting for CloudFormation stack "eksctl-mycluster-localv3-cluster"
2023-05-19 01:28:14 [▶] processing stack outputs
2023-05-19 01:28:14 [▶] completed task: create cluster control plane "mycluster-localv3"
2023-05-19 01:28:14 [▶] started task: wait for control plane to become ready
2023-05-19 01:28:14 [▶] started task: wait for control plane to become ready
2023-05-19 01:28:14 [▶] started task: wait for control plane to become ready
2023-05-19 01:28:15 [▶] failed task: wait for control plane to become ready (will not run other sequential tasks)
2023-05-19 01:28:15 [▶] failed task: wait for control plane to become ready (will not run other sequential tasks)
2023-05-19 01:28:15 [▶] failed task: wait for control plane to become ready (will not run other sequential tasks)
2023-05-19 01:28:15 [!] 1 error(s) occurred and cluster hasn't been created properly, you may wish to check CloudFormation console
2023-05-19 01:28:15 [ℹ] to cleanup resources, run 'eksctl delete cluster --region=us-east-1 --name=mycluster-localv3'
2023-05-19 01:28:15 [✖] error creating Clientset: getting list of API resources for raw REST client: Unauthorized
Error: failed to create cluster "mycluster-localv3"
Anything else we need to know?
Versions
eksctl info
eksctl version: 0.140.0
kubectl version: v1.26.2-eks-a59e1f0
OS: linux
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.