-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Failed to provision cluster with only private endpoint enabled #1134
Comments
@rquitales Were you able to repro the issue? What is your feedback on it? |
This issue was created alongside #1133 and relates to accessing the cluster's API Server to perform on-cluster actions. As the cluster does not have a public endpoint, our provider will be unable to perform these actions. This could potentially be resolved with: #1027 as this will defer the auth setup to be handled by AWS. |
Thank you. What is this issue (1134) tracking then? |
1133 tracks disabling the health checking. This issue (1134) tracks the AWS auth related configmap updates required on cluster. As the cluster is private, we can't update the configmap currently. |
I just wanted to point to this issue as well #1191. would be great if they can all be fixed together. I think just respecting the proxy config should do the trick for the time being |
Depends on how do you plan to provision the cluster once created. Respecting proxy config does not fix the issue fully since Pulumi up will still fail with unreachable API if you do not provide any proxy URL. In theory, I would expect,
|
Hi, Is there an update on that? As I'm using a bastion to proxy to provision the cluster in GO |
@Sindvero, you could start using We're actively working to reduce the reliance on cluster connectivity. We're addressing #1191 in EKS v3 and will switch the VPC CNI to use EKS addons instead. The underlying problem of this issue can now be worked around with |
What happened?
When creating a
eks.Cluster
with only private endpoint enabled, aws-auth resource fails to be created and results in resource creation failWhat happened
Pulumi fails with,
Expected to happen
Pulumi shold not create the config map resource, in case of only private API endpoint enabled.
Example
Create a cluster with following params,
Output of
pulumi about
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
The text was updated successfully, but these errors were encountered: