EKS Anywhere network create error "System.Read privilege" in vSphere
Getting the below error when provisioning a EKS Anywhere cluster in vSphere. Below error is from a VMware Cloud on AWS SDDC vCenter.
**Error Message: ** error getting network specs for "infrastructure.cluster.x-k8s.io/v1beta1, Kind=VSphereVM eksa-system/eksa-vsphere-conformitron-etcd-j7kp7": unable to create new ethernet card backing info for network "/SDDC-Datacenter/network/eks-workload-network" on "infrastructure.cluster.x-k8s.io/v1beta1, Kind=VSphereVM eksa-system/eksa-vsphere-conformitron-etcd-j7kp7": failed to create EthernetCardBackingInfo for /SDDC-Datacenter/network/eks-workload-network: System.Read privilege required for config.distributedVirtualSwitch
- 최신
- 최다 투표
- 가장 많은 댓글
This fix has been verified to work on VMware Cloud on AWS and may work on vSphere 7.x+ This also has been verified to work on environment where the permissions were set previously and has worked.
Step 1:
- Log into vCenter
- Go to Administration/Global Permissions and select and Delete [DOMAIN/Admin Group] (ex. EC2.INTERNAL/eksa-local-user)
- Waiting about 10-15 seconds for the permission change to take affect
- In Administration/Global Permissions click on Add
- Select Domain > [DOMAIN] (ex. eksa-domain.internal)
- User/Group > [Admin Group] (ex. eksa-local-user
- Role> select CloudAdmin
- Check “Propogate to children”
- Click OK button
- Wait 10-15 seconds before going to next step
Step 2:
- Go to Inventory and then go to Network section/tab
- Expand vcenter-xxxxxxxx/SDDC-Datacenter and select vmc-hostswitch
- Click on Permissions tab
- Click on Add button
- Select Domain > [DOMAIN] (ex. eksa-domain.internal)
- User/Group > [Admin Group] (ex. eksa-local-user)
- Role> select Read-only
- Be sure that “Propogate to children” is unchecked
- Click OK button
Wait 10-15 seconds before trying to provision a new cluster again. Be sure to log off of any active sessions before trying the steps above.
관련 콘텐츠
AWS 공식업데이트됨 일 년 전- AWS 공식업데이트됨 일 년 전
- AWS 공식업데이트됨 일 년 전
