Cannot upgrade EKS

Question

Hi,

I have a EKS cluster with version 1.16 and try to update to 1.17 but failed with the following error due to missing default security group (deleted)

2021-11-13 09:19:19 [ℹ] will upgrade cluster "xxx" control plane from current version "1.16" to "1.17"
Error: InvalidRequestException: The security group 'sg-0fdxxx' does not exist (Service: AmazonEC2; Status Code: 400; Error Code: InvalidGroup.NotFound; Request ID: xxx-xxx-xxx-xxx-xxx; Proxy: null)

There seems to be no other way to update it so I wait for the force updating from AWS when it comes to the end of support date. However, nothing has happened. So I would like to ask is there anyway to restore the old security group or remove the default one in the current cluster to allow updating or not

Thanks

Answer

If this was the control plane security group, I don't believe you can modify this and you won't be able to re-create the security group ID. Your best option at this point is to rebuild the cluster. 
Please also see: https://github.com/aws/containers-roadmap/issues/738

Answer

Yes, I saw that issue long time ago. However, my cluster here is production one and it will take more effort to rebuild and migrate all the things there.
I'm also wondering why the force update does not happen. At least, I can try to schedule downtime for this

Cannot upgrade EKS

관련 콘텐츠