By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cannot upgrade EKS

0

Hi,

I have a EKS cluster with version 1.16 and try to update to 1.17 but failed with the following error due to missing default security group (deleted)

2021-11-13 09:19:19 [ℹ] will upgrade cluster "xxx" control plane from current version "1.16" to "1.17" Error: InvalidRequestException: The security group 'sg-0fdxxx' does not exist (Service: AmazonEC2; Status Code: 400; Error Code: InvalidGroup.NotFound; Request ID: xxx-xxx-xxx-xxx-xxx; Proxy: null)

There seems to be no other way to update it so I wait for the force updating from AWS when it comes to the end of support date. However, nothing has happened. So I would like to ask is there anyway to restore the old security group or remove the default one in the current cluster to allow updating or not

Thanks

Topics
ContainersAWS Well-Architected Framework
Tags
Amazon Elastic Kubernetes ServiceSecurity
Language
English
plav
asked 2 years ago299 views
2 Answers
2

If this was the control plane security group, I don't believe you can modify this and you won't be able to re-create the security group ID. Your best option at this point is to rebuild the cluster. Please also see: https://github.com/aws/containers-roadmap/issues/738

profile pictureAWS
EXPERT
Rob_H
answered 2 years ago
0

Yes, I saw that issue long time ago. However, my cluster here is production one and it will take more effort to rebuild and migrate all the things there. I'm also wondering why the force update does not happen. At least, I can try to schedule downtime for this

plav
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content