- Newest
- Most votes
- Most comments
Hello,
I could see that you are using eks cluster version 1.23 and vpc-cni version v1.11.2-eksbuild.1.
The vpc-cni version seems to be older version latest available version for eks 1.23 is v1.12.6-eksbuild.1.
The addon_version can be any version, it must match one returned from the following command:
$ aws eks describe-addon-versions --addon-name vpc-cni --kubernetes-version 1.23
Using an older version sometimes can throw this issue.
Delete the upgrading add-on and then update with any of the return version from the above command mentioning the compatible version in your terraform code.
References: https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html https://docs.aws.amazon.com/eks/latest/userguide/managing-add-ons.html https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_addon#addon_version
In my case, I added first node group to my new EKS cluster, and its status was failed. This message appeared in logs. None of the above solved my problem. I was using latest CNI addon. My problem was that I created role for node group. That role had AmazonEKSWorkerNodePolicy and AmazonEC2ContainerRegistryFullReadonlyAccess. But I forgot to add AmazonEKS_CNI_Policy. After adding this policy, my problem solved.
Relevant content
- Accepted Answerasked a month ago
- asked 10 months ago
- asked 2 years ago
AWS OFFICIALUpdated 2 months ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 5 months ago
We have also tried newer versions of the CNI addon:
The same outcome with these version yesterday. Today it seems to be working again, with no changes. What baffles me a bit is that I didn't find any way to troubleshoot this.