Questions tagged with Amazon Elastic Kubernetes Service
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized ERROR
Hi, I have this error when I am creating EKS 1.21 cluster via console: Container runtime network not ready: NetworkReady=false reason:NetworkPluginNotReady message:docker: network plugin is not ready: cni config uninitialized ERROR
How to pass environment variables to CNI Addon?
- We use Terraform to automate the creation of our EKS Clusters. - We use the CNI `aws_eks_addon` to setup CNI on our EKS Nodes. - We need to configure various environment variables on the CNI Node (ex. `WARM_IP_TARGET`). - We strive to avoid null resources, and are looking for a way to configure these variables directly via the AWS Addon. - What is the best way to set these environment variables as part of our Terraform Configuration? Would you consider extending the Addon API endpoint to allow customization of these variables?
aws-node Daemonset (AWS EKS v1.21) with strange readiness timeoutSeconds
We have here 2 EKS clusters and both sometimes appear in events, readiness Probe failure, from any aws-node Pod. Looking for the Daemonset manifest we have: ``` livenessProbe: exec: command: - /app/grpc-health-probe - '-addr=:50051' - '-connect-timeout=2s' - '-rpc-timeout=2s' initialDelaySeconds: 60 timeoutSeconds: 5 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 readinessProbe: exec: command: - /app/grpc-health-probe - '-addr=:50051' - '-connect-timeout=2s' - '-rpc-timeout=2s' initialDelaySeconds: 1 timeoutSeconds: 1 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 ``` how can you see the livenessProbe exec command it has 2 timeouts, one for connection and the other for rpc, and the probe timeoutSeconds is 5 (easialy would be the amount value of exec commands plus 1 second). Now looking for readinessProbe we have the same exec command from livenessProbe but the timeoutSeconds is only 1 second. If you check in the EKS Services probably will not find a service linked with these Pods. So it does not affect any service. Anyway are error messages that could be out from our logs, that don´t make sense, for now, to have. I guess a simple fix in readiness timeoutSeconds to 5 (like liveness) in this Deamonset would be enough. Did anyone have this problem or think of resolving it in this way?
Rancher - Unable to import clusters
I have installed rancher with helm chart approach on EKS cluster using this link. https://rancher.com/docs/rancher/v2.6/en/installation/install-rancher-on-k8s/#install-the-rancher-helm-chart with Rancher Generated TLS Certificate and manually had to edit Ingress to add IngressClass:nginx. As a pre-req, I also deployed ingress controller using Step 5, https://rancher.com/docs/rancher/v2.6/en/installation/resources/k8s-tutorials/amazon-eks/. I did not setup route53 , but using LoadBalancer Domain as is to login to rancher. Am able to login rancher, but unable to create/import existing clusters. Goes into provision mode and on Condition tabs shows "But get message <[Disconnected] Cluster agent is not connected", "Waiting For API to be available", " [Error] Error while applying agent YAML, it will be retried automatically: exit status 1, Unable to connect to the server: remote error: tls: internal error"
AWS architecture for Low latency trading system
What architecture would one use to design a low latency trading application? w.r.t: Compute: Serverless vs EC2/ Fargate vs EKS (on EC2 or Fargate) wr.t. DB/ Caching/ Streams/ Global Accelators/Local zones. Pointers to any case studies I can reference or does someone have experience with developing a low latency trading system? Thanks!
EKS pod sometimes success connect to RDS cluster, but sometimes failed. How can I fix it?
Hi, I register an issue to https://github.com/aws/amazon-vpc-cni-k8s/issues/2046 . So I wrote this support case. (the issue text: What happened: eks cluster and rds (mysql) cluster are in same vpc. I added my eks security group(eks-cluster-sg-MYCLUSTERNAME-*) to rds security group's inbound rule (port 3306) I found rds connection sometimes succeed but sometimes failed. (it is timeout error) I set timeout seconds to 300s, so I think it's not matter. It has some weird pattern. When connection success, it tooks < 1 sec or it tooks more than 2 minutes. (very fast or long) I tested in local, there is no problem (connection tooks < 1sec). but same code in pod shows above things. I don't know why connection sometimes success, sometimes failed. how to fix it? any ideas? thank you. Environment: Kubernetes version (use kubectl version): 1.22.0 CNI Version ) My problem happens when my EKS pods trying connect to RDS cluster. I think it is EKS network problem. because it happens only in EKS pod. Local connection test (my pc to RDS DB) always success. And our service using RDS didn't have any issue. Can I solve this? thank you. (I tried create VPC flow logs, but cloudwatch log group store nothing :( )
Looking for an ecs/eks fargate + cloudwatch + sqs example
Hello all, I'm looking for a complete working example for ecs/eks fargate + cloudwatch + sqs architecture (see Fig 5) that is described in this article - https://aws.amazon.com/blogs/architecture/rate-limiting-strategies-for-serverless-applications/ Any pointers is very much appreciated.
coredns remains Degraded after EKS cluster creation
Hi there, We managed to create a EKS cluster and add managed node group into it to house our containerized applications for a new project. Here are the steps we took: 1. Create a VPC and public subnets with CloudFormation console according to the steps in https://docs.aws.amazon.com/eks/latest/userguide/creating-a-vpc.html 2. Create EKS cluster with EKS console 3. Add-ons tab of newly created EKS cluster always show below exception in coredns Status: Degraded Version: v1.8.7-eksbuild.1 This coredns issue could hinder launching new managed nodes into the cluster in remaining cluster setup process. Any idea? Thanks.
EKS Cluster was create Security Group and don't cleanup this SG after destroy
About two weeks ago we found that CFN manifest after delete can not removed VPC. I've checked that and it turned out that the EKS cluster don't removed Security Group which self created. Security group has naming "eks-cluster-sg-EKS-*" with description "EKS created security group applied to ENI that is attached to EKS Control Plane master nodes, as well as any managed workloads." How I can fix that? For reproduce that you need to deploy VPC with EKS by CFN or using AWS QSS solution. Thanks
How to get node information using sdk
https://docs.aws.amazon.com/sdk-for-go/api/service/eks/ i 'd like to get node instance information. but I cannot find any. eks has only nodegroup information, not node. how to get instance id of node or instance information? not kubectl, not eksctl. I want to use golang api
How to remove a specific node from EKS node group (none managed eksctl)
I have a small EKS cluster created by eksctl. It consists of 2 node groups (none managed). The first group runs the management app and currently consists of a single node, the second group runs the "worker" pods and has 3 nodes. I have received an event notification that the EC2 machine that is the single node in the management nodegroup is scheduled to be shutdown due to maintenance. My plan is to scale the group to 2 nodes and then use `kubectl drain` to evict the running application so it will move to the new node. All good so far. My question is how to then remove the original node before EC2 shuts it down (and presumably starts a replacement)? Is there a way to specify a specific node when scaling the group back down to a single node with eksctl? Or will it be smart enough to pick the node that is already drained/cordoned?