By using AWS re:Post, you agree to the Terms of Use

Questions tagged with Security

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Fully private eks cluster

Hi, I have a fully private VPC named HSCN without any internet access containing 2 public and 2 private subnets. This VPC is peered with another VPC let's say internet-vpc. I want to deploy my fully private eks cluster in the private subnet of HSCN-VPC. I have followed the [private cluster requirements](https://docs.aws.amazon.com/eks/latest/userguide/private-clusters.html). I am not deploying any pod so I don't need the repository yet. For the 2nd and 3rd requirement, eksctl takes care of it by itself. The problem is when I deploy the cluster my node instances are failing to join. Secondly, my kubectl and eksctl commands time out. Which means I am not able to get cluster info or any node information. Blow is my cluster config ``` apiVersion: eksctl.io/v1alpha5 kind: ClusterConfig metadata: name: test-cluster region: eu-west-2 version: "1.23" privateCluster: enabled: true additionalEndpointServices: - "autoscaling" vpc: id: vpc-id subnets: private: hscn-1-subnet: id: subnet-id hscn-2-subnet: id: subnet-id managedNodeGroups: - name: serv-test-1 instanceType: m5.xlarge desiredCapacity: 1 volumeType: gp2 volumeSize: 50 privateNetworking: true amiFamily: Ubuntu2004 subnets: - hscn-2-subnet ssh: allow: true labels: role: role tags: nodegroup-role: testing ``` It is clear that my nodes and kubectl commands are not able to communicate to kubernetes api server endpoints. Is there even a way to deploy a cluster in the setup like mentioned above? If yes, then please someone guide me how can I deploy fully functional cluster in this setup? Thanks
2
answers
0
votes
82
views
asked 25 days ago