Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [amazon-eks]

92 questions
0
votes
1 answer

IAM policy for managing EKS pods for users

Does anyone know what resources need to be granted to a user in order to run kubectl commands on an EKS cluster? At the moment, we have a couple of users who are associated with AdministratorAccess (which obviously gives them full access), but I…
Trent
  • 101
  • 1
0
votes
1 answer

Monitoring EKS Kubernetes LoadBalancer service Type

I have created few services in Kubernetes with type: LoadBalancer. Platform: EKS. Is there a way to get number of 4xx or 5xx errors from this LoadBalancer? I have tried the following: Prometheus - Does not seem to be any metric collected for…
ajmal hamza
  • 1
0
votes
1 answer

In EKS resolv.conf inherited from node

I make EKS cluster like this https://learn.hashicorp.com/terraform/aws/eks-intro I use Amazon Linux 7 ( default ami-0ee5ca4231511cafc) After deploying PODs inside file /etc/resolv.conf like on node. On node: options timeout:2 attempts:5 ; generated…
Jeison Mortyre
  • 3
  • 3
0
votes
1 answer

Does AWS EKS 1.27 have Graceful Node Shutdown enabled by default?

I'm not sure if the GracefulNodeShutdown feature gate is enabled in EKS 1.27. I know that for regular vanilla Kubernetes 1.27 is set to true by default GracefulNodeShutdown since 1.21. But I can't find in the AWS documentation what feature gates are…
RubenLaguna
  • 181
  • 1
  • 4
0
votes
0 answers

Assign permission to EKS cluter using IAM groups

Following this tutorial: https://archive.eksworkshop.com/beginner/091_iam-groups/test-cluster-access/ - Which I believe is missing the point it is trying to make, by assuming the role directly at the Test EKS page I've created a role called k8sAdmin…
Aviran
  • 101
  • 3
0
votes
0 answers

Kubernets: what exactly needs to be installed on each server/node and how?

I have coded AWS instances that can serve as nodes where my containers will run. So by default each of these instances have docker installed. This part is working fine. Eventually i would like to have all these containers managed by Kubernetes -…
mike01010
  • 97
0
votes
1 answer

EKS service SSL endpoint

When creating a service using EKS, it is exposed using http through a AWS load balancer. kubectl apply -f service.yaml - Will create a load balancer that's managed by EKS, and can not be modified. any modification, valid or not will be overriden by…
Aviran
  • 101
  • 3
0
votes
0 answers

How to configure the Kubernetes plugin in Jenkins

I have Jenkins Master running on an EC2 in AWS. I then created a pipeline in EKS. Both the Jenkins Master and the pipeline are running in the same VPC. It is from the Jenkins Master that I create the EKS cluster via the CLi. The EKS cluster is…
Systemgeek
  • 1
0
votes
0 answers

SecurityGroupPolicy not applied to DaemonSet

In my EKS cluster, I have a deployment and a daemonset. The following SGP binds my deployment's pods to a couple of SecurityGroups I need: apiVersion: vpcresources.k8s.aws/v1beta1 kind: SecurityGroupPolicy metadata: name: efs-csi-controller …
Fabio B.
  • 299
  • 2
  • 6
  • 17
0
votes
1 answer

AWS EKS Cluster : InvalidParameterException: Unsupported Kubernetes minor version update ,Terraform Gitlab CI

The following errors occur every time I run the pipeline │ Error: error updating EKS Cluster (business-staging) version: InvalidParameterException: Unsupported Kubernetes minor version update from 1.19 to 1.18 │ { │ RespMetadata: { │ …
sam23
  • 49
  • 1
  • 5
0
votes
1 answer

Kubernetes upgrade from 1.21 to 1.22 caused Prometheus to fail

We recently upgraded Kubernetes 1.21 to 1.22 version on aws eks. The upgrade was successful. However, the associated prometheus deployments fails with error $ kubectl -n monitoring logs prometheus-operator-*** W0109 20:31:28.602872 1…
vijaya lakshmi
  • 103
  • 3
0
votes
0 answers

How to create EKS cluster with VPC CNI addon via CloudFormation?

I create a EKS cluster (1.24) via cloudformation, it works fine without a CNI plugin but fails when I add vpc-cni addon: AddonCNI: Type: 'AWS::EKS::Addon' Properties: AddonName: vpc-cni AddonVersion: v1.12.0-eksbuild.1 …
chingis
  • 243
  • 3
  • 14
0
votes
0 answers

Wordpress keeps redirecting to wp-login.php after nginx-ingress update

I have a WordPress site that is working on an older version of Kubernetes. I updated the Kubernetes cluster and the nginx-ingress controller. After the update the main page works, but when we attempt to login WordPress keeps trying to 302 redirect…
zerobit
  • 1
  • 1
0
votes
1 answer

How do i add a security group as an inbound rule to another security group in terraform

I have a Terraform codebase which deploys a private EKS cluster, a bastion host and other AWS services. I have also added a few security groups to the in Terraform. One of the security groups allows inbound traffic from my Home IP to the bastion…
eagercoder
  • 123
  • 1
  • 4
0
votes
0 answers

Enable Vault JWT using `-tls-skip-verify` with EKS ca.crt fails with `x509: certificate signed by unknown authority`

We need to enable JWT auth in vault which is hosted within our EKS cluster in preparation for using K8s 1.24 OIDC and testing token renewal with Vault. I'm following documentation from a few…
Jim
  • 355
  • 1
  • 4
  • 14
1 2 3
4
5 6 7