I am having a very hard time to deploy and access fully private eks cluster.
My Issue: I have deployed a fully private cluster and I am not able to run kubectl command even from the machine in cluster's VPC. Also, whenever I try to create nodes I get message waiting for at least one node to join the cluster and then after 25 minutes it time's out.
My Requirements: I have a fully private VPC called HSCN with 2 private and 2 public subnets. Even through there are public subnets in it but still it is fully private and has no access to outside network. Then, I have another VPC called internet with 2 private and 2 public subnets. This VPC has access to internet and is used to access machines in the HSCN vpc(fully private vpc). In short, it is serving as a gateway. These both VPC are connected through VPCPeering Connetion. Now, I want to create a fully private cluster in the private subnet of the hscn vpc. I am following this GUIDE but I think this guide is not meant for beginners like me but still I am doing my best to understand it. The first requirement it says to create a repo which I think I don't need for now as I am not goind to create pod. The 2nd requirement require us to create VPC endpoints. If we are creating an EKS CLUSTER then it is automatically taken care by eks. I can confirm that eks is creating these endpoint automatically. But I have created manually and still I am not able to run kubectl commands and deploy self-manged nodes.
I ran a number of commands to check if anything is wrong with accessing the server address.
nmap -p 443 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com
Starting Nmap 7.80 ( https://nmap.org ) at 2022-09-09 11:11 UTC
Nmap scan report for 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com (192.168.*.*)
Host is up (0.00031s latency).
Other addresses for 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com (not scanned): 192.168.*.*
rDNS record for 192.168.*.*: ip-192-168-*-*.eu-west-*.compute.internal
PORT STATE SERVICE
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds
Another command is
nslookup 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com
Address: 192.168.*.*
Name: 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com
Address: 192.168.*.*
And another is
telnet 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com 443
Trying 192.168.*.*...
Connected to 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com
Escape character is '^]'.
^CConnection closed by foreign hos
It is clear that I can access the api server endpoints from my machine which is in the same vpc as the api server. But still when I run the kubectl command I am getting this output
Unable to connect to the server: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
Can anyone suggest me what exactly I need to do?
Thanks
