aws-eks

Pods in EKS: can't resolve DNS (but can ping IP)

假装没事ソ 提交于 2020-08-10 05:02:25
问题 I have 2 EKS clusters, in 2 different AWS accounts and with, I might assume, different firewalls (which I don't have access to). The first one (Dev) is all right, however, with the same configuration, UAT cluster pods is struggling to resolve DNS. The Nodes can resolve and seems to be all right. 1) ping 8.8.8.8 works --- 8.8.8.8 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3003ms 2) I can ping the IP of google (and others), but not the actual dns names. Our

Adding IAM Group to aws-auth configmap in AWS EKS

泄露秘密 提交于 2020-06-28 07:19:45
问题 The aws-auth configmap in AWS EKS performs a mapping between IAM users/roles to kubernetes RBAC roles. However, the documentation does not specify anything on adding IAM groups to the configmap. We use multiple namespaces, each namespace managed by a different team. I created a set of kubernetes RBAC roles, limited to the different namespaces. Now I want to give everbody in the teams IAM group that specific role. Is it possible to add IAM groups in the aws-auth configmap? If not, what would

Adding IAM Group to aws-auth configmap in AWS EKS

筅森魡賤 提交于 2020-06-28 07:19:26
问题 The aws-auth configmap in AWS EKS performs a mapping between IAM users/roles to kubernetes RBAC roles. However, the documentation does not specify anything on adding IAM groups to the configmap. We use multiple namespaces, each namespace managed by a different team. I created a set of kubernetes RBAC roles, limited to the different namespaces. Now I want to give everbody in the teams IAM group that specific role. Is it possible to add IAM groups in the aws-auth configmap? If not, what would

Adding name to EC2 instances when deploying AWS::EKS::Nodegroup in CloudFormation

不羁的心 提交于 2020-05-30 10:15:09
问题 I'm creating a CloudFormation template to deploy an EKS node group using the AWS::EKS::Nodegroup CloudFormation resource. It looks like you can create tags for the node group resource specifically, but cannot change the name of the EC2 instances that are deployed as part of the node group. From the AWS documentation, it looks like tags are not propagated to other resources the node group deploys (such as EC2 instances). Does anyone know of a way on how we can update the name of the EC2

Installing Jupyterhub hub pod is failing with no available volume zone

ⅰ亾dé卋堺 提交于 2020-01-06 08:12:19
问题 When trying to install Jupyterhub on Kubernetes (EKS) I am getting below error in the Hub pod. This is output of describe pod. There was similar issue reported and i tried the solution but it didn't work. Warning FailedScheduling 52s (x2 over 52s) default-scheduler 0/3 nodes are available: 1 Insufficient cpu, 2 node(s) had no available volume zone. This is my pvc.yaml kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: standard annotations: volume.alpha.kubernetes.io/storage

Kubernetes ingress: Not creating an LB?

我们两清 提交于 2019-12-24 18:23:29
问题 I have an EKS cluster. We want - One LB that will redirect to multiple namespace inside the cluster, - Ingress to avoid the "one load balancer for one service". I want to cut it by namespace. I have been reading a bit of documentation but I can't seem to wrap my head around it. I have this yaml, which I understood would create a LB and the ingress rules. apiVersion: extensions/v1beta1 kind: Ingress metadata: name: simple-fanout-example namespace : default annotations: kubernetes.io/ingress

AWS EKS add user restricted to namespace

≯℡__Kan透↙ 提交于 2019-12-23 17:30:48
问题 I have created AWS EKS cluster since I have created using my AWS userID has been added to system:masters group. But when checked ConfigMap aws-auth I don't see my user ID. Why ? I had to give access to another user, so I have to assign appropriate AWS policies to the IAM user, then I edited the ConfigMap aws-auth with the following mapping mapUsers: ---- - userarn: arn:aws:iam::573504862059:user/abc-user username: abc-user groups: - system:masters So far I have understood when a user is part