awslabs / aws-eks-cluster-controller Goto Github PK

Hi, this is srinivasa am created EKS cluster in AWS using EKSCTL but default it will create public eks (API server endpoint access) but it is i need to change this one into private am trying from AWS console after changing in to private from kube-server where i installed kubectl and eksctl i cant able to access that cluster am getting error tcp:ip ip:443 i/o timeout my kubeserver is in private subnet only and all my worker nodes is also in private only but i dont know why am getting this error from my kube-machine please help me for this to troubleshoot incase u need any info i will provide
EKS-version 1.15
thank you

The shouldUpdate() method currently only checks for CFN parameters, currently we cannot parameterize the IAM Roles for the nodegroups. We need to come up with a solution for this.

Currently if the controlplane fails to delete it will continuously attempt to delete. There should be some backoff time, and after so many failed attempts it should just fail.

CFN Stack name

From https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-using-console-create-stack-parameters.html

"The stack name is an identifier that helps you find a particular stack from a list of stacks. A stack name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and can't be longer than 128 characters."

Resource names

This will vary for each resource

Use of the Status Subresource prevents updates to the status causing an extra reconcile of the object.

See: http://kubebuilder.netlify.com/basics/status_subresource.html

• Review the default community guidance documents in the repo and update them for this specific project where necessary.
• Improve the README to be more descriptive of the projects usage and goals.

Add update functionality for the Control Plane Version and the AMI running in the nodegroups for this.

Add the api to manage DaemonSet in the controller.

There are 2 controllers current that have a long wait for cloudformation to finish.

These waits, and any future waits should not be a long blocking call. As an alternative it should be a short blocking call, with a delayed requeue.

What I did:

apply a k8s resource file with N eks clusters or N changes

What is expected:

N control planes start creating immediately

What happened:

control planes were created serially, and no changes could be made to others while one was in create.

AWS EKS is still in k8s 1.15.0+

Server Version: version.Info{Major:"1", Minor:"15+", GitVersion:"v1.15.11-eks-af3caf", GitCommit:"af3caf6136cd355f467083651cc1010a499f59b1", GitTreeState:"clean", BuildDate:"2020-03-27T21:51:36Z", GoVersion:"go1.12.17", Compiler:"gc", Platform:"linux/amd64"}

Any timeline or roadmap set for the release of k8s 1.16.0+ as part of EKS?

At the moment nodegroup worker nodes are created of m5.large type by default https://github.com/awslabs/aws-eks-cluster-controller/blob/master/pkg/controller/nodegroup/cfn_template.go#L13

User should be able to pass other instance type in Spec of EKS cluster to get different type of ec2 instance.

When we create a new cluster we should have the option of using EKS-1.11.

The tests in CircleCI fail randomly with timeout waiting for process kube-apiserver to start.
Kubebuilder version used for CircleCI : v1.0.5

Note:
We have already tried increasing the start timeout for the controlplane components to 60 secs.

Right now https://github.com/awslabs/aws-eks-cluster-controller/blob/master/pkg/controller/controlplane/cfn_template.go#L46-L95 creates 3 Subnets in 3 different AZs, which are then used by Nodegroups to deploy the worker nodes.

This can be issue for deploying EKS cluster using aws-eks-cluster-controller where less than 3 AZs supported; For example ap-south-1(Mumbai) region where only 2 AZs available at the moment:

$ aws ec2 describe-availability-zones --region ap-south-1
{
    "AvailabilityZones": [
        {
            "State": "available",
            "Messages": [],
            "RegionName": "ap-south-1",
            "ZoneName": "ap-south-1a"
        },
        {
            "State": "available",
            "Messages": [],
            "RegionName": "ap-south-1",
            "ZoneName": "ap-south-1b"
        }
    ]
}

We may need to fix the Cloudformation template or make it dynamically generated using goformation

If one could run the aws-eks-cluster-controller outside the cluster (e.g. from a laptop or CICD)
the bootstrap (creating the first cluster and installing the controller on it) would be automatic.

It would also allow for recovery scenarios.

See also: amazon-archives/aws-service-operator#122 (comment), aws/containers-roadmap#47

Does this the controller work? Can you update the README with a sample CRD? What k8s objects can you manage?

In nodegroup controller we are currently hardcoding the value of AMI's. Should see if there is a way to get these values dynamically.

Currently it is not possible to create an EKS Cluster outside of the 192.168.0.0/16 subnet.

Expected Resulsts
When defining a cluster a network and subnets can be specified. For example

network:
    vpcCider: "192.168.0.0/16"
    subnet1: "192.168.64.0/18"
    subnet2: "192.168.128.0/18"
    subnet3: "192.168.192.0/18"

And the cluster will be created with the correct subnets.

Double check that our clientset codegen works if we also build components in a different group? E.g. componentsV1alpha1.

Add the api to manage StatefulSets in the controller.

NG Controller currently supports Create and Delete operations, need to identify and implement the use cases for update.

We probably need an admission controller which adds owner cluster information to components @ apply time