community
community copied to clipboard
aws-controllers-k8s
EC2 controller - fix metadata tags
Describe the bug
If I am adding flag instanceMetadataTags to the instance description
apiVersion: ec2.services.k8s.aws/v1alpha1
kind: Instance
metadata:
name: test
namespace: infra-production
spec:
iamInstanceProfile:
arn: "arn:aws:iam::966321756598:instance-profile/ssm-instance-profile"
imageID: ami-0eb260c4d5475b901
keyName: george
instanceType: r5n.2xlarge
subnetID: subnet-0c72af713be937dcc # production-private-eu-west-2b
securityGroupIDs:
- sg-05c2348dbc876ab30
tags:
- key: Name
value: test
- key: env
value: production
blockDeviceMappings:
- deviceName: "/dev/sda1"
ebs:
volumeSize: 500
deleteOnTermination: false
# this key below:
metadataOptions:
instanceMetadataTags: enabled
I am getting the next error when creating the EC2 instance:
2023-07-31T00:43:12.900Z ERROR Reconciler error {"controller": "instance", "controllerGroup": "ec2.services.k8s.aws", "controllerKind": "Instance", "Instance": {"name":"mg-main-b","namespace":"infra-production"}, "namespace": "infra-production", "name": "mg-main-b", "reconcileID": "cc6f7fc9-7dc9-478a-9288-e33f9c23f2e8", "error": "InvalidParameterValue: 'services.k8s.aws/controller-version' is not a valid tag key. Tag keys must match pattern ([0-9a-zA-Z\\\\-_+=,.@:]{1,255}), and must not be a reserved name ('.', '..', '_index')\n\tstatus code: 400, request id: 33e80503-9d3d-4567-bf7c-954ed1afd3e5"}
If I remove
metadataOptions:
instanceMetadataTags: enabled
everything is fine. The issue is the label services.k8s.aws/controller-version Probably it must be renamed to something without "/" symbol (like services.k8s.aws_controller-version but it will break the conformity between different resources and controllers)
Steps to reproduce
- add manifest to the cluster
- wait
- get the error below
Expected outcome
Correctly created EC2 instance.
Environment
- Kubernetes version 1.25
- Using EKS (yes/no), if so version? yes
- AWS service targeted (S3, RDS, etc.) EC2
This is one of the standardised tags that we apply to all ACK resources. These can be overridden with the Helm chart values - https://github.com/aws-controllers-k8s/ec2-controller/blob/main/helm/values.yaml#L99-L103
@RedbackThomson Hi! So I will need to change all resource tags to some custom ones without forbidden symbols? Make sense. But why not to implement it directly as current scheme breaks metadata propagation of EC2 instances? Also what will be the correct process for changing the labels? Because I am sure that the controller will lose all resources when it'd be redeployed.
Issues go stale after 180d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 60d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/aws-controllers-k8s/community.
/lifecycle stale
Issues go stale after 180d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 60d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Provide feedback via https://github.com/aws-controllers-k8s/community.
/lifecycle stale