amazon-eks-ami icon indicating copy to clipboard operation
amazon-eks-ami copied to clipboard

Published 20 hours ago verified publisher icon awslabs

IPv6 Support: Bootstrap process breaks when serviceIpv6Cidr isn't provided

Open ravisinha0506 opened this issue 3 years ago • 6 comments

What happened: When service-ipv6-cidr isn't provided to bootstrap.sh script, it makes describe-cluster api to fetch this value and receives None. This is happening as awscli still points to an older version ( 1.18.X ) which doesn't return newly introduced parameters. As a result, None gets assigned toservice-ipv6-cidr.

What you expected to happen: Bootstrap process should be able to fetch correct service-ipv6-cidr value from eks describe-cluster api.

How to reproduce it (as minimally and precisely as possible): Use this userdata in IPv6 variant worker node:

MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="//"

--//
Content-Type: text/x-shellscript; charset="us-ascii"
#!/bin/bash
set -ex

/etc/eks/bootstrap.sh my-cluster --ip-family ipv6

--//--

ravisinha0506 avatar Jan 12 '22 02:01 ravisinha0506

As a workaround, all the params should be passed to the bootstrap script.

For ex:

MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="//"

--//
Content-Type: text/x-shellscript; charset="us-ascii"
#!/bin/bash
set -ex
B64_CLUSTER_CA=<CADATA>
API_SERVER_URL=<SOME_ENDPOINT>
SERVICE_IPV6_CIDR=<cidr>
/etc/eks/bootstrap.sh my-cluster --b64-cluster-ca $B64_CLUSTER_CA --apiserver-endpoint $API_SERVER_URL --ip-family ipv6 --service-ipv6-cidr  $SERVICE_IPV6_CIDR 

--//--

ravisinha0506 avatar Jan 12 '22 02:01 ravisinha0506

Latest AMI release has fix for this issue.

ravisinha0506 avatar Jan 14 '22 17:01 ravisinha0506

This issue would still appear for a custom AMI node group customer as default AWS CLI ( v1.18 ) wouldn't be able to fetch cluster information using eks:describeCluster api.

ravisinha0506 avatar Jan 25 '22 19:01 ravisinha0506

https://github.com/awslabs/amazon-eks-ami/issues/887

The assumption is that if you pass in the b64-cluster-ca and the apiserver-endpoint then it is IPv4...

archoversight avatar Mar 24 '22 01:03 archoversight

I believe this is resolved with https://github.com/awslabs/amazon-eks-ami/pull/860 - cc @bwagner5 / @suket22

bryantbiggs avatar Apr 09 '22 15:04 bryantbiggs

This issue likely won't be fixed with #860 either. This is related to the AWS CLI version being out of date. My comment above was that this is still broken if you pass just the b64 cluster ca and the apiserver endpoint, without providing the other IPv6 information.

archoversight avatar Apr 12 '22 17:04 archoversight

AWS CLI has been updated, so this should be resolved now https://github.com/awslabs/amazon-eks-ami/pull/1066

bwagner5 avatar Feb 03 '23 16:02 bwagner5