cluster-api
cluster-api copied to clipboard
Published
20 hours ago •
kubernetes-sigs
kubernetes-sigs
MachineHealthcheck controller fails to get cluster connection from cache
What steps did you take and what happened?
I spawned an AWS workload cluster using CAPA v2.8.3 and the following flags set:
--feature-gates=EKS=true,EKSEnableIAM=true,EKSAllowAddRoles=false,EKSFargate=false,MachinePool=false,EventBridgeInstanceState=false,AutoControllerIdentityCreator=true,BootstrapFormatIgnition=false,ExternalResourceGC=false
Every 15m or so (it depends, sometime it can go up to 20m), I get the following message form the MachineHealthcheck controller:
E0616 07:31:16.533327 1 machinehealthcheck_controller.go:221] "Error creating remote cluster cache" err="error getting client: connection to the workload cluster is down" controller="machinehealthcheck" controllerGroup="cluster.x-k8s.io" controllerKind="MachineHealthCheck" MachineHealthCheck="flux-system/t00-use1-eks-test" namespace="flux-system" name="t00-use1-eks-test" reconcileID="420722f1-5b72-4829-9340-8a9c27537fd4" Cluster="flux-system/t00-use1-eks-test"
E0616 07:31:16.535055 1 machineset_controller.go:1218] "Unable to retrieve Node status" err="error getting client: connection to the workload cluster is down" controller="machineset" controllerGroup="cluster.x-k8s.io" controllerKind="MachineSet" MachineSet="flux-system/t00-use1-eks-test-us-east-1a-md0-f6f27" namespace="flux-system" name="t00-use1-eks-test-us-east-1a-md0-f6f27" reconcileID="4c4135df-6d55-4590-8751-b4af5d8b8982" Cluster="flux-system/t00-use1-eks-test" MachineDeployment="flux-system/t00-use1-eks-test-us-east-1a-md0" Machine="flux-system/t00-use1-eks-test-us-east-1a-md0-f6f27-gpm5b" Node=""
E0616 07:31:16.564003 1 machineset_controller.go:1218] "Unable to retrieve Node status" err="error getting client: connection to the workload cluster is down" controller="machineset" controllerGroup="cluster.x-k8s.io" controllerKind="MachineSet" MachineSet="flux-system/t00-use1-eks-test-us-east-1a-md0-f6f27" namespace="flux-system" name="t00-use1-eks-test-us-east-1a-md0-f6f27" reconcileID="e5a1e000-b16f-4d8a-9c75-6af4c7be8b9f" Cluster="flux-system/t00-use1-eks-test" MachineDeployment="flux-system/t00-use1-eks-test-us-east-1a-md0" Machine="flux-system/t00-use1-eks-test-us-east-1a-md0-f6f27-gpm5b" Node=""
E0616 07:31:16.614978 1 machineset_controller.go:1218] "Unable to retrieve Node status" err="error getting client: connection to the workload cluster is down" controller="machineset" controllerGroup="cluster.x-k8s.io" controllerKind="MachineSet" MachineSet="flux-system/t00-use1-eks-test-us-east-1a-md0-f6f27" namespace="flux-system" name="t00-use1-eks-test-us-east-1a-md0-f6f27" reconcileID="f0952489-d550-40bc-bbe5-fb1bfb72bbd1" Cluster="flux-system/t00-use1-eks-test" MachineDeployment="flux-system/t00-use1-eks-test-us-east-1a-md0" Machine="flux-system/t00-use1-eks-test-us-east-1a-md0-f6f27-gpm5b" Node=""
E0616 07:31:16.628004 1 machineset_controller.go:1218] "Unable to retrieve Node status" err="error getting client: connection to the workload cluster is down" controller="machineset" controllerGroup="cluster.x-k8s.io" controllerKind="MachineSet" MachineSet="flux-system/t00-use1-eks-test-us-east-1a-md0-f6f27" namespace="flux-system" name="t00-use1-eks-test-us-east-1a-md0-f6f27" reconcileID="8c2fd112-b159-438e-9c7e-e2b9ab38191a" Cluster="flux-system/t00-use1-eks-test" MachineDeployment="flux-system/t00-use1-eks-test-us-east-1a-md0" Machine="flux-system/t00-use1-eks-test-us-east-1a-md0-f6f27-gpm5b" Node=""
As far as I checked, I don't have any operational impact. I didn't have this error using v1.7.9, it seems to appear starting v1.8.0.
What did you expect to happen?
If this is a real error with token renewal logic or the updated cache component, then try to fix it. If it's not, suppress the message.
Cluster API version
v1.9.8
Kubernetes version
No response
Anything else you would like to add?
I tried to play with sync-period on both capa-controller-manager and capi-controller-manager without any luck.
Label(s) to be applied
/kind bug One or more /area label. See https://github.com/kubernetes-sigs/cluster-api/labels?q=area for the list of labels.
This is a real error, but probably not in our code. The core Cluster API controller cannot connect to the workload cluster.
Do you have any logs from the cluster cache controller?
Please also share the Cluster object as YAML.
Hello 👋
Sorry for late answer. From what I know the token from AWS is rotated every 15m, which might explain the issue.
Here are the logs of the cluster-cache controller:
I0728 04:39:49.295970 1 cluster_accessor.go:315] "Disconnecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="e3059400-dc05-4056-bc0f-92ac69c589d1"
I0728 04:39:49.296010 1 cluster_accessor.go:322] "Disconnected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="e3059400-dc05-4056-bc0f-92ac69c589d1"
I0728 04:39:49.297277 1 cluster_accessor.go:252] "Connecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="f427940f-8045-4cb8-9369-36c0e901918b"
I0728 04:39:49.648211 1 cluster_accessor.go:271] "Connected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="f427940f-8045-4cb8-9369-36c0e901918b"
I0728 05:00:54.826230 1 cluster_accessor.go:315] "Disconnecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="9c24d9f9-f8f5-4d75-a1ab-3ad582a830bd"
I0728 05:00:54.826273 1 cluster_accessor.go:322] "Disconnected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="9c24d9f9-f8f5-4d75-a1ab-3ad582a830bd"
I0728 05:00:54.831004 1 cluster_accessor.go:252] "Connecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="76c53f8a-595f-4585-9eac-70afec3c045f"
I0728 05:00:55.154213 1 cluster_accessor.go:271] "Connected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="76c53f8a-595f-4585-9eac-70afec3c045f"
I0728 05:21:09.966428 1 cluster_accessor.go:315] "Disconnecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="bca9f567-7959-486b-b861-f9270ae4cb63"
I0728 05:21:09.966471 1 cluster_accessor.go:322] "Disconnected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="bca9f567-7959-486b-b861-f9270ae4cb63"
I0728 05:21:09.971238 1 cluster_accessor.go:252] "Connecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="27188b1f-7a13-43f3-83c6-a68411247520"
I0728 05:21:10.349151 1 cluster_accessor.go:271] "Connected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="27188b1f-7a13-43f3-83c6-a68411247520"
I0728 05:28:12.037391 1 cluster_accessor.go:315] "Disconnecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="f8944142-9955-48a4-aba7-4f0d8aeeaa0d"
I0728 05:28:12.037434 1 cluster_accessor.go:322] "Disconnected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="f8944142-9955-48a4-aba7-4f0d8aeeaa0d"
I0728 05:28:12.041561 1 cluster_accessor.go:252] "Connecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="244d7f63-c7f9-4f75-90df-7e1219a79676"
I0728 05:28:12.401417 1 cluster_accessor.go:271] "Connected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="244d7f63-c7f9-4f75-90df-7e1219a79676"
I0728 05:46:06.496876 1 cluster_accessor.go:315] "Disconnecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="600f98d7-dd82-47b0-8a2f-45de4fd5e1c9"
I0728 05:46:06.496934 1 cluster_accessor.go:322] "Disconnected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="600f98d7-dd82-47b0-8a2f-45de4fd5e1c9"
I0728 05:46:06.498112 1 cluster_accessor.go:252] "Connecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="be8bee1a-a7cf-45b0-8880-75793d97ccb4"
I0728 05:46:06.891274 1 cluster_accessor.go:271] "Connected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="flux-system/xxxxx" namespace="flux-system" name="xxxxx" reconcileID="be8bee1a-a7cf-45b0-8880-75793d97ccb4"
...
Here are the corresponding capa logs:
...
I0728 04:39:39.214177 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:39:39.499418 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:39:41.103775 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 04:39:41.554829 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 04:39:41.884052 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:39:41.884193 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:39:43.272591 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:39:43.272630 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:39:43.272644 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:39:43.450701 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:39:43.450766 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:39:43.451489 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:39:44.103469 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d1d0be5d-ef07-4c67-8345-20253d340e29" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 04:44:40.748350 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:44:41.040435 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:44:42.555581 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 04:44:43.085337 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 04:44:43.306762 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:44:43.306815 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:44:44.669091 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:44:44.669140 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:44:44.669156 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:44:44.879734 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:44:44.879957 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:44:44.880723 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:44:45.573780 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5c2149ca-1dbb-47ad-872f-68a2a5d78895" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 04:46:58.569731 1 awsmanagedcontrolplane_webhook.go:482] "AWSManagedControlPlane setting defaults" logger="awsmanagedcontrolplane-resource" control-plane="flux-system/xxxxx-cp"
I0728 04:46:58.590431 1 awsmanagedcontrolplane_webhook.go:113] "AWSManagedControlPlane validate update" logger="awsmanagedcontrolplane-resource" control-plane="flux-system/xxxxx-cp"
I0728 04:49:42.283205 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:49:42.692372 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:49:44.178390 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 04:49:44.649776 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 04:49:44.861276 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:49:44.861331 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:49:46.229713 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:49:46.229747 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:49:46.229764 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:49:46.461802 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:49:46.461873 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:49:46.462715 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:49:47.110811 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="be22e68f-175c-4bb4-b462-2eae48e640ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 04:54:43.819337 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:54:44.224302 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:54:45.769701 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 04:54:46.217803 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 04:54:46.429546 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:54:46.429594 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:54:47.826819 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:54:47.826853 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:54:47.826869 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:54:48.053632 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:54:48.053736 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:54:48.054697 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:54:48.727100 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="d4e7f5e8-e0f7-4e59-86b4-c1fa4debb2d6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 04:59:45.356040 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:59:45.660983 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:59:47.495352 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 04:59:48.233002 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 04:59:48.443060 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:59:48.443214 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:59:49.883643 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:59:49.883680 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:59:49.883694 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:59:50.140390 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:59:50.140457 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:59:50.141486 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 04:59:50.777610 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="59cd0e88-96ee-477c-a944-979999aea5d1" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 05:04:46.886854 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:04:47.126307 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:04:48.543874 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 05:04:49.015134 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 05:04:49.210312 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:04:49.210362 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:04:50.662101 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:04:50.662134 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:04:50.662149 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:04:50.844983 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:04:50.845051 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:04:50.845795 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:04:51.510581 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="013e9ab5-18a5-4995-9fec-fc127a536847" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 05:09:48.421988 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:09:48.853876 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:09:50.412692 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 05:09:50.867366 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 05:09:51.079298 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:09:51.079444 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:09:52.466140 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:09:52.466178 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:09:52.466194 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:09:52.658868 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:09:52.659148 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:09:52.659834 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:09:53.306554 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="339d7edb-9882-483b-95a1-15447f698b18" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 05:14:49.957433 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:14:50.377341 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:14:52.080984 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 05:14:52.570048 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 05:14:52.779016 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:14:52.779148 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:14:54.221392 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:14:54.221427 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:14:54.221442 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:14:54.391738 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:14:54.391805 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:14:54.392505 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:14:55.059005 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="0ffa3493-aaf2-4edf-8904-c585f1f1adb3" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 05:19:51.490278 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:19:51.766891 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:19:53.545938 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 05:19:54.037821 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 05:19:54.237420 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:19:54.237481 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:19:55.635293 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:19:55.635329 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:19:55.635343 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:19:55.833235 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:19:55.833305 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:19:55.834817 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:19:56.521018 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="4e4ba4c8-b86b-445c-b131-3e7f04671ed6" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 05:24:53.025277 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:24:54.006370 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:24:55.597954 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 05:24:56.083305 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 05:24:56.295335 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:24:56.295384 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:24:57.672896 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:24:57.672943 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:24:57.672958 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:24:57.900823 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:24:57.901119 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:24:57.901854 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:24:58.545981 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="5a387527-fcd6-40d4-a8b6-fcde4d767059" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 05:29:54.561408 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:29:54.956560 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:29:56.606412 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 05:29:57.072497 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 05:29:57.566869 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:29:57.567044 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:29:58.930165 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:29:58.930199 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:29:58.930214 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:29:59.177983 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:29:59.178247 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:29:59.179284 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:29:59.876208 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="2087068a-2fdb-4fa4-8fe7-1ed507ef491d" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 05:34:56.096258 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:34:56.513386 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:34:57.996531 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 05:34:58.456525 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 05:34:58.660152 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:34:58.660435 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:35:00.068457 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:35:00.073208 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:35:00.073256 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:35:00.292694 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:35:00.292772 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:35:00.293767 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:35:00.951108 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="1d1c3fd4-69a2-4033-af79-caf202a8f3ad" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 05:39:57.634802 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:39:57.902974 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:39:59.375071 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 05:39:59.846031 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 05:40:00.070594 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:40:00.071541 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:40:01.486944 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:40:01.488489 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:40:01.488582 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:40:01.729781 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:40:01.729853 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:40:01.730575 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:40:02.583933 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="e7e2f576-457a-4cef-990f-e2d20383ba4a" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 05:44:59.165360 1 awsmanagedcontrolplane_controller.go:302] "Reconciling AWSManagedControlPlane" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:44:59.460263 1 subnets.go:50] "Reconciling subnets" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:45:01.109966 1 roles.go:85] "using eks control plane role" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" role-name="xxxxx-iam-service-role"
I0728 05:45:01.570990 1 securitygroup.go:34] "Reconciling EKS security groups" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx" cluster-name="xxxxx"
I0728 05:45:01.779828 1 cluster.go:637] "reconciling encryption configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:45:01.780276 1 addons.go:34] "Reconciling EKS addons" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:45:03.243534 1 identity_provider.go:33] "reconciling oidc identity provider" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:45:03.243574 1 identity_provider.go:35] "no oidc provider config, skipping reconcile" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:45:03.243590 1 cni.go:47] "Reconciling aws-node DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:45:03.530525 1 cni.go:72] "updating aws-node daemonset environment variables" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:45:03.530601 1 reconcile.go:39] "Reconciling kube-proxy DaemonSet in cluster" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:45:03.531356 1 reconcile.go:39] "Reconciling aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="flux-system/xxxxx"
I0728 05:45:04.340249 1 reconcile.go:90] "Reconciled aws-iam-authenticator configuration" controller="awsmanagedcontrolplane" controllerGroup="controlplane.cluster.x-k8s.io" controllerKind="AWSManagedControlPlane" AWSManagedControlPlane="flux-system/xxxxx-cp" namespace="flux-system" name="xxxxx-cp" reconcileID="78fa0cb6-d9b5-4813-a1be-04615eb0bcce" awsManagedControlPlane="flux-system/xxxxx-cp" cluster="xxxxx"
I0728 05:47:58.754905 1 awsmanagedcontrolplane_webhook.go:482] "AWSManagedControlPlane setting defaults" logger="awsmanagedcontrolplane-resource" control-plane="flux-system/xxxxx-cp"
I0728 05:47:58.776035 1 awsmanagedcontrolplane_webhook.go:113] "AWSManagedControlPlane validate update" logger="awsmanagedcontrolplane-resource" control-plane="flux-system/xxxxx-cp"
...
Here is the corresponding cluster object:
apiVersion: cluster.x-k8s.io/v1beta1
kind: Cluster
metadata:
annotations:
meta.helm.sh/release-name: xxxxx
meta.helm.sh/release-namespace: flux-system
creationTimestamp: "2024-10-25T13:57:16Z"
finalizers:
- cluster.cluster.x-k8s.io
generation: 554
labels:
app.kubernetes.io/instance: xxxxx
app.kubernetes.io/managed-by: Helm
helm.sh/chart: ekscluster-0.2.0_ca84a63dac25
helm.toolkit.fluxcd.io/name: xxxxx
helm.toolkit.fluxcd.io/namespace: flux-system
name: xxxxx
namespace: flux-system
resourceVersion: "240306859"
uid: a414e027-66a4-4af9-9ada-8684e4260767
spec:
controlPlaneEndpoint:
host: https://XXXXXXXXXXXX.gr7.eu-west-1.eks.amazonaws.com
port: 443
controlPlaneRef:
apiVersion: controlplane.cluster.x-k8s.io/v1beta2
kind: AWSManagedControlPlane
name: xxxxx-cp
namespace: flux-system
infrastructureRef:
apiVersion: controlplane.cluster.x-k8s.io/v1beta2
kind: AWSManagedControlPlane
name: xxxxx-cp
namespace: flux-system
status:
conditions:
- lastTransitionTime: "2025-06-05T07:11:19Z"
status: "True"
type: Ready
- lastTransitionTime: "2024-10-25T14:44:14Z"
status: "True"
type: ControlPlaneInitialized
- lastTransitionTime: "2025-06-05T07:11:19Z"
status: "True"
type: ControlPlaneReady
- lastTransitionTime: "2025-06-05T07:11:19Z"
status: "True"
type: InfrastructureReady
controlPlaneReady: true
failureDomains:
eu-west-1a:
controlPlane: true
eu-west-1b:
controlPlane: true
eu-west-1c:
controlPlane: true
infrastructureReady: true
observedGeneration: 554
phase: Provisioned
v1beta2:
conditions:
- lastTransitionTime: "2025-07-25T08:51:12Z"
message: ""
observedGeneration: 554
reason: Available
status: "True"
type: Available
- lastTransitionTime: "2025-07-25T08:51:09Z"
message: ""
observedGeneration: 554
reason: ProbeSucceeded
status: "True"
type: RemoteConnectionProbe
- lastTransitionTime: "2025-06-05T07:11:19Z"
message: ""
observedGeneration: 554
reason: Ready
status: "True"
type: InfrastructureReady
- lastTransitionTime: "2025-05-14T13:28:46Z"
message: ""
observedGeneration: 404
reason: Initialized
status: "True"
type: ControlPlaneInitialized
- lastTransitionTime: "2025-05-14T13:28:46Z"
message: ""
observedGeneration: 554
reason: Available
status: "True"
type: ControlPlaneAvailable
- lastTransitionTime: "2025-07-25T08:51:12Z"
message: ""
observedGeneration: 554
reason: Available
status: "True"
type: WorkersAvailable
- lastTransitionTime: "2025-05-22T08:55:49Z"
message: ""
observedGeneration: 554
reason: NotRollingOut
status: "False"
type: RollingOut
- lastTransitionTime: "2025-05-14T13:28:46Z"
message: ""
observedGeneration: 554
reason: NotRemediating
status: "False"
type: Remediating
- lastTransitionTime: "2025-05-22T12:23:24Z"
message: ""
observedGeneration: 554
reason: NotScalingDown
status: "False"
type: ScalingDown
- lastTransitionTime: "2025-05-22T12:24:19Z"
message: ""
observedGeneration: 554
reason: NotScalingUp
status: "False"
type: ScalingUp
- lastTransitionTime: "2025-05-14T13:28:46Z"
message: ""
observedGeneration: 554
reason: NoReplicas
status: "True"
type: ControlPlaneMachinesReady
- lastTransitionTime: "2025-07-25T08:51:11Z"
message: ""
observedGeneration: 554
reason: Ready
status: "True"
type: WorkerMachinesReady
- lastTransitionTime: "2025-05-14T13:28:46Z"
message: ""
observedGeneration: 554
reason: NoReplicas
status: "True"
type: ControlPlaneMachinesUpToDate
- lastTransitionTime: "2025-05-22T08:55:49Z"
message: ""
observedGeneration: 554
reason: UpToDate
status: "True"
type: WorkerMachinesUpToDate
- lastTransitionTime: "2025-07-27T19:01:27Z"
message: ""
observedGeneration: 554
reason: NotPaused
status: "False"
type: Paused
- lastTransitionTime: "2025-05-14T13:28:46Z"
message: ""
observedGeneration: 554
reason: NotDeleting
status: "False"
type: Deleting
controlPlane: {}
workers:
availableReplicas: 4
desiredReplicas: 4
readyReplicas: 4
replicas: 4
upToDateReplicas: 4
and the associated managed control plane:
apiVersion: controlplane.cluster.x-k8s.io/v1beta2
kind: AWSManagedControlPlane
metadata:
annotations:
helm.sh/resource-policy: keep
meta.helm.sh/release-name: xxxxx
meta.helm.sh/release-namespace: flux-system
creationTimestamp: "2024-10-25T13:56:52Z"
finalizers:
- awsmanagedcontrolplane.controlplane.cluster.x-k8s.io
generation: 14
labels:
app.kubernetes.io/instance: xxxxx
app.kubernetes.io/managed-by: Helm
cluster.x-k8s.io/cluster-name: xxxxx
helm.sh/chart: ekscluster-0.2.0_ca84a63dac25
helm.toolkit.fluxcd.io/name: xxxxx
helm.toolkit.fluxcd.io/namespace: flux-system
name: xxxxx-cp
namespace: flux-system
ownerReferences:
- apiVersion: cluster.x-k8s.io/v1beta1
blockOwnerDeletion: true
controller: true
kind: Cluster
name: xxxxx
uid: a414e027-66a4-4af9-9ada-8684e4260767
resourceVersion: "237787414"
uid: 2ebfc04c-eabf-4a3b-ac3f-790003f1725d
spec:
additionalTags:
Cluster: xxxxx
addons:
- conflictResolution: overwrite
name: vpc-cni
version: v1.19.5-eksbuild.1
- conflictResolution: overwrite
name: coredns
version: v1.11.4-eksbuild.10
- conflictResolution: overwrite
name: kube-proxy
version: v1.32.3-eksbuild.7
- configuration: |-
controller:
resources:
requests:
cpu: "50m"
memory: "64Mi"
limits:
cpu: "100m"
memory: "128Mi"
conflictResolution: overwrite
name: aws-efs-csi-driver
serviceAccountRoleARN: arn:aws:iam::XXXXXXXXXX:role/xxxxx-kube-system-aws-efs
version: v2.1.7-eksbuild.1
associateOIDCProvider: true
bastion:
allowedCIDRBlocks:
- 0.0.0.0/0
enabled: false
bootstrapSelfManagedAddons: true
controlPlaneEndpoint:
host: https://XXXXXXXXXXXXXXX.gr7.eu-west-1.eks.amazonaws.com
port: 443
eksClusterName: xxxxx
endpointAccess:
private: true
public: true
iamAuthenticatorConfig:
mapRoles:
- groups:
- system:masters
rolearn: arn:aws:iam::XXXXXXXXXX:role/controllers.cluster-api-provider-aws.sigs.k8s.io
username: capa-controllers
- groups:
- system:nodes
rolearn: arn:aws:iam::XXXXXXXXXX:role/xxxxxxx-capa-nodes
username: system:node:{{EC2PrivateDNSName}}
- groups:
- system:masters
rolearn: arn:aws:iam::XXXXXXXXXX:role/xxxxxxx-capa-system-controller
username: capa-controllers
- groups:
- system:masters
rolearn: arn:aws:iam::XXXXXXXXXX:role/AWSReservedSSO_SystemAdministrator_f69e5e42ed31a464
username: kubernetes-admin:{{SessionName}}
- groups:
- readonly
rolearn: arn:aws:iam::XXXXXXXXXX:role/AWSReservedSSO_DeveloperAccessRO_79278496a9517043
username: kubernetes-admin:{{SessionName}}
mapUsers:
- groups:
- system:masters
userarn: arn:aws:iam::XXXXXXXXXX:user/capi
username: capi
- groups:
- system:masters
userarn: arn:aws:iam::XXXXXXXXXX:user/baptiste
username: alice
- groups:
- system:masters
userarn: arn:aws:iam::XXXXXXXXXX:user/michael
username: bob
identityRef:
kind: AWSClusterControllerIdentity
name: default
kubeProxy:
disable: false
logging:
apiServer: false
audit: true
authenticator: false
controllerManager: false
scheduler: false
network:
cni:
cniIngressRules:
- description: bgp (calico)
fromPort: 179
protocol: tcp
toPort: 179
- description: IP-in-IP (calico)
fromPort: -1
protocol: "4"
toPort: 65535
subnets:
- availabilityZone: eu-west-1a
cidrBlock: 10.3.32.0/24
id: subnet-0cb561d2b5bfd8101
isPublic: true
natGatewayId: nat-0b715ff0c7ea0c14f
resourceID: subnet-0cb561d2b5bfd8101
routeTableId: rtb-0c853fe0347970119
tags:
Cluster: xxxxx
Name: xxxxx-subnet-public-eu-west-1a
kubernetes.io/cluster/xxxxx: shared
kubernetes.io/role/elb: "1"
sigs.k8s.io/cluster-api-provider-aws/cluster/xxxxx: owned
sigs.k8s.io/cluster-api-provider-aws/role: public
zoneType: availability-zone
- availabilityZone: eu-west-1a
cidrBlock: 10.3.36.0/22
id: subnet-0eb34ddd737bc65db
isPublic: false
resourceID: subnet-0eb34ddd737bc65db
routeTableId: rtb-0a4636f4cebe7c551
tags:
Cluster: xxxxx
Name: xxxxx-subnet-private-eu-west-1a
kubernetes.io/cluster/xxxxx: shared
kubernetes.io/role/internal-elb: "1"
sigs.k8s.io/cluster-api-provider-aws/cluster/xxxxx: owned
sigs.k8s.io/cluster-api-provider-aws/role: private
zoneType: availability-zone
- availabilityZone: eu-west-1b
cidrBlock: 10.3.33.0/24
id: subnet-050e94309d38e0c73
isPublic: true
natGatewayId: nat-0f0919b09eabcad86
resourceID: subnet-050e94309d38e0c73
routeTableId: rtb-026ee934c6f116615
tags:
Cluster: xxxxx
Name: xxxxx-subnet-public-eu-west-1b
kubernetes.io/cluster/xxxxx: shared
kubernetes.io/role/elb: "1"
sigs.k8s.io/cluster-api-provider-aws/cluster/xxxxx: owned
sigs.k8s.io/cluster-api-provider-aws/role: public
zoneType: availability-zone
- availabilityZone: eu-west-1b
cidrBlock: 10.3.40.0/22
id: subnet-05d597e5d2357e7e0
isPublic: false
resourceID: subnet-05d597e5d2357e7e0
routeTableId: rtb-09c82945bf37c4f2e
tags:
Cluster: xxxxx
Name: xxxxx-subnet-private-eu-west-1b
kubernetes.io/cluster/xxxxx: shared
kubernetes.io/role/internal-elb: "1"
sigs.k8s.io/cluster-api-provider-aws/cluster/xxxxx: owned
sigs.k8s.io/cluster-api-provider-aws/role: private
zoneType: availability-zone
- availabilityZone: eu-west-1c
cidrBlock: 10.3.34.0/24
id: subnet-0cd80313ce4d2c8a3
isPublic: true
natGatewayId: nat-0847536233cf6dd72
resourceID: subnet-0cd80313ce4d2c8a3
routeTableId: rtb-07d9b1657b86f2c28
tags:
Cluster: xxxxx
Name: xxxxx-subnet-public-eu-west-1c
kubernetes.io/cluster/xxxxx: shared
kubernetes.io/role/elb: "1"
sigs.k8s.io/cluster-api-provider-aws/cluster/xxxxx: owned
sigs.k8s.io/cluster-api-provider-aws/role: public
zoneType: availability-zone
- availabilityZone: eu-west-1c
cidrBlock: 10.3.44.0/22
id: subnet-0cb7c6a7791bc5e43
isPublic: false
resourceID: subnet-0cb7c6a7791bc5e43
routeTableId: rtb-0d3d74a4765145c07
tags:
Cluster: xxxxx
Name: xxxxx-subnet-private-eu-west-1c
kubernetes.io/cluster/xxxxx: shared
kubernetes.io/role/internal-elb: "1"
sigs.k8s.io/cluster-api-provider-aws/cluster/xxxxx: owned
sigs.k8s.io/cluster-api-provider-aws/role: private
zoneType: availability-zone
vpc:
availabilityZoneSelection: Ordered
availabilityZoneUsageLimit: 3
cidrBlock: 10.3.32.0/20
emptyRoutesDefaultVPCSecurityGroup: true
id: vpc-0a4da8bf7dec16cab
internetGatewayId: igw-0715f8adae70684be
subnetSchema: PreferPrivate
tags:
Cluster: xxxxx
Name: xxxxx-vpc
sigs.k8s.io/cluster-api-provider-aws/cluster/xxxxx: owned
sigs.k8s.io/cluster-api-provider-aws/role: common
partition: aws
region: eu-west-1
restrictPrivateSubnets: false
roleName: xxxxx-iam-service-role
sshKeyName: containous
tokenMethod: iam-authenticator
version: v1.32.3
vpcCni:
disable: false
env:
- name: ENABLE_PREFIX_DELEGATION
value: "true"
status:
addons:
- arn: arn:aws:eks:eu-west-1:XXXXXXXXXX:addon/xxxxx/aws-efs-csi-driver/eacaa360-7e62-5ed1-4dce-c50afc49b61e
createdAt: "2025-02-27T09:33:27Z"
modifiedAt: "2025-05-19T07:52:04Z"
name: aws-efs-csi-driver
serviceAccountRoleARN: arn:aws:iam::XXXXXXXXXX:role/xxxxx-kube-system-aws-efs
status: ACTIVE
version: v2.1.7-eksbuild.1
- arn: arn:aws:eks:eu-west-1:XXXXXXXXXX:addon/xxxxx/coredns/c8c56e43-2222-1614-efa6-8a1278a285bf
createdAt: "2023-09-28T16:01:41Z"
modifiedAt: "2025-05-19T06:59:13Z"
name: coredns
status: ACTIVE
version: v1.11.4-eksbuild.10
- arn: arn:aws:eks:eu-west-1:XXXXXXXXXX:addon/xxxxx/kube-proxy/eec56e43-3e65-4532-94c3-69c562721bec
createdAt: "2023-09-28T16:01:56Z"
modifiedAt: "2025-05-19T07:06:02Z"
name: kube-proxy
status: ACTIVE
version: v1.32.3-eksbuild.7
- arn: arn:aws:eks:eu-west-1:XXXXXXXXXX:addon/xxxxx/vpc-cni/3ac56e43-1a28-cfb8-0ed8-9aeb277a3ed2
createdAt: "2023-09-28T16:01:37Z"
modifiedAt: "2025-05-19T08:54:44Z"
name: vpc-cni
status: ACTIVE
version: v1.19.5-eksbuild.1
conditions:
- lastTransitionTime: "2025-06-05T07:11:19Z"
status: "True"
type: Ready
- lastTransitionTime: "2025-02-14T00:10:25Z"
status: "True"
type: ClusterSecurityGroupsReady
- lastTransitionTime: "2025-05-19T07:06:16Z"
status: "True"
type: EKSAddonsConfigured
- lastTransitionTime: "2025-06-05T07:11:17Z"
status: "True"
type: EKSControlPlaneReady
- lastTransitionTime: "2025-06-05T07:10:37Z"
reason: updated
severity: Info
status: "False"
type: EKSControlPlaneUpdating
- lastTransitionTime: "2024-10-25T14:44:16Z"
status: "True"
type: EKSIdentityProviderConfigured
- lastTransitionTime: "2024-10-25T14:44:17Z"
status: "True"
type: IAMAuthenticatorConfigured
- lastTransitionTime: "2024-10-25T14:23:06Z"
status: "True"
type: IAMControlPlaneRolesReady
- lastTransitionTime: "2024-10-25T14:23:05Z"
status: "True"
type: InternetGatewayReady
- lastTransitionTime: "2025-07-24T19:06:21Z"
reason: NotPaused
status: "False"
type: Paused
- lastTransitionTime: "2024-10-25T14:23:05Z"
status: "True"
type: RouteTablesReady
- lastTransitionTime: "2025-04-09T02:50:55Z"
message: 'failed to get API group resources: unable to retrieve the complete list
of server APIs: apps/v1: Unauthorized'
reason: SecondaryCidrReconciliationFailed
severity: Error
status: "False"
type: SecondaryCidrsReady
- lastTransitionTime: "2024-10-25T14:23:05Z"
status: "True"
type: SubnetsReady
- lastTransitionTime: "2024-10-25T14:23:04Z"
status: "True"
type: VpcReady
externalManagedControlPlane: true
failureDomains:
eu-west-1a:
controlPlane: true
eu-west-1b:
controlPlane: true
eu-west-1c:
controlPlane: true
initialized: true
networkStatus:
natGatewaysIPs:
- x.x.x.x
- x.x.x.x
- x.x.x.x
securityGroups:
cluster:
id: sg-0cc07f302d65ff2ac
name: eks-cluster-sg-xxxxx-1294525329
tags:
Name: eks-cluster-sg-xxxxx-1294525329
aws:eks:cluster-name: xxxxx
kubernetes.io/cluster/xxxxx: owned
node:
id: sg-0cc07f302d65ff2ac
name: eks-cluster-sg-xxxxx-1294525329
tags:
Name: eks-cluster-sg-xxxxx-1294525329
aws:eks:cluster-name: xxxxx
kubernetes.io/cluster/xxxxx: owned
node-eks-additional:
id: sg-02566b12abbbc6836
name: xxxxx-node-eks-additional
tags:
Cluster: xxxxx
Name: xxxxx-node-eks-additional
sigs.k8s.io/cluster-api-provider-aws/cluster/xxxxx: owned
sigs.k8s.io/cluster-api-provider-aws/role: node-eks-additional
oidcProvider:
arn: arn:aws:iam::XXXXXXXXXX:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/XXXXXXXXXXXXXXX
trustPolicy: '{ "Version": "2012-10-17", "Statement": [ { "Principal":
{ "Federated": [ "arn:aws:iam::XXXXXXXXXX:oidc-provider/oidc.eks.eu-west-1.amazonaws.com/id/XXXXXXXXXXXXXXX" ] }, "Effect":
"Allow", "Action": [ "sts:AssumeRoleWithWebIdentity" ], "Condition":
{ "ForAnyValue:StringLike": { "oidc.eks.eu-west-1.amazonaws.com/id/XXXXXXXXXXXXXXX:sub":
[ "system:serviceaccount:${SERVICE_ACCOUNT_NAMESPACE}:${SERVICE_ACCOUNT_NAME}" ] } } } ]}'
ready: true
version: 1.32.3
I hope it can help figuring out what's happenning.
We're seeing the same exact error after upgrading from v1.9.6 to v1.10.4. It seems to have no impact on the cluster, and the resources are all healthy, but every 15m we see a spike in errors and the clients disconnect and reconnect.
For context, we use CAPI v1.10.4 and CAPA v2.8.4 and these clusters are all AWS EKS clusters. We have our clusters set up so that management clusters have CAPI/CAPA installed and drive remotely connected workload clusters.
It's the same pattern as the logs above, with the clustercache showing the workload cluster disconnecting every 15m or so. I increased our log verbosity to v=6 and it shows the reason why we get disconnected:
I0827 17:03:27.164777 1 cluster_accessor.go:363] "Health probe failed (unauthorized error occurred): the server has asked for the client to provide credentials" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c"
I0827 17:03:27.164852 1 cluster_accessor.go:320] "Disconnecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c"
I0827 17:03:27.164866 1 cluster_accessor.go:324] "Stopping cache" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c"
I0827 17:03:27.164916 1 cluster_accessor.go:327] "Disconnected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c"
I0827 17:03:27.164940 1 cluster_cache.go:500] "Requeuing immediately (disconnected after unauthorized error occurred)" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c"
I0827 17:03:27.164959 1 cluster_cache.go:627] "Sending Cluster event" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c" targetController="cluster" reasons="disconnect"
I0827 17:03:27.164984 1 cluster_cache.go:627] "Sending Cluster event" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c" targetController="machine" reasons="disconnect"
I0827 17:03:27.164996 1 cluster_cache.go:627] "Sending Cluster event" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c" targetController="machineset" reasons="disconnect"
I0827 17:03:27.165012 1 cluster_cache.go:627] "Sending Cluster event" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c" targetController="machinepool" reasons="disconnect"
I0827 17:03:27.165027 1 cluster_cache.go:627] "Sending Cluster event" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c" targetController="clusterresourceset" reasons="disconnect"
I0827 17:03:27.165041 1 cluster_cache.go:627] "Sending Cluster event" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c" targetController="machinehealthcheck" reasons="disconnect"
I0827 17:03:27.165158 1 controller.go:349] "Reconcile done, requeueing after 1ms" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="c7ed21a1-e1c2-4a70-b1be-97828aa7c83c"
I0827 17:03:27.166426 1 controller.go:333] "Reconciling" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="ed78df0e-deb2-486d-afa5-2473de857cf4"
I0827 17:03:27.166566 1 cluster_accessor.go:252] "Connecting" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="ed78df0e-deb2-486d-afa5-2473de857cf4"
I0827 17:03:27.166646 1 cluster_accessor_client.go:53] "Creating connection" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="ed78df0e-deb2-486d-afa5-2473de857cf4"
I0827 17:03:27.166671 1 cluster_accessor_client.go:55] "Creating REST config" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="ed78df0e-deb2-486d-afa5-2473de857cf4"
I0827 17:03:27.167626 1 cluster_accessor_client.go:61] "Creating HTTP client and mapper" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="ed78df0e-deb2-486d-afa5-2473de857cf4"
I0827 17:03:27.202048 1 cluster_accessor_client.go:67] "Creating uncached client" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="ed78df0e-deb2-486d-afa5-2473de857cf4"
I0827 17:03:27.202151 1 cluster_accessor_client.go:73] "Detect if controller is running on the cluster" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="ed78df0e-deb2-486d-afa5-2473de857cf4"
I0827 17:03:27.206405 1 cluster_accessor_client.go:102] "Creating cached client and cache" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="ed78df0e-deb2-486d-afa5-2473de857cf4"
I0827 17:03:27.306941 1 cluster_accessor.go:274] "Connected" controller="clustercache" controllerGroup="cluster.x-k8s.io" controllerKind="Cluster" Cluster="capi-awscmhdev5/awscmhdev5" namespace="capi-awscmhdev5" name="awscmhdev5" reconcileID="ed78df0e-deb2-486d-afa5-2473de857cf4"
These are all EKS clusters managed by CAPA. I wonder if this is related to how the EKS token is rotated every 15m in the
These are all EKS clusters managed by CAPA. I wonder if this is related to how the EKS token is rotated every 15m in the -kubeconfig secret?
If the EKS token is rotated every 15m and the old token becomes invalid, then the ClusterCache has to recreate all informers for all workload clusters every 15m.
This should have been the same with the old ClusterCacheTracker, just with less logs.
There is probably a way to "rotate" the token of a running cache / informer, but I'm not sure.
I think controller-runtime might be doing that already for the Service Account token that a regular controller reads from disk (I think that one also gets rotated frequently)
I did a bit more digging through the related code changes and I suspect that in v1.9.x and older the error also existed but was suppressed, see this PR: https://github.com/kubernetes-sigs/cluster-api/pull/11736
If the EKS token is rotated every 15m and the old token becomes invalid, then the ClusterCache has to recreate all informers for all workload clusters every 15m.
That's what I was guessing. Just so you know, before opening the issue I tried to make CAPA controller refresh it's token more frequently but the same thing happened. It seems there is no mechanism to invalidate the cache after a token update from one infrastructure provider, is the log level accurate then ? I mean, tokens aimed to be rotated, that's their cruel fate 😆
Do you think we can implement the same TTL mechanism as HTTP caching ? I mean infrastructure providers would create a secret where the token is created with an annotation cluster.x-k8s.io/max-age or cluster.x-k8s.io/expires providing the cluster-api information about how many time the cache is valid for this token. This would help to focus on real errors. WDYT ?
I think we should look into finding a way to not having to recreate all informers just because the token is rotated. This is extremely expensive
cc @mogliang (https://github.com/kubernetes-sigs/cluster-api/issues/12399 is somewhat related)
Maybe there's a way to figure out a solution that addresses both problems: (just an idea at this point)
- Retrieve kubeconfig in each clustercache reconcile
- If only token changed => update token in cached client, informers, restconfig, .. (if that's possible)
- If other parts of the config change => disconnect + connect (i.e. recreate client, informers, restconfig, ..)
The CAPA kubeconfig secret has 3 values, value, token-file, and relative.
The value key contains the full kubeconfig with the token embedded, the one that CAPI uses today, in the format of:
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0...
server: https://...us-east-2.eks.amazonaws.com
name: workload-cluster
contexts:
- context:
cluster: workload-cluster
user: workload-cluster-capi-admin
name: workload-cluster-capi-admin@workload-cluster
current-context: workload-cluster-capi-admin@workload-cluster
kind: Config
preferences: {}
users:
- name: workload-cluster-capi-admin
user:
token: k8s-aws-v1...
These contents change every 15 minutes to have a new token. The secret token-file contains the same value as the users.user.token value from the value:
k8s-aws-v1...
Finally, relative has another kubeconfig which references the token file instead of the token directly:
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0...
server: https://...us-east-2.eks.amazonaws.com
name: workload-cluster
contexts:
- context:
cluster: workload-cluster
user: workload-cluster-capi-admin
name: workload-cluster-capi-admin@workload-cluster
current-context: workload-cluster-capi-admin@workload-cluster
kind: Config
preferences: {}
users:
- name: workload-cluster-capi-admin
user:
tokenFile: ./token-file
I believe if CAPI mounted the token-file and relative kubeconfig, then when the token-file contents update on disk, then the controller-runtime sdk will automatically reload the credentials for its kubeconfig. However it can not reload the token for a directly embedded token like in the value secret, because the users info may change. We implemented this separate secret kubeconfig in CAPA so that cluster-autoscaler could have a long-running client connection with the relative kubeconfig.
https://github.com/kubernetes-sigs/cluster-api-provider-aws/issues/4607
We implemented this separate secret kubeconfig in CAPA so that cluster-autoscaler could have a long-running client connection with the
relativekubeconfig.
I can confirm that this implementation works between CAPA <=> cluster-autoscaler. Since then, we have not seen anymore error log about this in cluster-autoscaler.
/triage accepted
As of today CAPI relies heavily on the KubeConfig to connect to the workload cluster, and if someone or something changes the KubeConfig frequently this create turbolence. (Note. same might apply for other controllers or users relying on the same kubeconfig, depending on how they access the secret)
/help If someone has bandwith, they can try to do some reasearch on the idea proposed in https://github.com/kubernetes-sigs/cluster-api/issues/12363#issuecomment-3232583426 (this probably goes deep into controller runtime too)
@fabriziopandini: This request has been marked as needing help from a contributor.
Guidelines
Please ensure that the issue body includes answers to the following questions:
- Why are we solving this issue?
- To address this issue, are there any code changes? If there are code changes, what needs to be done in the code and what places can the assignee treat as reference points?
- How can the assignee reach out to you for help?
For more details on the requirements of such an issue, please see here and ensure that they are met.
If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-help command.
In response to this:
/triage accepted
As of today CAPI relies heavily on the KubeConfig to connect to the workload cluster, and if someone or something changes the KubeConfig frequently this create turbolence. (Note. same might apply for other controllers or users relying on the same kubeconfig, depending on how they access the secret)
/help If someone has bandwith, they can try to do some reasearch on the idea proposed in https://github.com/kubernetes-sigs/cluster-api/issues/12363#issuecomment-3232583426 (this probably goes deep into controller runtime too)
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.
