teks icon indicating copy to clipboard operation
teks copied to clipboard

Published 20 hours ago verified publisher icon particuleio

Not able to create aws eks cluster

Open ramesh-kumarjha opened this issue 2 years ago • 2 comments

when i run terragrunt run-all apply getting this error

 INFO[0708] Executing hook: kubeconfig                    prefix=[/Users/ramesh/zinka-monitoring/prod-deployment-2/terragrunt/live/thanos/ap-south-1/clusters/observer/eks]
ERRO[0714] Error running hook kubeconfig with message: exit status 1  prefix=[/Users/ramesh/zinka-monitoring/prod-deployment-2/terragrunt/live/thanos/ap-south-1/clusters/observer/eks]
ERRO[0714] Module /Users/ramesh/zinka-monitoring/prod-deployment-2/terragrunt/live/thanos/ap-south-1/clusters/observer/eks has finished with an error: 4 errors occurred:
  * exit status 1
  * exit status 1
  * exit status 1
  * exit status 1
  
  eks terragrunt file 
  include {
  path = "${find_in_parent_folders()}"
}

terraform {
  source = "github.com/terraform-aws-modules/terraform-aws-eks?ref=master"

  after_hook "kubeconfig" {
    commands = ["apply"]
    execute  = ["bash", "-c", "terraform output --raw kubeconfig 2>/dev/null > ${get_terragrunt_dir()}/kubeconfig"]
  }

  after_hook "kubeconfig-tg" {
    commands = ["apply"]
    execute  = ["bash", "-c", "terraform output --raw kubeconfig 2>/dev/null > kubeconfig"]
  }

  after_hook "kube-system-label" {
    commands = ["apply"]
    execute  = ["bash", "-c", "kubectl --kubeconfig kubeconfig label ns kube-system name=kube-system --overwrite"]
  }

  after_hook "undefault-gp2" {
    commands = ["apply"]
    execute  = ["bash", "-c", "kubectl --kubeconfig kubeconfig patch storageclass gp2 -p '{\"metadata\": {\"annotations\":{\"storageclass.kubernetes.io/is-default-class\":\"false\"}}}'"]
  }
}

locals {
  aws_region = yamldecode(file("${find_in_parent_folders("region_values.yaml")}"))["aws_region"]
  env        = yamldecode(file("${find_in_parent_folders("env_tags.yaml")}"))["Env"]
  prefix     = yamldecode(file("${find_in_parent_folders("global_values.yaml")}"))["prefix"]
  name       = yamldecode(file("${find_in_parent_folders("cluster_values.yaml")}"))["name"]
  custom_tags = merge(
    yamldecode(file("${find_in_parent_folders("global_tags.yaml")}")),
    yamldecode(file("${find_in_parent_folders("env_tags.yaml")}"))
  )
  cluster_name = "${local.prefix}-${local.env}-${local.name}"

  vpc_id = "xxxxxxxx"
  
  # these should be private subnets
  subnet_ids = [
      "subnet-xxxxxxxxxxx",
      "subnet-xxxxxxxxxxx",
      "subnet-xxxxxxxx",
  ]
}

generate "provider" {
  path      = "provider.tf"
  if_exists = "overwrite"
  contents  = <<-EOF
    provider "aws" {
      region = "${local.aws_region}"
    }
    provider "kubernetes" {
      host                   = data.aws_eks_cluster.cluster.endpoint
      cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
      token                  = data.aws_eks_cluster_auth.cluster.token
    }
    data "aws_eks_cluster" "cluster" {
      name = aws_eks_cluster.this[0].id
    }
    data "aws_eks_cluster_auth" "cluster" {
      name = aws_eks_cluster.this[0].id
    }
  EOF
}

inputs = {

  aws = {
    "region" = local.aws_region
  }

  tags = merge(
    local.custom_tags
  )

  cluster_name                         = local.cluster_name
  subnet_ids                           = local.subnet_ids
  vpc_id                               = local.vpc_id
  write_kubeconfig                     = true
  enable_irsa                          = true
  kubeconfig_aws_authenticator_command = "aws"
  kubeconfig_aws_authenticator_command_args = [
    "eks",
    "get-token",
    "--cluster-name",
    local.cluster_name
  ]
  kubeconfig_aws_authenticator_additional_args = []

  cluster_version           = "1.19"
  cluster_enabled_log_types = ["api", "audit", "authenticator", "controllerManager", "scheduler"]

  # Should contain security groups for Office Access only
  # https://aws.amazon.com/blogs/containers/upcoming-changes-to-ip-assignment-for-eks-managed-node-groups/
  node_groups = {
    "default-${local.aws_region}" = {
      create_launch_template = true
      public_ip              = true
      key_name               = "awsKeyName"
      desired_capacity       = 3
      max_capacity           = 5
      min_capacity           = 3
      instance_types         = ["m5a.large"]
      disk_size              = 30
      k8s_labels = {
        pool = "default"
      }
      capacity_type = "ON_DEMAND"
    }
  }
}

ramesh-kumarjha avatar Apr 06 '22 20:04 ramesh-kumarjha

@ArchiFleKs please let me know how i can fixed this i am using aws admin role to do all these task

ramesh-kumarjha avatar Apr 07 '22 06:04 ramesh-kumarjha

@ramesh-kumarjha - go to the eks folder and run this:

terragrunt apply --terragrunt-log-level debug --terragrunt-debug

Look for something like Executing hook: kubeconfig, then manually run that command and see the error.

Most likely wrong AWS region..

giany avatar Sep 01 '22 10:09 giany