pulumi-eks
pulumi-eks copied to clipboard
pulumi
Default installation for EBS driver and corresponding role attachment
Hello!
- Vote on this issue by adding a 👍 reaction
- If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
Issue details
When the default EKS cluster is created in AWS, the cluster role does not have permission AmazonEBSCSIDriverPolicy
Also the cluster does not install add on for EBS driver
This results in issue for PVC creation
Hi @sinfull1 - thank you for opening this issue! We'd love to take a look at what's going on here and attempt to resolve your issue. Could you please provide a minimal reproduction of the issue in the form of code, as well as attaching the output of running pulumi about from your Pulumi project? Thank you so much!
hi @kpitzen, if you create default EKS cluster, the cluster role and node cluster role created do not have EBS CSI driver policy attached.
This is actually not a problem as such ( more of an opinion), the problem is when you try to provision the (EBS) disk, the command just goes on indefinitely, without throwing an appropriate error .
eks_cluster = eks.Cluster("cluster")
here is output of pulumi up ( can't do pulumi about)
You can see two roles created by default cluster-eksRole and cluster-instanceRole
The cluster-instanceRole by default has only three policy attachments, which does not have AmazonEBSCSIDriverPolicy
Also the cluster does not have CSI driver addons installed, (either EBD or EFS) (could be recent change in AWS)
-
├─ eks:index:ServiceRole cluster-eksRole create -
│ ├─ aws:iam:Role cluster-eksRole-role create -
│ └─ aws:iam:RolePolicyAttachment cluster-eksRole-4b490823 create -
├─ eks:index:ServiceRole cluster-instanceRole create -
│ ├─ aws:iam:Role cluster-instanceRole-role create -
│ ├─ aws:iam:RolePolicyAttachment cluster-instanceRole-3eb088f2 create -
│ ├─ aws:iam:RolePolicyAttachment cluster-instanceRole-e1b295bd create -
│ └─ aws:iam:RolePolicyAttachment cluster-instanceRole-03516f97 create
