DrFaust92 / terraform-kubernetes-ebs-csi-driver

Terraform module which creates Kubernetes EBS CSI controller resources on AWS EKS.
https://registry.terraform.io/modules/DrFaust92/ebs-csi-driver/kubernetes/latest
Other
31 stars 26 forks source link

Error: creating IAM OIDC Provider: EntityAlreadyExists: Provider with url already exists. #107

Open darksmoke opened 1 year ago

darksmoke commented 1 year ago

I have eks cluster 1.24 version. I took this module and started using it. Got an error:

│ Error: creating IAM OIDC Provider: EntityAlreadyExists: Provider with url https://oidc.eks.eu-central-1.amazonaws.com/id/2B375A5F893E2A5921B4D7E36C0D1D97 already exists.
│       status code: 409, request id: 07808d1a-3aff-43e7-a70e-b87896170a29
│ 
│   with aws_iam_openid_connect_provider.openid_connect,
│   on ebs_csi_driver.tf line 13, in resource "aws_iam_openid_connect_provider" "openid_connect":
│   13: resource "aws_iam_openid_connect_provider" "openid_connect" {
│ 
╵
╷
│ Error: Waiting for rollout to finish: 2 replicas wanted; 0 replicas Ready
│ 
│   with module.ebs_csi_driver_controller.kubernetes_deployment.ebs_csi_controller,
│   on .terraform/modules/ebs_csi_driver_controller/controller.tf line 1, in resource "kubernetes_deployment" "ebs_csi_controller":
│    1: resource "kubernetes_deployment" "ebs_csi_controller" {
│ 

The code I am using:

data "aws_eks_cluster" "cluster" {
  name = module.eks.cluster_name
}

data "aws_eks_cluster_auth" "cluster" {
  name = module.eks.cluster_name
}

data "tls_certificate" "cert" {
  url = data.aws_eks_cluster.cluster.identity[0].oidc[0].issuer
}

resource "aws_iam_openid_connect_provider" "openid_connect" {
  client_id_list  = ["sts.amazonaws.com"]
  thumbprint_list = [data.tls_certificate.cert.certificates.0.sha1_fingerprint]
  url             = data.aws_eks_cluster.cluster.identity[0].oidc[0].issuer
}

provider "kubernetes" {
  host                   = data.aws_eks_cluster.cluster.endpoint
  cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
  token                  = data.aws_eks_cluster_auth.cluster.token
}

module "ebs_csi_driver_controller" {
  source = "DrFaust92/ebs-csi-driver/kubernetes"
  version = "3.7.0"

  ebs_csi_controller_image                   = ""
  ebs_csi_controller_role_name               = "ebs-csi-driver-controller"
  ebs_csi_controller_role_policy_name_prefix = "ebs-csi-driver-policy"
  oidc_url                                   = aws_iam_openid_connect_provider.openid_connect.url
}

My versions:

 terraform version 
Terraform v1.3.3
on darwin_amd64
+ provider registry.terraform.io/gavinbunney/kubectl v1.14.0
+ provider registry.terraform.io/hashicorp/aws v4.62.0
+ provider registry.terraform.io/hashicorp/cloudinit v2.3.2
+ provider registry.terraform.io/hashicorp/helm v2.9.0
+ provider registry.terraform.io/hashicorp/kubernetes v2.19.0
+ provider registry.terraform.io/hashicorp/time v0.9.1
+ provider registry.terraform.io/hashicorp/tls v4.0.4
+ provider registry.terraform.io/shorelinesoftware/shoreline v1.11.0