search

aws-quickstart / cdk-eks-blueprints

AWS Quick Start Team
Apache License 2.0
460 stars 206 forks source link

VpcCniAddOn: As of 1.14.1, an error stating "Region is missing" is throwing in console #1015

Closed tdalbo92 closed 4 months ago

tdalbo92 commented 5 months ago

Describe the bug

After the latest upgrade we're seeing ERROR messages in our console during cdk deploy regarding "Region is missing". It seems like three add-ons are affected: VpcCniAddOn, CoreDnsAddOn, and KubeProxyAddOn. This issue doesn't seem to actually affect the deploy, and isn't causing problems, but it seems like a regression regardless.

Expected Behavior

No error is thrown by these add-ons.

Current Behavior

Stacktrace:

2024-06-11 19:58:59.398 WARN    /node_modules/@aws-quickstart/eks-blueprints/lib/addons/core-addon/index.ts:208 main    
 Error  Region is missing
error stack:
  • index.js    default
    /node_modules/@smithy/config-resolver/dist-cjs/index.js:117
  • index.js    
    /node_modules/@smithy/node-config-provider/dist-cjs/index.js:90
  • index.js    
    /node_modules/@smithy/property-provider/dist-cjs/index.js:97
  • index.js    coalesceProvider
    /node_modules/@smithy/property-provider/dist-cjs/index.js:124
  • index.js    
    /node_modules/@smithy/property-provider/dist-cjs/index.js:135
  • index.js    region
    /node_modules/@smithy/config-resolver/dist-cjs/index.js:142
  • httpAuthSchemeProvider.js   Object.defaultEKSHttpAuthSchemeParametersProvider [as httpAuthSchemeParametersProvider]
    /node_modules/@aws-sdk/client-eks/dist-cjs/auth/httpAuthSchemeProvider.js:9
  • index.js    
    /node_modules/@smithy/core/dist-cjs/index.js:61
  • index.js    
    /node_modules/@aws-sdk/middleware-logger/dist-cjs/index.js:34
  • index.ts    VpcCniAddOn.provideVersion
    /node_modules/@aws-quickstart/eks-blueprints/lib/addons/core-addon/index.ts:187
2024-06-11 19:58:59.399 WARN    /node_modules/@aws-quickstart/eks-blueprints/lib/addons/core-addon/index.ts:209 main    Failed to retrieve add-on versions from EKS for add-on vpc-cni. Falling back to default version.

Reproduction Steps

Install any of the three aforementioned add-ons and run cdk deploy. The error seems to reliably happen.

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.133.0

EKS Blueprints Version

1.14.1

Node.js Version

v18.20.1

Environment details (OS name and version, etc.)

MacOS 14.5 Sonoma ARM64

Other information

No response

shapirov103 commented 5 months ago

@tdalbo92 these addons use AWS SDK API call to detect the right version. Please make sure that either 1/ credentials are available at build time (e.g. aws configure has creds and region setup) or 2/ no credentials are available (in that case we fall back onto an internal map of versions, which may not be exactly what AWS has by default).

Another option to work around this issue is to pass the version to these addons, then the framework won't attempt to make any API calls.

@elamaran11 logically region should not be required, let's have a look at this issue.

elamaran11 commented 5 months ago

@tdalbo92 @shapirov103 The EKSClient on the sdk call needs region setup in the terminal to make api calls to retrieve the specific version of the addon. If region is not passed, it defaults to other methods, also see its a warning and not a hard error. So this is not an issue and this is how it works.

2start commented 4 months ago

I am facing the same error. I also read through the older related issue and still don't really understand why the SDK call doesn't use the specified region from the cluster. Here is how I set the region:

  const builder = blueprints.EksBlueprint.builder()
    .account(config.aws.account)
    .region(config.aws.region)

@shapirov103 credentials are available during build time for me but the error is not thrown during build time. It only arises during the deploy step.

Setting the AWS_REGION solves this but feels dirty because I am deploying 2 stacks with a cluster each and they may be in different regions.

shapirov103 commented 4 months ago

@2start: I will take a look at the code that creates the SDK client to describe addon versions. I mentioned "build time" incorrectly, meant "synth time".

I assume you are on 1.15.1

The region of the stack should not matter for the dynamic resolution the core addon version - it is needed to construct the API endpoint URL. Semantically the describe-addon-version API is supposed to be region agnostic.