Closed NinoSkopac closed 1 week ago
LOL the cause is podIdentity: true
AKA it deploys after I comment it out
What I saw on https://karpenter.sh/docs/getting-started/getting-started-with-karpenter/ made me try it:
Pod Identity should work though:
So it seems like PodIdentity is the problem?
OK guys key is to provision EksPodIdentityAgentAddOn
first. Then, you can ditch IRSA. Example still won't work verbatim - just comment out budgets
:D
Well, it can't schedule pods.
{"level":"ERROR","time":"2024-07-10T13:03:07.883Z","logger":"controller","message":"failed listing instance types for default-nodepool","commit":"490ef94","controller":"disruption","error":"no subnets found"}
{"level":"ERROR","time":"2024-07-10T13:07:07.466Z","logger":"controller","message":"could not schedule pod","commit":"490ef94","controller":"provisioner","Pod":{"name":"inflate-65f46bdc4-drb6c","namespace":"default"},"error":"all available instance types exceed limits for nodepool: \"default-nodepool\""}
{"level":"ERROR","time":"2024-07-10T13:07:11.220Z","logger":"controller","message":"skipping, unable to resolve instance types","commit":"490ef94","controller":"provisioner","NodePool":{"name":"default-nodepool"},"error":"no subnets found"}
@NinoSkopac we are looking into this issue. Pod identity support was released in 1.15, however we need to make sure the examples work as expected and pods are schedulable.
Not working with either irsa or pod identity
Thanks for taking the time to look into it, hopefully it can be resolved with urgency because I can only get this working on eks 1.27 which will enter extended support in 2 weeks, and I'm not going to pay $480/m instead of $80/m for a eks cluster.
@NinoSkopac, I am attempting to reproduce the issue where you could not get the pods scheduling. Could you please share the steps you took to get from 'Release "karpenter" does not exist. Installing it now.:Error
to the pod scheduling issue?
For error like error: missing key "meta.helm.sh/release-name": must be set to "karpenter"
we need to update owner ship of Karpenter objects
https://karpenter.sh/docs/troubleshooting/#helm-error-when-installing-the-karpenter-crd-chart
installCRDs
should be set to true
to upgrade Karpenter CRDs, otherwise, Karpenter waits for that until it provisions new nodes
https://karpenter.sh/docs/upgrading/upgrade-guide/#upgrading-to-0370
@zjaco13 You can either comment out podIdentity: true
or provision EksPodIdentityAgentAddOn before Karpenter addon. Former will make Karpenter use IRSA, latter is Pod Identity. According to devs in this issue, use IRSA as Pod Identity is untested? Thanks for looking into it
@vumdao I'm creating a cluster from scratch, so I don't think I need installCRDs, that's only for upgrading from a lower version of Karpenter? Thanks for pointing me to that obscure chapter of the troubleshooting page. Is that something that could fix my last error, which is Karpenter can't schedule pods?
@NinoSkopac I thought you upgraded Karpenter.
no subnets found
= Check subnets in your cluster if well-tagging with karpenter.sh/discovery: ${clusterName}
?
@NinoSkopac, I was able to successfully schedule the pods and scale the cluster using this karpenter addon spec.
new blueprints.addons.KarpenterAddOn({
version: 'v0.33.1',
nodePoolSpec: {
labels: {
type: "karpenter-test"
},
annotations: {
"eks-blueprints/owner": "young",
},
taints: [{
key: "workload",
value: "test",
effect: "NoSchedule",
}],
requirements: [
{ key: 'node.kubernetes.io/instance-type', operator: 'In', values: ['m5.large'] },
{ key: 'topology.kubernetes.io/zone', operator: 'In', values: ['us-west-2a', 'us-west-2b', 'us-west-2c'] },
{ key: 'kubernetes.io/arch', operator: 'In', values: ['amd64', 'arm64'] },
{ key: 'karpenter.sh/capacity-type', operator: 'In', values: ['on-demand'] },
],
disruption: {
consolidationPolicy: "WhenEmpty",
consolidateAfter: "30s",
expireAfter: "20m",
//budgets: [{ nodes: "10%" }]
}
},
ec2NodeClassSpec: {
amiFamily: "AL2",
subnetSelectorTerms: [{ tags: { "Name": `${clusterName}/${clusterName}-vpc/PrivateSubnet*` }}],
securityGroupSelectorTerms: [{ tags: { "aws:eks:cluster-name": `${clusterName}` }}],
},
interruptionHandling: true,
podIdentity: false, // Recommended, otherwise, set false (as default) to use IRSA
});
I'll give it a go, thank you.
I believe it's this that made you able to run it:
subnetSelectorTerms: [{ tags: { "Name": `${clusterName}/${clusterName}-vpc/PrivateSubnet*` }}],
securityGroupSelectorTerms: [{ tags: { "aws:eks:cluster-name": `${clusterName}` }}],
I didn't try this exact combo, i tried something veeery similar
Tested and works!
Thank you!
Could you please do the same for eks v1.30 and karpenter 0.37.0 please? It would be great.
Describe the bug
Example from https://aws-quickstart.github.io/cdk-eks-blueprints/addons/karpenter/#usage doesn't work.
Expected Behavior
karpenter deploys (it used to, before v1beta changes)
Current Behavior
balks
Reproduction Steps
run the code from https://aws-quickstart.github.io/cdk-eks-blueprints/addons/karpenter/#usage
Offending part:
Error:
After commenting
budgets
out, another error:Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
2.148.0 (build e5740c0)
EKS Blueprints Version
1.15.1
Node.js Version
v22.4.1
Environment details (OS name and version, etc.)
Darwin
Other information
No response