Open Murali-Cloudbridge opened 1 year ago
Hi Team,
We tried by adding as shown below, but it still failed.
apiVersion: eksctl.io/v1alpha5 kind: ClusterConfig metadata: name: ekspvt-nlb-mq-clu-r9 region: eu-west-2 vpc: subnets: private: eu-west-2a: { id: subnet-0aa46e504e1a7aebc } eu-west-2b: { id: subnet-0a4916537d048318b } eu-west-2c: { id: subnet-02009dcfd8edc779c } clusterEndpoints: publicAccess: true privateAccess: true managedNodeGroups:
apiVersion: eksctl.io/v1alpha5 kind: ClusterConfig metadata: name: ekspvt-nlb-mq-clu-r9 region: eu-west-2 vpc: subnets: private: eu-west-2a: { id: subnet-0aa46e504e1a7aebc } eu-west-2b: { id: subnet-0a4916537d048318b } eu-west-2c: { id: subnet-02009dcfd8edc779c } clusterEndpoints: publicAccess: true privateAccess: true managedNodeGroups:
We also followed the below link, but we need help.
https://github.com/eksctl-io/eksctl/issues/735
Thanks, Murali
We have modified the stacks according to our requirements to launch worker nodes in private subnets and include boot nodes. Now, we are facing issues in the boot node accessing the EKS cluster API endpoint. We have fixed this by manually adding the security group to EKS by allowing the entire VPC CIDR or allowing the IP of the boot node alone. We need to add this security group within eksctl commands, as shown below.
We tried adding below values
clusterSecurityGroup="sg-1234567". but failed with the ssm association. attachIDs: ['sg-05c1f719382ab9279', 'sg-03305b8b8df813ede']
Resources: BootNodeProfile: Type: AWS::IAM::InstanceProfile Properties: Roles:
Thanks, Murali