search

eksctl-io / eksctl

The official CLI for Amazon EKS
https://eksctl.io
Other
4.9k stars 1.4k forks source link

[Help] Guidance / Documentation on proxying private cluster with SSM bastion host #7812

Closed kangadrewie closed 1 week ago

kangadrewie commented 3 months ago

Hi there,

Is there any guidance or documentation on how one might proxy eksctl to a private EKS cluster with a SSM bastion? I'm trying to create a ServiceAccount.

I'm unable to get past TLS errors with HTTPS_PROXY and NO_PROXY

aws ssm start-session \
--target <instance> \
--document-name AWS-StartPortForwardingSessionToRemoteHost \
--parameters '{"portNumber":["443"], "localPortNumber":["6443"], "host": ["<eks>.eks.amazonaws.com"]}'

export HTTPS_PROXY='https://127.0.0.1:6443'
export NO_PROXY='.eks.amazonaws.com'
Error: checking whether serviceaccount "kube-system/aws-load-balancer-controller" exists: Get "https://<>.eks.amazonaws.com/api/v1/namespaces/kube-system/serviceaccounts/aws-load-balancer-controller": tls: failed to verify certificate: x509: certificate is valid for <>.traefik.default, not <>.eks.amazonaws.com

Any guidance is much appreciated!

github-actions[bot] commented 3 months ago

Hello kangadrewie :wave: Thank you for opening an issue in eksctl project. The team will review the issue and aim to respond within 1-5 business days. Meanwhile, please read about the Contribution and Code of Conduct guidelines here. You can find out more information about eksctl on our website

github-actions[bot] commented 2 months ago

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] commented 2 months ago

This issue was closed because it has been stalled for 5 days with no activity.

github-actions[bot] commented 1 month ago

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] commented 1 month ago

This issue was closed because it has been stalled for 5 days with no activity.

github-actions[bot] commented 2 weeks ago

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] commented 1 week ago

This issue was closed because it has been stalled for 5 days with no activity.