search

eksctl-io / eksctl

The official CLI for Amazon EKS
https://eksctl.io
Other
4.88k stars 1.4k forks source link

[Bug] Creating IPv6 Cluster on 2 or 4 AZs fails because of inconsistent CIDR partitioning #7835

Open TiberiuGC opened 2 months ago

TiberiuGC commented 2 months ago

How to reproduce the issue?

By running eksctl create cluster with the following config file:

apiVersion: eksctl.io/v1alpha5
kind: ClusterConfig
metadata:
  name: mismatched-subnet-cidr-issue
  region: us-west-2
  version: "1.30"

availabilityZones:
- us-west-2a
- us-west-2b
- us-west-2c
- us-west-2d

kubernetesNetworkConfig:
  ipFamily: IPv6

vpc:
  cidr: 10.34.0.0/16

What's the error?

2024-06-13 15:48:39 [✖]  getting stack "xxxx-cluster" outputs: could not import subnet subnet-xxxx: mismatch found between local and remote VPC config: subnet CIDR "10.33.224.0/19", found in config file, is not the same as subnet CIDR "10.33.112.0/20", found in remote VPC config

What's the cause?

There's two code sections that handle IPv4 CIDR partitioning that are inconsistent. First section splits the range in the fashion below. The obtained CIDR are then used as-is for IPv4 clusters.

https://github.com/eksctl-io/eksctl/blob/4b62d1a3fab80e4c1dfe761e4b7b786b4c976290/pkg/vpc/vpc.go#L131-L146

However, IPv6 logic splits the CIDR in a different fashion, and does not re-use the split obtained previously. Afterwards, eksctl tries to validate that the obtained ranges are consistent, which they aren't. Hence the problem above.

https://github.com/eksctl-io/eksctl/blob/4b62d1a3fab80e4c1dfe761e4b7b786b4c976290/pkg/cfn/builder/vpc_ipv6.go#L55

github-actions[bot] commented 1 month ago

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.