I have created a VPC fully private (no direct internet access), let's call it VPC-A. This vpc is peer connected to another VPC, let's call it VPC-B. This VPC-B has internet connection and is being used as a gateway for VPC-A.
I have deployed a fully private cluster only (not any node) in the private subnet of the VPC-A using the guide. For this purposes, I created an EC2 instance in that private subnet and then created the the fully private cluster from there. The problem is I am not able to run any kubectl and eks command just like mentioned in the guide.
When I run the eksctl commands I get the following context deadline exceeded message
eksctl get iamidentitymapping --cluster test-cluster --region=eu-west-2
Error: getting auth ConfigMap: Get "https://D79949CFDSOHFDUS2454GFDR43REWFDS308BB.gr7.eu-west-1.eks.amazonaws.com/api/v1/namespaces/kube-system/configmaps/aws-auth": context deadline exceeded
and when I run the kubectl commands then I get
Unable to connect to the server: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
I have allowed https traffice at port 443 in the control plane security group and also I am trying to access the cluster from within the cluster's VPC and still getting these errors.
I ran a number of commands to check if anything is wrong with accessing the server address but I found that I can successfully access the cluster endpoints from the machine and a connection is being established from my machine to the api server.
nmap -p 443 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com
Starting Nmap 7.80 ( https://nmap.org ) at 2022-09-09 11:11 UTC
Nmap scan report for 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com (192.168.*.*)
Host is up (0.00031s latency).
Other addresses for 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com (not scanned): 192.168.*.*
rDNS record for 192.168.*.*: ip-192-168-*-*.eu-west-*.compute.internal
PORT STATE SERVICE
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds
telnet 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com 443
Trying 192.168.*.*...
Connected to 1E9057EC8C316E£D"@JY$J&G%1C94A.gr7.eu-west-*.eks.amazonaws.com
Escape character is '^]'.
^CConnection closed by foreign hos
It is clear that I can access the api server endpoints from my machine which is in the same vpc as the api server.
I have created a VPC fully private (no direct internet access), let's call it VPC-A. This vpc is peer connected to another VPC, let's call it VPC-B. This VPC-B has internet connection and is being used as a gateway for VPC-A.
I have deployed a fully private cluster only (not any node) in the private subnet of the VPC-A using the guide. For this purposes, I created an EC2 instance in that private subnet and then created the the fully private cluster from there. The problem is I am not able to run any kubectl and eks command just like mentioned in the guide. When I run the eksctl commands I get the following context deadline exceeded message
and when I run the kubectl commands then I get
Unable to connect to the server: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)I have allowed https traffice at port 443 in the control plane security group and also I am trying to access the cluster from within the cluster's VPC and still getting these errors.
I ran a number of commands to check if anything is wrong with accessing the server address but I found that I can successfully access the cluster endpoints from the machine and a connection is being established from my machine to the api server.
Another command is
And another is
It is clear that I can access the api server endpoints from my machine which is in the same vpc as the api server.
Thanks