search

pulumi / pulumi-eks

A Pulumi component for easily creating and managing an Amazon EKS Cluster
https://www.pulumi.com/registry/packages/eks/
Apache License 2.0
171 stars 81 forks source link

Default Configuration results in "The Launch Configuration creation operation is not available" #1419

Closed chrisvander closed 3 weeks ago

chrisvander commented 1 month ago

What happened?

With a standard EKS Cluster setup, I run into an error stating

The Launch Configuration creation operation is not available in your account. Use launch templates to create configuration templates for your Auto Scaling groups.

Launch configurations were deprecated.

Example

Standard setup in a new account should throw the issue:

const eksCluster = new eks.Cluster("cluster", {});

Output of pulumi about

CLI
Version      3.135.0
Go Version   go1.23.1
Go Compiler  gc

Plugins
KIND      NAME    VERSION
resource  auth0   3.7.1
resource  aws     6.50.1
resource  awsx    2.14.0
resource  eks     2.8.1
language  nodejs  unknown
resource  random  4.16.6

Host
OS       darwin
Version  15.0
Arch     arm64

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

flostadler commented 1 month ago

Hey @chrisvander, sorry you're running into this!

We're addressing the deprecation of the Launch Configuration resource by AWS in the next major release (v3). We're aiming to release it towards the end of the week, but you can already check out the beta version if you'd like to: v3.0.0-beta.1.

Otherwise you can work around this by not creating the default node group of the cluster and instead create one explicitely:

const managedPolicyArns: string[] = [
    "arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy",
    "arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy",
    "arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly",
    "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore",
];

// Creates a role and attches the EKS worker node IAM managed policies
export function createRole(name: string): aws.iam.Role {
    const role = new aws.iam.Role(name, {
        assumeRolePolicy: aws.iam.assumeRolePolicyForPrincipal({
            Service: "ec2.amazonaws.com",
        }),
    });

    let counter = 0;
    for (const policy of managedPolicyArns) {
        // Create RolePolicyAttachment without returning it.
        const rpa = new aws.iam.RolePolicyAttachment(`${name}-policy-${counter++}`,
            { policyArn: policy, role: role },
        );
    }

    return role;
}

const nodeRole = createRole("nodeRole");

const eksCluster = new eks.Cluster("cluster", {
    skipDefaultNodeGroup: true,
    authenticationMode: eks.AuthenticationMode.API,

    // your other settings
});

const mng = eks.createManagedNodeGroup("nodegroup", {
  cluster: eksCluster,
  instanceTypes: ["t3.medium"],
  nodeRole,
});
cleverguy25 commented 1 month ago

Added to epic https://github.com/pulumi/home/issues/3558

chrisvander commented 1 month ago

I'll give the beta a shot. Starting to migrate our infrastructure from Terraform to Pulumi so I think we can handle the beta version this week. Thanks!

flostadler commented 3 weeks ago

This is fixed in the latest major release https://github.com/pulumi/pulumi-eks/releases/tag/v3.0.0