Doi*_*nal 3 kubernetes amazon-eks eksctl
当使用eksctlAWS EKS 创建 Kubernetes 集群时,进程会卡住等待节点加入集群:
nodegroup "my-cluster" has 0 node(s)\nwaiting for at least 3 node(s) to become ready in \xe2\x80\x9cmy-cluster\xe2\x80\x9d\ntimed out (after 25m0s) waiting for at least 3 nodes to join the cluster and become ready in "my-cluster"\n将显示该消息,没有任何其他日志,直到该过程最终超时。看起来在幕后,新创建的节点无法与 Kubernetes 集群通信
\n使用现有 VPC 网络时,您必须确保 VPC 符合所有 EKS 特定要求 [1, 2]。logz.io 的博客文章提供了有关设置 VPC 网络的详细指南,以及可用作基础的示例 AWS Cloud Formation 模板 [3]。\n缺少 IAM 策略\nAmazonEKSWorkerNodePolicy 和 AmazonEKS_CNI_Policy 策略 [4] EKS 工作节点需要能够与集群进行通信。
\n\n默认情况下,eksctl 自动生成包含这些策略的角色。但是,当您使用 \xe2\x80\x9cattachPolicyARNs\xe2\x80\x9d 属性通过 ARN 附加特定策略时,您必须显式包含这些策略 [5]:
\n\nnodeGroups:\n - name: my-special-nodegroup\n iam:\n attachPolicyARNs:\n - arn:aws:iam::aws:policy/AmazonEKSWorkerNodePolicy\n - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy\n - arn:aws:iam::aws:policy/ElasticLoadBalancingFullAccess\n[1] https://docs.aws.amazon.com/eks/latest/userguide/create-public-private-vpc.html
\n\n[2] https://eksctl.io/usage/vpc-networking
\n\n[3] https://logz.io/blog/amazon-eks
\n\n[4] https://docs.aws.amazon.com/eks/latest/userguide/worker_node_IAM_role.html
\n\n5] https://eksctl.io/usage/iam-policies/
\n| 归档时间: |
|
| 查看次数: |
3749 次 |
| 最近记录: |