InvalidParameterException:不支持指定的加载项版本



我已经尝试部署自管理节点EKS集群一段时间了,但没有成功。我现在遇到的错误是EKS插件:

错误:创建EKS加载项时出错(DevOpsLabs2b dev-test--EKS:kube proxy(:InvalidParameterException:不支持指定的加载项版本,AddonName:"kube proxy";,集群名称:";DevOpsLabs2b开发测试-eks";,消息_:"不支持指定的加载项版本"}带模块.eks-ssp kubernetes插件。模块.aws_kube_proxy[0]。aws_eks_addon.kube_proxy在.terraform/modules/eks-ssp kubernetes addons/modules/kubenetes addions/aws kube proxy/main.tf行19中;aws_eks_addon"kube_proxy":

coredns也会重复此错误,但ebs_csi_driver抛出:

错误:创建过程中返回意外的EKS加载项(DevOpsLabs2b dev-test--EKS:aws-ebs-csi-driver(状态:等待状态变为"活动"时超时(最后一个状态:"DEGRADED",超时:20m0s([警告]再次运行terraform apply将删除kubernetes加载项并尝试再次创建它,有效地清除以前的加载项配置

我的main.tf看起来像这样:

terraform {
backend "remote" {}
required_providers {
aws = {
source  = "hashicorp/aws"
version = ">= 3.66.0"
}
kubernetes = {
source  = "hashicorp/kubernetes"
version = ">= 2.7.1"
}
helm = {
source  = "hashicorp/helm"
version = ">= 2.4.1"
}
}
}
data "aws_eks_cluster" "cluster" {
name = module.eks-ssp.eks_cluster_id
}
data "aws_eks_cluster_auth" "cluster" {
name = module.eks-ssp.eks_cluster_id
}
provider "aws" {
access_key = "xxx"
secret_key = "xxx"
region     = "xxx"
assume_role {
role_arn = "xxx"
}
}
provider "kubernetes" {
host                   = data.aws_eks_cluster.cluster.endpoint
cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
token                  = data.aws_eks_cluster_auth.cluster.token
}
provider "helm" {
kubernetes {
host                   = data.aws_eks_cluster.cluster.endpoint
token                  = data.aws_eks_cluster_auth.cluster.token
cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
}
}

我的eks.tf看起来像这样:

module "eks-ssp" {
source = "github.com/aws-samples/aws-eks-accelerator-for-terraform"
# EKS CLUSTER
tenant            = "DevOpsLabs2b"
environment       = "dev-test"
zone              = ""
terraform_version = "Terraform v1.1.4"
# EKS Cluster VPC and Subnet mandatory config
vpc_id             = "xxx"
private_subnet_ids = ["xxx","xxx", "xxx", "xxx"]
# EKS CONTROL PLANE VARIABLES
create_eks         = true
kubernetes_version = "1.19"
# EKS SELF MANAGED NODE GROUPS
self_managed_node_groups = {
self_mg = {
node_group_name        = "DevOpsLabs2b"
subnet_ids             = ["xxx","xxx", "xxx", "xxx"]
create_launch_template = true
launch_template_os     = "bottlerocket"       # amazonlinux2eks  or bottlerocket or windows
custom_ami_id          = "xxx"
public_ip              = true                   # Enable only for public subnets
pre_userdata           = <<-EOT
yum install -y amazon-ssm-agent 
systemctl enable amazon-ssm-agent && systemctl start amazon-ssm-agent 
EOT
disk_size     = 10
instance_type = "t2.small"
desired_size  = 2
max_size      = 10
min_size      = 0
capacity_type = "" # Optional Use this only for SPOT capacity as  capacity_type = "spot"
k8s_labels = {
Environment = "dev-test"
Zone        = ""
WorkerType  = "SELF_MANAGED_ON_DEMAND"
}
additional_tags = {
ExtraTag    = "t2x-on-demand"
Name        = "t2x-on-demand"
subnet_type = "public"
}
create_worker_security_group = false # Creates a dedicated sec group for this Node Group
},
}
}
module "eks-ssp-kubernetes-addons" {
source = "github.com/aws-samples/aws-eks-accelerator-for-terraform//modules/kubernetes-addons"
eks_cluster_id                        = module.eks-ssp.eks_cluster_id
# EKS Addons
enable_amazon_eks_vpc_cni             = true
enable_amazon_eks_coredns             = true
enable_amazon_eks_kube_proxy          = true
enable_amazon_eks_aws_ebs_csi_driver  = true
#K8s Add-ons
enable_aws_load_balancer_controller   = true
enable_metrics_server                 = true
enable_cluster_autoscaler             = true
enable_aws_for_fluentbit              = true
enable_argocd                         = true
enable_ingress_nginx                  = true
depends_on = [module.eks-ssp.self_managed_node_groups]
}

我到底错过了什么?

K8s有时很难做到正确。Github上的示例显示为1.21[1]版本。正因为如此,如果你只留下这个:

enable_amazon_eks_vpc_cni             = true
enable_amazon_eks_coredns             = true
enable_amazon_eks_kube_proxy          = true
enable_amazon_eks_aws_ebs_csi_driver  = true
#K8s Add-ons
enable_aws_load_balancer_controller   = true
enable_metrics_server                 = true
enable_cluster_autoscaler             = true
enable_aws_for_fluentbit              = true
enable_argocd                         = true
enable_ingress_nginx                  = true

默认情况下下载的图像将是K8s版本1.21的图像,如[2]所示。如果您真的需要使用K8s版本1.19,那么您必须为该版本找到相应的Helm图表。下面是一个如何配置所需图像的示例[3]:

amazon_eks_coredns_config = {
addon_name               = "coredns"
addon_version            = "v1.8.4-eksbuild.1"
service_account          = "coredns"
resolve_conflicts        = "OVERWRITE"
namespace                = "kube-system"
service_account_role_arn = ""
additional_iam_policies  = []
tags                     = {}
}

但是,此处的CoreDNS版本(addon_version = v1.8.4-eksbuild.1(与K8s1.21一起使用。要检查1.19所需的版本,请转到此处[4]。TL;DR:您需要指定的CoreDNS版本是1.8.0。为了使附加组件适用于1.19、CoreDNS(以及其他基于映像版本的附加组件(,您必须有这样的代码块:

enable_amazon_eks_coredns             = true
# followed by
amazon_eks_coredns_config = {
addon_name               = "coredns"
addon_version            = "v1.8.0-eksbuild.1"
service_account          = "coredns"
resolve_conflicts        = "OVERWRITE"
namespace                = "kube-system"
service_account_role_arn = ""
additional_iam_policies  = []
tags                     = {}
}

对于其他EKS加载项,您可以在此处找到更多信息[5]。如果您单击Name列中的链接,它将直接引导您进入AWS EKS文档,其中包含AWS当前支持的EKS版本所支持的附加图像版本(1.17-1.21(。

最后,但并非最不重要的是,一个友好的建议:永远不要通过对provider块中的访问密钥和秘密访问密钥进行硬编码来配置AWS提供商。使用命名配置文件[6],或者只使用默认配置文件。而不是你目前拥有的区块:

provider "aws" {
access_key = "xxx"
secret_key = "xxx"
region     = "xxx"
assume_role {
role_arn = "xxx"
}
}

切换到:

provider "aws" {
region   = "yourdefaultregion"
profile  = "yourprofilename"
}

[1]https://github.com/aws-samples/aws-eks-accelerator-for-terraform/blob/main/examples/eks-cluster-with-eks-addons/main.tf#L62

[2]https://github.com/aws-samples/aws-eks-accelerator-for-terraform/blob/main/modules/kubernetes-addons/aws-kube-proxy/local.tf#L5

[3]https://github.com/aws-samples/aws-eks-accelerator-for-terraform/blob/main/examples/eks-cluster-with-eks-addons/main.tf#L148-L157

[4]https://docs.aws.amazon.com/eks/latest/userguide/managing-coredns.html

[5]https://github.com/aws-samples/aws-eks-accelerator-for-terraform/blob/main/docs/add-ons/managed-add-ons.md

[6]https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html

相关内容

  • 没有找到相关文章

最新更新