Terraform-aws-eks: Attempt to post to localhost instead of EKS for kube-system/configmaps

Created on 3 Jan 2020  路  5Comments  路  Source: terraform-aws-modules/terraform-aws-eks

I'm submitting a...

  • [x] bug report
  • [ ] feature request
  • [ ] support request - read the FAQ first!
  • [ ] kudos, thank you, warm fuzzy

What is the current behavior?

module.eks.aws_eks_node_group.workers["attractive-sculpture-workers"]: Creation complete after 2m27s [id=attractive-sculpture:attractive-sculpture-attractive-sculpture-workers-precise-husky]

Error: Post http://localhost/api/v1/namespaces/kube-system/configmaps: dial tcp [::1]:80: connect: connection refused

  on .terraform/modules/eks/aws_auth.tf line 55, in resource "kubernetes_config_map" "aws_auth":
  55: resource "kubernetes_config_map" "aws_auth" {

If this is a bug, how to reproduce? Please include a code sample if relevant.

export TF_VAR_region=us-west-2
export TF_VAR_eks_cluster_name=attractive-sculpture
export KUBECONFIG=$PROJECT_HOME/kubeconfig-attractive-sculpture
terraform init && terraform apply

main.tf

variable "eks_cluster_name" {}
variable "region" {}
variable "instance_type" {
  default = "t3.medium"
}

data "aws_availability_zones" "available" {}

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "2.21.0"

  name                 = "ekstf-vpc"
  cidr                 = "192.168.0.0/16"
  azs                  = data.aws_availability_zones.available.names
  private_subnets      = ["192.168.160.0/19", "192.168.128.0/19", "192.168.96.0/19"]
  public_subnets       = ["192.168.64.0/19", "192.168.32.0/19", "192.168.0.0/19"]
  enable_nat_gateway   = true
  single_nat_gateway   = true
  enable_dns_hostnames = true

  tags = {
    "kubernetes.io/cluster/${var.eks_cluster_name}" = "shared",
  }

  public_subnet_tags = {
    "kubernetes.io/cluster/${var.eks_cluster_name}" = "shared"
    "kubernetes.io/role/elb"                        = "1"
  }

  private_subnet_tags = {
    "kubernetes.io/cluster/${var.eks_cluster_name}" = "shared"
    "kubernetes.io/role/internal-elb"               = "1"
  }
}

module "eks" {
  source       = "github.com/terraform-aws-modules/terraform-aws-eks"
  cluster_name = var.eks_cluster_name
  subnets      = module.vpc.private_subnets
  vpc_id       = module.vpc.vpc_id

  node_groups = [
    {
      name          = "${var.eks_cluster_name}-workers"
      instance_type = var.instance_type

      node_group_desired_capacity = length(data.aws_availability_zones.available.names)
      node_group_max_capacity     = 4
      node_group_min_capacity     = 2
    }
  ]
}

proivider.tf

provider "aws" {
  version = ">= 2.43.0"
  region  = var.region
}

provider "random" {
  version = "~> 2.2.1"
}

provider "local" {
  version = "~> 1.4.0"
}

provider "null" {
  version = "~> 2.1.2"
}

provider "template" {
  version = "~> 2.1.2"
}

What's the expected behavior?

A cluster would get created.

Are you able to fix this problem and submit a PR? Link here if you have already.

no

Environment details

  • Affected module version:github.com/terraform-aws-modules/terraform-aws-eks (commit: ab412fb060a4ce329a36008aa4f6ccdfba3a9868
  • OS: Mac OS X 10.14.6
  • Terraform version: v0.12.18

Any other relevant info

picture darkn3rd

Most helpful comment

Hi. Check out the usage example in the README. You need to configure the kubernetes provider.

picture dpiddockcmp on 4 Jan 2020
👍21

All 5 comments

Hi. Check out the usage example in the README. You need to configure the kubernetes provider.

dpiddockcmp picture dpiddockcmp on 4 Jan 2020
👍21

I saw that, but I didn't know it was explicitly required. When I used the 7.0.1 from Terraform repository, I didn't run into this problem. Only from master. Closing for now, unless anyone thinks this is an actual bug.

darkn3rd picture darkn3rd on 7 Jan 2020

Still an issue with kubernetes provider set

nick4fake picture nick4fake on 20 Feb 2020

This occurs when upgrading, and configuring the provider does not help. The host seems to be empty, causing errors when the provider tries to dial localhost....

data "aws_eks_cluster" "cluster" {
  name = module.eks.cluster_id
}

data "aws_eks_cluster_auth" "cluster" {
  name = module.eks.cluster_id
}

provider "kubernetes" {
  host                   = data.aws_eks_cluster.cluster.endpoint
  cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
  token                  = data.aws_eks_cluster_auth.cluster.token
  load_config_file       = false
  version                = "1.10"
}
acuteaura picture acuteaura on 27 Feb 2020
👍1

This is a bug in the provider. They tried to fix it in 1.11.0 and totally broke everyone's workflow of dynamically configuring the provider from data sources: https://github.com/terraform-providers/terraform-provider-kubernetes/issues/759

dpiddockcmp picture dpiddockcmp on 27 Feb 2020
👀1 😕1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

bshelton229 picture bshelton229  路  4Comments
max-rocket-internet picture max-rocket-internet  路  3Comments
mojochao picture mojochao  路  3Comments
tnimni picture tnimni  路  3Comments
linxcat picture linxcat  路  4Comments