Hello
I am having difficulties in bringing an EKS cluster back into compliance
Cluster:
I have an eks cluster with :
ii. Network 4/5/6 are in an RB routing table with a 0.0.0.0/0 that refers to a NAT Gateway (+ other routes to my company network)
-
4 cluster nodegroupe with networks 4/5/6 used for worker nodes
-
My EKS cluster has a Public and Private API ( => From a node, when I do a DNS resolution I do see a private IP)
Target:
EKS cluster with :
- 6 EKS Plane Control Networks (network 1-6)
i. Network 1/2/3 in a RA routing table with a 0.0.0.0/0 that refers to an Internet Gateway
ii. Network 4/5/6 also in the RA routing table
i. Nodegroupe 1 : Use networks 10 and should be in the RC routing table with 0.0.0.0/0 which refers to a new NAT Gateway (+ other routes to my company network)
ii. Nodegroupe 2 : Use networks 11 and should be in the RC routing table with 0.0.0.0/0 which refers to a new NAT Gateway (+ other routes to my company network)
iii. Nodegroupe 3 : Use networks 12 and should be in the RC routing table with 0.0.0.0/0 which refers to a new NAT Gateway (+ other routes to my company network)
iiii. Nodegroupe 4 : Use networks 13 and should be in the RC routing table with 0.0.0.0/0 which refers to a new NAT Gateway (+ other routes to my company network)
Problem
When creating a new nodegroup to replace an existing one, I indicate network 10/11/12 or 13
The RC routing table is OK with the NAT Gateway
Problem: the node can't join the cluster (error message: Instances failed to join the kubernetes cluster)
I can see the EC2 instance being created in the right network 10/11/12 or 13
I don't understand the problem, why the nodes in this network 10/11/12 or 13 can't join the API cluster through the ENI in network 1-6?
When I create a new nodegroup and I indicate a network 1-6 (network on route table RA or RB) it works without problem
Sincerely
AWS OFFICIALAktualisiert vor 3 Monaten