- Newest
- Most votes
- Most comments
Checking with my colleague, he had edited the vpc-cni addon out-of-band (to let pods operate with security groups). The original CDK code instantiated the CfnAddon constructs without a ResolveConflcts mode, so it defaulted to NONE. And NONE will make the addon "resist" changes coming from CDK/CloudFormation thus the resource update error.
To break out of this failed state, the vpc-cni addon has to be manually edited in the EKS console Add-ons page, setting its Conflict resolution method to Overwrite in order to let the stack perform the rollback properly (UPDATE_ROLLBACK_COMPLETE).
The next stack update then has to include a change to the CfnAddon constructs with ResolveConflicts = PRESERVE.
var coreDns = new CfnAddon(this, "coreDns", new CfnAddonProps
{
AddonName = "coredns",
ClusterName = this.Cluster.ClusterName,
ResolveConflicts = "PRESERVE"
});
var vpcCni = new CfnAddon(this, "vpcCni", new CfnAddonProps
{
AddonName = "vpc-cni",
ClusterName = this.Cluster.ClusterName,
ResolveConflicts = "PRESERVE"
});
var kubeProxy = new CfnAddon(this, "kubeProxy", new CfnAddonProps
{
AddonName = "kube-proxy",
ClusterName = this.Cluster.ClusterName,
ResolveConflicts = "PRESERVE"
});
This way future updates to the stack won't hit the same roadblock.
Relevant content
- asked 8 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 4 months ago