Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(kubetest2/eksapi): Fix 'unmanaged-nodegroup-efa.yaml' by removing references to SSHKeyPair #532

Merged
merged 2 commits into from
Dec 24, 2024
Merged

fix(kubetest2/eksapi): Fix 'unmanaged-nodegroup-efa.yaml' by removing references to SSHKeyPair #532

merged 2 commits into from
Dec 24, 2024

Conversation

mattcjo
Copy link
Contributor

@mattcjo mattcjo commented Dec 24, 2024

Issue #, if available:

Description of changes:
Remove references of SSHKeyPair in kubetest2/internal/deployers/eksapi/templates/unmanaged-nodegroup-efa.yaml which was causing the following error

Error: operation error CloudFormation: CreateStack, https response error StatusCode: 400, RequestID: 348672d1-12ce-4201-8f32-495f2198ae6b, api error ValidationError: Parameters: [SSHKeyPair] must have values

Testing
Successfully ran kubetest2 to create new cluster with two trn1.32xlarge nodes utilizing template kubetest2/internal/deployers/eksapi/templates/unmanaged-nodegroup-efa.yaml

docker run --rm -it \
  -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
  -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
  -e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \
  -e AWS_DEFAULT_REGION=${AWS_DEFAULT_REGION} \
  -e AWS_PAGER="" \
  -v ${HOME}/.kube:/root/.kube \
  -v ${PWD}:/workspace \
  -w /workspace \
  aws-k8s-tester/kubetest2:fix-sshkeypair-1.31 \
  kubetest2 eksapi \
    --kubernetes-version ${KUBERNETES_VERSION} \
    --region ${REGION} \
    --instance-types ${INSTANCE_TYPE} \
    --unmanaged-nodes \
    --efa \
    --capacity-reservation \
    --node-creation-timeout ${NODE_CREATION_TIMEOUT} \
    --node-ready-timeout ${NODE_READY_TIMEOUT} \
    --emit-metrics \
    --ami ${AMI_ID} \
    --nodes=${NODE_COUNT} \
    --up \
    --user-data-format=${USER_DATA_FORMAT}
I1224 21:55:10.560614      15 app.go:61] The files in RunDir shall not be part of Artifacts
I1224 21:55:10.560741      15 app.go:62] pass rundir-in-artifacts flag True for RunDir to be part of Artifacts
I1224 21:55:10.560764      15 app.go:64] RunDir for this run: "/workspace/_rundir/${RUN_ID}"
I1224 21:55:10.563504      15 app.go:136] ID for this run: "${RUN_ID}"
I1224 21:55:10.563774      15 deployer.go:251] Using default IP family: ipv4
I1224 21:55:10.563793      15 deployer.go:275] Using default node name strategy: EC2PrivateDNSName
I1224 21:55:11.066714      15 infra.go:110] creating infrastructure stack with AZs: [${AZS}]
I1224 21:55:11.066757      15 infra.go:144] creating infrastructure stack...
I1224 21:55:11.609940      15 infra.go:149] waiting for infrastructure stack to be created: arn:aws:cloudformation:${REGION}:${ACCOUNT_ID}:stack/${STACK_NAME}/${STACK_ID}
I1224 21:58:11.334955      15 infra.go:159] getting infrastructure stack resources: arn:aws:cloudformation:${REGION}:${ACCOUNT_ID}:stack/${STACK_NAME}/${STACK_ID}
I1224 21:58:11.428756      15 infra.go:164] created infrastructure: &{vpc:${VPC_ID} subnetsPublic:[${SUBNET_PUBLIC_IDS}] subnetsPrivate:[${SUBNET_PRIVATE_IDS}] clusterRoleARN:arn:aws:iam::${ACCOUNT_ID}:role/${CLUSTER_ROLE_NAME} nodeRoleARN:arn:aws:iam::${ACCOUNT_ID}:role/${NODE_ROLE_NAME} nodeRoleName:${NODE_ROLE_NAME}}
I1224 21:58:11.428848      15 cluster.go:45] creating cluster...
I1224 21:58:13.469796      15 cluster.go:104] waiting for cluster to be active: ${CLUSTER_NAME}
    --user-data-format=${USER_DATA_FORMAT}
I1224 22:09:54.192255      15 cluster.go:109] cluster details: &{AccessConfig:<masked> Arn:<masked> CertificateAuthority:<masked> Endpoint:${CLUSTER_ENDPOINT} RoleArn:${CLUSTER_ROLE_ARN} Status:ACTIVE ...}
I1224 22:09:54.192390      15 cluster.go:113] cluster is active: arn:aws:eks:${REGION}:${ACCOUNT_ID}:cluster/${CLUSTER_NAME}
I1224 22:09:54.192463      15 kubeconfig.go:53] writing kubeconfig to /workspace/_rundir/${RUN_ID}/kubeconfig for cluster: arn:aws:eks:${REGION}:${ACCOUNT_ID}:cluster/${CLUSTER_NAME}
I1224 22:09:54.192956      15 kubeconfig.go:77] wrote kubeconfig: /workspace/_rundir/${RUN_ID}/kubeconfig
---
apiVersion: v1
kind: Config
clusters:
- cluster:
    certificate-authority-data: ${CERTIFICATE_AUTHORITY_DATA}
    server: ${CLUSTER_ENDPOINT}
  name: arn:aws:eks:${REGION}:${ACCOUNT_ID}:cluster/${CLUSTER_NAME}
contexts:
- context:
    cluster: arn:aws:eks:${REGION}:${ACCOUNT_ID}:cluster/${CLUSTER_NAME}
    user: arn:aws:eks:${REGION}:${ACCOUNT_ID}:cluster/${CLUSTER_NAME}
  name: arn:aws:eks:${REGION}:${ACCOUNT_ID}:cluster/${CLUSTER_NAME}
current-context: arn:aws:eks:${REGION}:${ACCOUNT_ID}:cluster/${CLUSTER_NAME}
preferences: {}
users:
- name: arn:aws:eks:${REGION}:${ACCOUNT_ID}:cluster/${CLUSTER_NAME}
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1beta1
      command: aws
      args:
      - eks
      - get-token
      - --cluster-name
      - ${CLUSTER_NAME}
I1224 22:09:54.194406      15 k8s.go:134] generated AuthMapRole
- username: system:node:{{EC2PrivateDNSName}}
  groups:
    - system:bootstrappers
    - system:nodes
  rolearn: arn:aws:iam::${ACCOUNT_ID}:role/${NODE_ROLE_NAME}
I1224 22:09:55.484874      15 node.go:149] using instance types: [${INSTANCE_TYPE}]
I1224 22:09:55.484913      15 node.go:417] creating unmanaged nodegroup with EFA stack...
I1224 22:09:55.650136      15 node.go:653] Using capacity reservation: ${CAPACITY_RESERVATION_ID}
I1224 22:09:55.816404      15 node.go:673] Using subnet: ${SUBNET_PRIVATE_ID}
I1224 22:09:56.563722      15 node.go:499] waiting for unmanaged nodegroup with EFA to be created: arn:aws:cloudformation:${REGION}:${ACCOUNT_ID}:stack/${STACK_NAME_UNMANAGED}/${STACK_ID_UNMANAGED}
I1224 22:13:05.388553      15 node.go:509] created unmanaged nodegroup with EFA stack: arn:aws:cloudformation:${REGION}:${ACCOUNT_ID}:stack/${STACK_NAME_UNMANAGED}/${STACK_ID_UNMANAGED}
I1224 22:13:05.388578      15 node.go:589] verifying AMI is ${AMI_ID} for ASG: ${ASG_NAME}
I1224 22:13:05.762699      15 node.go:603] verifying AMI for instances: [${INSTANCE_IDS}]
I1224 22:13:06.197777      15 node.go:621] ASG instances are using expected AMI: ${AMI_ID}
I1224 22:13:06.197801      15 k8s.go:53] waiting up to ${NODE_READY_TIMEOUT} for ${NODE_COUNT} node(s) to be ready...
I1224 22:13:06.598284      15 k8s.go:94] ${NODE_COUNT} node(s) are ready: map[${NODE_NAMES}]
I1224 22:13:07.105471      15 logs.go:38] --log-bucket is empty, no logs will be gathered!
I1224 22:13:07.373600      15 cloudwatch.go:79] emitted ${METRIC_COUNT} metrics to namespace: ${METRIC_NAMESPACE}

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@mattcjo mattcjo merged commit 72ebc98 into aws:main Dec 24, 2024
5 checks passed
@mattcjo mattcjo deleted the fix/ssh-key-pair branch December 24, 2024 22:28
mattcjo added a commit to mattcjo/aws-k8s-tester that referenced this pull request Dec 24, 2024
@mattcjo
fix(kubetest2/eksapi): Fix 'unmanaged-nodegroup-efa.yaml' by removing…
6c80e43 
… references to SSHKeyPair (aws#532)

* Fix 'unmanaged-nodegroup-efa.yaml' by removing references to SSHKeyPair

* Delete /_artifacts and /_rundir directories and add to '.gitignore'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Issacwww Issacwww Issacwww approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mattcjo @Issacwww