Aws Pod Identity provider ,not working #6392
Comments
vieerD
added
the
kind/feature
|
Having the same issue with this exact error message. |
|
/area provider/aws |
Hello mate, did you get this to work? I'm not getting the same error though, just curious if you ever got this to work with Pod Identity Association. Thanks. |
|
#6325 which is in 1.29.0 version should help. Cause https://docs.aws.amazon.com/eks/latest/userguide/pod-id-minimum-sdk.html |
|
Yes I have tried that in the meantime also. |
|
Now waiting for helm charts to catch up. :) |
|
@kappa8219, I have opened a PR #6475 for updating the helm chart. |
Thanks and I thumbed it up :) |
|
closing this issue, as PR #6475 is merged. |
|
/close |
|
@Shubham82: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Which component are you using?:
I am using aws pod identity provider , i gave admin rights to role , and able to access aws services using same service account
Auto - scaling
Is your feature request designed to solve a problem? If so describe the problem this feature should solve.:
Describe the solution you'd like.:
I would like to auth using pod identity agent
Describe any alternative solutions you've considered.:
Additional context.:
This error it shows
Ignoring, HTTP credential provider invalid endpoint host, "169.254.170.23", only loopback hosts are allowed.
This is my file
Name: cluster-autoscaler-6958ff4fc5-dbr6j
Namespace: kube-system
Priority: 2000000000
Priority Class Name: system-cluster-critical
Service Account: cluster-autoscaler
Node: ip-10-0-18-146.us-east-2.compute.internal/10.0.18.146
Start Time: Wed, 20 Dec 2023 23:30:51 +0530
Labels: app=cluster-autoscaler
pod-template-hash=6958ff4fc5
Annotations: prometheus.io/port: 8085
prometheus.io/scrape: true
Status: Running
SeccompProfile: RuntimeDefault
IP: 10.0.19.200
IPs:
IP: 10.0.19.200
Controlled By: ReplicaSet/cluster-autoscaler-6958ff4fc5
Containers:
cluster-autoscaler:
Container ID: containerd://38da2df28cda2122cdfcc35f11804964e2238b8e95d4c8b55cf9ddecfff84bdf
Image: registry.k8s.io/autoscaling/cluster-autoscaler:v1.26.2
Image ID: registry.k8s.io/autoscaling/cluster-autoscaler@sha256:fe25585a9b4bbf85bb3ee0ea4f84187683b9106f2838f28d8717a6fdacb84501
Port:
Host Port:
Command:
./cluster-autoscaler
--v=4
--stderrthreshold=info
--cloud-provider=aws
--skip-nodes-with-local-storage=false
--expander=least-waste
--balance-similar-node-groups
--skip-nodes-with-system-pods=false
--node-group-auto-discovery=asg:tag=k8s.io/cluster-autoscaler/enabled,k8s.io/cluster-autoscaler/my-cluster2
State: Terminated
Reason: Error
Exit Code: 255
Started: Wed, 20 Dec 2023 23:31:32 +0530
Finished: Wed, 20 Dec 2023 23:31:34 +0530
Last State: Terminated
Reason: Error
Exit Code: 255
Started: Wed, 20 Dec 2023 23:31:17 +0530
Finished: Wed, 20 Dec 2023 23:31:18 +0530
Ready: False
Restart Count: 2
Limits:
cpu: 100m
memory: 600Mi
Requests:
cpu: 100m
memory: 600Mi
Environment:
AWS_STS_REGIONAL_ENDPOINTS: regional
AWS_DEFAULT_REGION: us-east-2
AWS_REGION: us-east-2
AWS_CONTAINER_CREDENTIALS_FULL_URI: http://169.254.170.23/v1/credentials
AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE: /var/run/secrets/pods.eks.amazonaws.com/serviceaccount/eks-pod-identity-token
Mounts:
/etc/ssl/certs/ca-certificates.crt from ssl-certs (ro)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-qbnbj (ro)
/var/run/secrets/pods.eks.amazonaws.com/serviceaccount from eks-pod-identity-token (ro)
The text was updated successfully, but these errors were encountered: