You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I tried the following, which failed and had 2 major bugs
newblueprints.addons.EksPodIdentityAgentAddOn()//^-- my karpenter config depends on this, I also deplied thisnewblueprints.addons.KarpenterAddOn({version: "1.0.2",//https://github.com/aws/karpenter-provider-aws/releasesinstallCRDs: false,//temporarily needed for v1.0.2ec2NodeClassSpec: {amiFamily: "Bottlerocket",subnetSelectorTerms: [{tags: {"Name": `${config.id}/${config.id}-vpc/PrivateSubnet*`}}],securityGroupSelectorTerms: [{tags: {"aws:eks:cluster-name": `${config.id}`}}],detailedMonitoring: false,tags: config.tags,},nodePoolSpec: {requirements: [{key: 'topology.kubernetes.io/zone',operator: 'In',values: [`${config.vpc.availabilityZones[0]}`,`${config.vpc.availabilityZones[1]}`,`${config.vpc.availabilityZones[2]}`]},{key: 'kubernetes.io/arch',operator: 'In',values: ['amd64','arm64']},{key: 'karpenter.sh/capacity-type',operator: 'In',values: ['spot']},//spot for lower-envs],disruption: {//WhenUnderutilized is more agressive cost savings / slightly worse stabilityconsolidationPolicy: "WhenUnderutilized",//consolidateAfter: "30s", //<--not compatible with WhenUnderutilizedexpireAfter: "20m",budgets: [{nodes: "10%"}]}},interruptionHandling: true,podIdentity: true,values: {//https://github.com/aws/karpenter-provider-aws/tree/main/charts/karpenter#valuesreplicas: 1,}})
Expected Behavior
karpenter to work
(and AWS to offer better support for products they founded karpenter and eksblueprints for cdk are both founded by AWS rather than random members of the open source community. Karpenter's been 1.0.0 for a while now, it's surprising that this is still an issue.)
Current Behavior
What I originally tried (shown above) resulted in the following error
Error from server: error when creating "/tmp/manifest.yaml"conversion webhook for karpenter.sh/v1beta1, Kind=NodePool failed: Post: "https://karpenter.kube-system.svc:8443/conversaion/karpenter.sh?=timeout=30s" servicekarpenter not found.
To get cdk to at least allow me to successfully deploy my eks blueprints based stack, so I could debug it further, I simplified it to the following. After which I was able to at least deploy it, and investigate how it was broken:
newblueprints.addons.KarpenterAddOn({version: "1.0.2",//https://github.com/aws/karpenter-provider-aws/releasesinstallCRDs: false,//temporarily needed for v1.0.2interruptionHandling: true,podIdentity: true,values: {//https://github.com/aws/karpenter-provider-aws/tree/main/charts/karpenter#valuesreplicas: 1,}})
There's 2 problems / bugs with the above:
1st bug: It's creating a misconfigured CRD
Notice the error message mentions karpenter.kube-system.svc
That tells me it's looking for karpenter installed in kube-system namespace, while this add-on installs karpenter in the karpenter namespace.
I ran kubectl get crd ec2nodeclasses.karpenter.k8s.aws -o yaml
and saw the following relevant snippet of yaml, which tells me the generated CRD is generated incorrectly.
I wanted to attempt to work around the problem by telling the addon not to generate the broken crd, so I could implement a workaround fix, but this setting wasn't respected.
Reproduction Steps
install an eks blueprints based cluster
install any dependency addons (like pod identity agent) new blueprints.addons.EksPodIdentityAgentAddOn()
install karpenter addon with a config like this
newblueprints.addons.KarpenterAddOn({version: "1.0.2",//https://github.com/aws/karpenter-provider-aws/releasesinstallCRDs: false,//temporarily needed for v1.0.2interruptionHandling: true,podIdentity: true,values: {//https://github.com/aws/karpenter-provider-aws/tree/main/charts/karpenter#valuesreplicas: 1,}})
Possible Solution
This is a complicated issue, and may need to be fixed upstream. I'd recommend fixing it in phases / stages.
It'd be great if a fix for installCRDs: false could be prioritized, and I think that part is an eks blueprints specific bug/in scope of an issue that makes since to fix in this repo. (unless it is the upstream helm chart that's installing the crd?)
If that part were prioritized then manual workarounds would be easier to implement.
Observation: karpenter addon with version 1.1.0 (which refers to helm chart https://github.com/aws/karpenter-provider-aws/releases) installs against kube 1.31, only if no values are specified for ec2nodeclassspec & nodepooolspec.
(if you specify values for ec2nodeclassspec & nodepooolspec then karpenter addon with version 1.1.0 of helm chart will fail, I'm guessing because the objects get generated with the older api version)
Describe the bug
After seeing a helm chart release v1.0.2 on karpenter's upstream helmchart
https://github.com/aws/karpenter-provider-aws/releases
I tried the following, which failed and had 2 major bugs
Expected Behavior
Current Behavior
What I originally tried (shown above) resulted in the following error
To get cdk to at least allow me to successfully deploy my eks blueprints based stack, so I could debug it further, I simplified it to the following. After which I was able to at least deploy it, and investigate how it was broken:
There's 2 problems / bugs with the above:
karpenter.kube-system.svc
That tells me it's looking for karpenter installed in kube-system namespace, while this add-on installs karpenter in the karpenter namespace.
kubectl get crd ec2nodeclasses.karpenter.k8s.aws -o yaml
and saw the following relevant snippet of yaml, which tells me the generated CRD is generated incorrectly.
installCRDs: false
, was ignoredReproduction Steps
new blueprints.addons.EksPodIdentityAgentAddOn()
Possible Solution
This is a complicated issue, and may need to be fixed upstream. I'd recommend fixing it in phases / stages.
It'd be great if a fix for
installCRDs: false
could be prioritized, and I think that part is an eks blueprints specific bug/in scope of an issue that makes since to fix in this repo. (unless it is the upstream helm chart that's installing the crd?)If that part were prioritized then manual workarounds would be easier to implement.
Additional Information/Context
Here's the upstream repos if it helps:
https://github.com/aws/karpenter-provider-aws/blob/v1.0.2/charts/karpenter/Chart.yaml
Karpenter conversion webhooks do not work on chart version 1.0.2 aws/karpenter-provider-aws#6982
CDK CLI Version
2.133.0 (build dcc1e75)
EKS Blueprints Version
1.15.1
Node.js Version
v20.17.0
Environment details (OS name and version, etc.)
Mac OS Sonoma 14.6.1
Other information
No response
The text was updated successfully, but these errors were encountered: