[aws-eks] Cluster is not able to use an existing VPC
See original GitHub issueWhen trying to create an EKS Cluster and use an existing VPC, I get the error: There are no ‘Public’ subnet groups in this VPC. Available types.
The referenced VPC has been created using the following snippet:
new ec2.Vpc(this, 'VPC1-Default', {
cidr: '10.0.0.0/20',
maxAzs: 3
});
This creates a VPC with 2 public and 2 private subnets.
Now I tried the EKS example, where a vpc and an eks are created within the same stack. This works. Now I tried creating a second EKS cluster in a separate stack, referencing that same vpc that the other eks cluster is using and I’m getting the same error.
Reproduction Steps
const vpc = new ec2.Vpc(this, 'EKSVpc');
eksCluster = new eks.Cluster(this, 'Cluster1', {
clusterName: `cluster1`,
version: 1.14,
vpc: vpc
}
This works fine. Then I create a second eks in a separate stack:
const vpc = ec2.Vpc.fromVpcAttributes(this, 'EKSVPC', {
vpcId: 'vpc-xxxxxxxxxx', // this is the vpc-id from the first stack
availabilityZones: ['eu-central-1b', 'eu-central-1c']
})
eksCluster = new eks.Cluster(this, 'Cluster2', {
clusterName: `cluster2`,
version: 1.14,
vpc: vpc
}
This does not work!!!
What worked at the end was explicitly providing the subnet ids and route table Ids, like this:
const vpc = ec2.Vpc.fromVpcAttributes(this, 'EKSVPC', {
vpcId: 'vpc-xxxxxxxxxx', // this is the vpc-id from the first stack
availabilityZones: ['eu-central-1b', 'eu-central-1c']
})
eksCluster = new eks.Cluster(this, 'Cluster2', {
clusterName: `cluster2`,
version: 1.14,
vpc: vpc,
vpcSubnets: [
{
subnets: [
ec2.Subnet.fromSubnetAttributes(this, 'PublicSubnet1a', {
availabilityZone: "eu-central-1a",
subnetId: cdk.Fn.importValue("VPC1PublicSubnet1a"),
routeTableId: cdk.Fn.importValue("VPC1PublicSubnet1aRouteTable")
}),
.....
]
}]
}
Error Log
There are no ‘Public’ subnet groups in this VPC. Available types:
Environment
- ** CLI Version: 1.17.7
- ** Language: Typescript
- ** aws-cdk: 1.22.0 (build 309ac1b)
Other
This seems like a bug to me, since providing a vpc id can (should) be the only thing I need to reference a VPC. In this case the user is saying just create it here and I don’t care where
This is 🐛 Bug Report
Issue Analytics
- State:
- Created 4 years ago
- Reactions:2
- Comments:9 (9 by maintainers)
Top GitHub Comments
OK. Now I understand what the confusion is 😃.
The CDK has 2 ways of referencing existing resources. The first one are methods like
fromXyzName
,fromXyzArn
,fromXyzAttributes
. Those simply assume the thing you’ve passed us exist, and don’t do any checks, nor any service calls.Vpc.fromVpcAttributes()
that you used belongs to this family. That’s why you have to give us the subnet IDs. Another way of thinking about it is the information is strictly at compile time.The other methods are those that are called
fromLookup
. How that works, is that the first time you use it, it will require AWS credentials to be present, and it will perform actual service calls to discover your resources. It will then cache that information in thecdk.context.json
file, which you are expected to commit to version control. If the information is cached, no further network calls are required.However, since you’re creating and using the VPC in the same app, that is not the best way to do that. You should simply pass the VPC object to the other stack.
Sure:
And you use them like so in your CDK entry point:
Hope this helps!
Thanks, Adam
ok. Thanks for the explanation. I’ll try to create some documentation PRs the next couple of days.