Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[aws-eks] Private Cluster not getting created after specifying subnets public SubnetIDs

See original GitHub issue

Reproduction Steps

Running the following section in CDK returns

Lambda Functions in a public subnet can NOT access the internet. If you are aware of this limitation and would still like to place the function int a public subnet, set `allowPublicSubnet` to true

Python script

        vpc = ec2.Vpc.from_lookup(self, "VPC",
            vpc_id = "vpc-12345678"
        )

        eks_cluster = eks.Cluster(self, "EKS_Cluster",
            endpoint_access=eks.EndpointAccess.PRIVATE,
            default_capacity=0,
            version=eks.KubernetesVersion.V1_17,
            cluster_name="micro-k8s-dev",
            vpc=vpc,
            vpc_subnets=[ec2.SubnetSelection(subnets=[
                ec2.Subnet.from_subnet_id(self, 'nonprod-vm-pub-a', 'subnet-2jh3j2h34jh234jhjh')],
                ec2.Subnet.from_subnet_id(self, 'nonprod-vm-pub-b', 'subnet-2jh3j2h34jh234jhjh'),
                ec2.Subnet.from_subnet_id(self, 'nonprod-k8s-pri-a', 'subnet-2jh3j2h34jh234jhjh'),
                ec2.Subnet.from_subnet_id(self, 'nonprod-k8s-pri-b', 'subnet-2jh3j2h34jh234jhjh')],
]]
            )

What did you expect to happen?

Cluster is created successfully

What actually happened?

Following error

Lambda Functions in a public subnet can NOT access the internet. If you are aware of this limitation and would still like to place the function int a public subnet, set `allowPublicSubnet` to true

Environment

CDK CLI Version : 1.73.0
OS : MacOS Catalina
Language (Version): Python (3.8.2)

This is 🐛 Bug Report

Issue Analytics

State:
Created 3 years ago
Comments:16 (7 by maintainers)

Top GitHub Comments

1reaction

shrivastavshubham34commented, Nov 24, 2020

Hey, you were right I was encountering the 2nd issue, the fix mentioned solved it!

0reactions

iliapolocommented, Nov 28, 2020

@shrivastavshubham34 of course 😃

Top Results From Across the Web

Amazon EKS VPC and subnet requirements and considerations

When you create a cluster, the VPC that you specify must meet the following requirements and considerations: The VPC must have a sufficient...

Creating an Amazon EKS cluster - 亚马逊云科技

Learn how to create an Amazon EKS cluster. ... If you'd rather specify public subnets, you can change --vpc-private-subnets to --vpc-public-subnets .

Create a simple EKS cluster - DEV Community ‍ ‍

The subnets can be a public or private in our case will create public ... Kubernetes clusters managed by Amazon EKS make calls...

VPC and Subnet Considerations - EKS Best Practices Guides

EKS places a X-ENI in each subnet specified during cluster create (also called ... When both the public and private endpoints are enabled,...

EKS Fully-Private Cluster - eksctl

eksctl supports creation of fully-private clusters that have no outbound ... be specified and it's an error to specify subnets under vpc.subnets.public ....