-
Notifications
You must be signed in to change notification settings - Fork 560
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EKS Addon install missing AWS_DEFAULT_REGION #1476
Comments
/assign |
Hi @philnichol , I was able to reproduce this issue in v2.0.7-eksbuild.1, but it no longer occurs in v2.0.8-eksbuild.1. Should we proceed with marking this issue as resolved, or is there anything else you'd like to add? |
Hey @rayl15 thanks for looking into this! If it's fixed then I'll mark it as resolved. |
I am able to reproduce this in v2.0.8 also with Al2023 Node group, I am working on fixing it and let you know once I have the fix out. |
Hi @philnichol, are you able to resolve this with v2.0.8? |
@mskanth972 I can see the issue is still present on 2.0.8, I'll reopen this |
I added |
That's great, thanks @mskanth972 for the quick fix and @rayl15 for taking a look! |
/kind bug
Thanks in advance for looking into this, and thanks for maintaining this great project :)
What happened?
When I install the EKS Addon (tested via terraform or AWS console), with
deleteAccessPointRootDir = true
, IRSA configured, and restrict access to IMDS, when I delete a pvc, I see these errors in my logs, and the PVC never gets deletedWhat you expected to happen?
I expect the EKS Addon to work out of the box.
How to reproduce it (as minimally and precisely as possible)?
This assumes you've restricted access to IMDS from your pods (by setting a hop limit). Docs here.
Install the efs-csi-driver EKS Addon on a cluster with
deleteAccessPointRootDir = true
, with an IRSA service accountTail the logs (in a separate terminal)
kubectl logs deployment/efs-csi-controller -f -n kube-system
Create a storageClass, PVC and pod (dynamic provisioning)
kubectl apply -f test.yaml
kubectl delete -f test.yaml
Anything else we need to know?:
The reason this happens is because when the driver is installed installed via EKS Addon, the
efs-plugin
container has theAWS_REGION
environment variable set.With how IRSA works, if there's already an
AWS_REGION
variable, it doesn't add theAWS_DEFAULT_REGION
variable that the container needs to see what region it's in without calling out to IMDS. At a glance it doesn't look like this would affect people installing via Helm or kustomize.This should be simple to fix, either:
AWS_DEFAULT_REGION
variable explicitly also.Could possibly relate to:
Environment
kubectl version
):v2.0.7-eksbuild.1
Please also attach debug logs to help us better diagnose
The text was updated successfully, but these errors were encountered: