Need help?

Our experts have had an average response time of 12.14 minutes in September 2021 to fix urgent issues.

We will keep your servers stable, secure, and fast at all times for one fixed price.

How to resolve: Cluster creation errors in Amazon EKS

by | Sep 5, 2021

Stuck with cluster creation errors in Amazon EKS? We can help you with this!

As a part of our AWS Support Services, we often receive similar requests from our AWS customers.

Today, let’s see the steps followed by our Support Techs to help our customers to fix cluster creation errors in Amazon EKS.

 

Cluster creation errors in Amazon EKS

 

Now let’s see the steps to resolve different types of cluster creation errors:

  1. We should follow the below steps in two sections if we receive an error message stating that resource creation failed.

 

Correct IAM permissions to create a cluster

 

We need to verify that we have the correct AWS IAM permissions while creating a cluster, including the correct policies for the Amazon EKS service IAM role.

To create the prerequisite resources like security groups and IAM roles, we can use eksctl.

For example, we could have receive an error  in eksctl as follows, if our cluster has issues with IAM permissions:

API: iam:CreateRole User: arn:aws:iam::your-account-id:user/your-user-name is not authorized to perform: iam:CreateRole on resource: arn:aws:iam::your-account-id:role/eksctl-newtest22-cluster-ServiceRole-10NXBYLSN4ULP

 

Monitoring Amazon VPC resources

 

If we don’t specify our own custom Amazon VPC and subnets in the configuration file, eksctl creates a new Amazon VPC by default when we create a cluster.

We could have receive an error as follows if the cluster has issues with your Amazon VPC limits:

The maximum number of VPCs has been reached. (Service: AmazonEC2; Status Code: 400; Error Code: VpcLimitExceeded; Request ID: a12b34cd-567e-890-123f-ghi4j56k7lmn)

For fixing this issue we need to monitor our resources, like the number of Amazon VPCs in our AWS Region .

Follow any of the below options if we have an issue with resource constraints on the number of Amazon VPC resources in our Region.

Option 1: To resolve the issue with resource constraints, we can use an existing Amazon VPC.

Run the following command to create a configuration file that specifies the VPC and the subnets.

$ eksctl create cluster sample-cluster -f cluster.yaml

Option 2:  To resolve the issue with resource constraints, we can request a service quota increase.

We can request a service quota increase on the resources that act as an obstruction in the AWS CloudFormation stack events.

2. Follow the steps below if we receive an error message as the targeted Availability Zone doesn’t have sufficient capacity.

 

Recreate the cluster in a different Availability Zone

 

We could have received an error as follows if we launch control plane instances in an Availability Zone with limited capacity:

Cannot create cluster 'sample-cluster' because us-east-1d, the targeted availability zone, does not currently have sufficient capacity to support the cluster. Retry and choose from these availability zones: us-east-1a, us-east-1b, us-east-1c

Here, we can create the cluster again using the recommended Availability Zones from the error message.

Pass values for the Subnets parameter that match the Availability Zones if we are provisioning the cluster using AWS CloudFormation.

or

We can use the –zones flag to pass in the values for the different Availability Zones if we are using eksctl. For example,

$ eksctl create cluster 'sample-cluster' --zones us-east-1a,us-east-1b,us-east-1c

3. We should follow the below steps if we receive an error message stating that the creation timed out waiting for worker nodes.

 

Check and confirm that worker nodes can reach the control plane API endpoint

 

When eksctl deploys our cluster, it waits for the worker nodes that are launched to join the cluster and reach Ready status.

we could receive the following error, if the worker nodes can’t reach the control plane:

timed out (after 25m0s) waiting for at least 4 nodes to join the cluster and become ready in "eksfbots-ng1"

To fix this error, get the worker nodes to join the cluster, and confirm that worker nodes are in Ready status.

[Need help with more AWS queries? We’d be happy to assist]

 

Conclusion

 

To conclude, today we discussed the steps followed by our Support Engineers to help our customers to resolve cluster creation errors in Amazon EKS.

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF