#refarch (2023-04)
Cloud Posse Reference Architecture
2023-04-04
#elasticache-redis
│ Error: engine_version: Redis versions must match <major>.<minor> when using version 6 or higher, or <major>.<minor>.<patch>
vars:
name: csm
family: redis7.cluster.on
cloudwatch_metric_alarms_enabled: false
redis_clusters:
redis-csm:
engine_version: 7.0
instance_type: cache.t3.small
the heck are the right combos for engine_version and family? I can’t get any combo to work from redis7/7.0 or 7.x or 7.0.7 to work including the family default.redis7, redis7.cluster.on.
the CLI:
{
"Engine": "redis",
"EngineVersion": "7.0",
"CacheParameterGroupFamily": "redis7",
"CacheEngineDescription": "Redis",
"CacheEngineVersionDescription": "redis version 7.0.7"
}
“7.0” vs 7.0. #yamlfailure
leaving this all here for anyone else that hits the same problem.
fix: use quotes on values that can be misinterpreted as numbers.
Glad you figured that out! Definitely one of those gotchas with YAML
Yup and I’m always removing quotes from strings. This one backfired.
2023-04-05
is there an approach to subscribing to an sns-topic from an sns-queue config? I know we can remote state it, but the subscribers part of sns-topic doesn’t natively support that so curious of patterns
2023-04-07
has anyone run into this error when trying to deploy an eks cluster with eks/cluster
│ Error: Post "https:/xxxx.us-gov-west-1.eks.amazonaws.com/api/v1/namespaces/kube-system/configmaps": getting credentials: decoding stdout: no kind "ExecCredential" is registered for version "client.authentication.k8s.io/v1alpha1" in scheme "pkg/runtime/scheme.go:100"
turns out i hadn’t update my aws cli in awhile
Not using geodesic?
no, not on this one
2023-04-17
has anyone else tried deploying eks with kubernetes 1.26? running into this issue with nodes not joining
@Jeremy G (Cloud Posse) could this be related to the other issue you were helping with? …relating to CNI addon
No, this is something else
@Michael Dizon Did you follow all the upgrade instructions/prerequisites at https://docs.aws.amazon.com/eks/latest/userguide/kubernetes-versions.html#kubernetes-1.26 ?
deployed from scratch in a new environment. should note that this is in govcloud. not sure if that makes a difference
it deploys fine with 1.25.
here’s a bit of the log output
message”: “csinodes.storage.k8s.io "ip-10-xxx.xxx.com" is forbidden: User "systemip-10-xxx.us-gov-west-1.compute.internal" cannot get resource "csinodes" in API group "storage.k8s.io" at the cluster scope: can only access CSINode with the same name as the requesting node”, “reason”: “Forbidden”, “details”: { “name”: “ip-xxx.xxx.com”, “group”: “storage.k8s.io”, “kind”: “csinodes” }, “code”: 403 },
• Deprecated beta APIs scheduled for removal in v1.26 are no longer served. See https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-26 for more information. (#111973, @liggitt)
• The in-tree cloud provider for OpenStack (and the cinder volume provider) has been removed. Please use the external cloud provider and csi driver from cloud-provider-openstack instead. (#67782, @dims)
wondering if this PR will fix it. https://github.com/awslabs/amazon-eks-ami/pull/1264
2023-04-18
2023-04-19
I’m looking at using the account component from https://github.com/cloudposse/terraform-aws-components/blob/master/modules/account/README.md. Can anyone confirm if this supports organizational units more than one level deep in AWS Organizations?