Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws_cdk.ec2.VPC: Confusing error for valid CIDR range, but using /28 #27479

Closed
nikolic-milan opened this issue Oct 10, 2023 · 7 comments · Fixed by #27550
Closed

aws_cdk.ec2.VPC: Confusing error for valid CIDR range, but using /28 #27479

nikolic-milan opened this issue Oct 10, 2023 · 7 comments · Fixed by #27550
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud bug This issue is a bug.

Comments

@nikolic-milan
Copy link

Describe the bug

I am trying to configure a VPC for my kubernetes cluster. As I want to use the Amazon VPC CNI plugin per the user guide (https://docs.aws.amazon.com/eks/latest/userguide/cni-increase-ip-addresses.html) I need /28 CIDR. So I tried creating the vpc with the fallowing code

vpc = ec2.Vpc(
            self,
            "some-id",
            ip_addresses=ec2.IpAddresses.cidr("10.100.0.0/28"),
            vpc_name="some-name",
        )

But I get an error:
RuntimeError: x.x.x.x/31 is not a valid VPC CIDR range (must be between /16 and /28)

What's happening? Should I configure my VPC with /25 and expect it add 3 to it, if yes it seems wierd, why?

Expected Behavior

To create a /28 VPC.

Current Behavior

GIves an error: RuntimeError: x.x.x.x/31 is not a valid VPC CIDR range (must be between /16 and /28)

Reproduction Steps

aws-cdk-lib==2.98.0
aws-cdk.asset-awscli-v1==2.2.200
aws-cdk.asset-kubectl-v20==2.1.2
aws-cdk.asset-node-proxy-agent-v6==2.0.1
aws-cdk.lambda-layer-kubectl-v27==2.0.0

Above versions. And try to create a /28 VPC.

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.98.0

Framework Version

No response

Node.js Version

18.15.0

OS

Windows

Language

Python

Language Version

3.11.5

Other information

No response
@nikolic-milan nikolic-milan added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Oct 10, 2023
@github-actions github-actions bot added the @aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud label Oct 10, 2023
@msambol
Copy link
Contributor

msambol commented Oct 10, 2023

I was able to confirm this. VPC size can be between /16 and /28 but the minimum size for a subnet is /28, so when multiple subnets are provisioned it fails. This could be a code or documentation change IMO. @mrgrain thoughts? Happy to take this issue with some input from you.

@indrora
Copy link
Contributor

indrora commented Oct 12, 2023

This is a constraint enforced by EC2 VPCs themselves, not the CDK: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html

The Minimum size for a subnet is the smallest subnet possible within an EC2 VPC, /28.

@indrora indrora closed this as not planned Won't fix, can't repro, duplicate, stale Oct 12, 2023
@indrora indrora removed the needs-triage This issue or PR still needs to be triaged. label Oct 12, 2023
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@msambol
Copy link
Contributor

msambol commented Oct 12, 2023

@indrora right but I think the error message is confusing. it says VPC CIDR range (must be between /16 and /28), but if you put in a /28 VPC CIDR, it can result in a smaller than /28 subnet.

@indrora
Copy link
Contributor

indrora commented Oct 14, 2023

If you would like to file a a ticket against the service itself (which is the source of this message), please take it up with the SDK tracker: https://github.com/aws/aws-sdk/issues

@msambol
Copy link
Contributor

msambol commented Oct 15, 2023

@indrora I think it's coming from this line? IMO the error is confusing because the supplied VPC CIDR was /28 but the code is dividing the CIDR into smaller ranges for subnets which also have to be minimum /28. I'd like to update the error message to also say that subnets must be a minimum size of /28.

@msambol msambol mentioned this issue Oct 15, 2023
Merged
@mergify mergify bot closed this as completed in #27550 Oct 16, 2023
mergify bot pushed a commit that referenced this issue Oct 16, 2023
@msambol
docs(ec2): clarify error message for vpc sizing error (#27550)
ba3258d 
Subnet size must be minimum /28. This clarifies the error message.

Closes #27479.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@github-actions github-actions bot mentioned this issue Nov 1, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud bug This issue is a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

docs(ec2): clarify error message for vpc sizing error msambol/aws-cdk
3 participants
@indrora @msambol @nikolic-milan