You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What version of Kubernetes are you using?
AWS EKS 1.12 on us-east-2
What did you do?
Create a new tidb cluster on EKS following the README with create_vpc tf variable set to true
Verified that creation is successful by logging into tidb and executing queries
Create a second tidb cluster with a copy of the terraform in a separate directory (so that tfstate files don't interfere with each other), this time with create_vpc = false, i.e., my tfvar files looks like
The text was updated successfully, but these errors were encountered:
george24601
changed the title
AWS EKS: unable to create tidb cluster with create_vpc=false
AWS EKS: unable to create tidb cluster with create_vpc=false and exsiting VPC
May 24, 2019
george24601
changed the title
AWS EKS: unable to create tidb cluster with create_vpc=false and exsiting VPC
AWS EKS: unable to connect to the cluster with create_vpc=false and existing VPC
May 24, 2019
Reusing existing VPC and subnets that created by Terraform for another EKS cluster is not supported now due to various limitations. However, it is possible to make the second cluster deployed by manually adding tag kubernetes.io/cluster/<second_cluster_name>=shared to the subnets of the first cluster (if that tag doesn't already exist).
Note that this is not recommend and may cause dependency issues when trying to modify or destroy these resources.
We have submitted PR to correctly put resources into public and private subnets, and to make the docs more clear on this kind of situation.
Bug Report
What version of Kubernetes are you using?
AWS EKS 1.12 on us-east-2
What did you do?
What did you expect to see?
the second tidb cluster will be created inside the same VPC, but on a second EKS cluster
What did you see instead?
Unable to connect to the bastion host, because it went to the private subnet
From the tf code, seems that when create_vpc=false, we should use separate subnet id variables for bastion and EKS, so that bastion goes to the public subnet, EKS private?
https://github.com/pingcap/tidb-operator/blob/master/deploy/aws/main.tf#L72
https://github.com/pingcap/tidb-operator/blob/master/deploy/aws/main.tf#L89
The text was updated successfully, but these errors were encountered: