Canonical Juju

Unable to bootstrap EKS cluster to Juju 3.1

Bug #2007848 reported by Bartlomiej Gmerek
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Canonical Juju
Triaged
Medium
Unassigned

Bug Description

Hi,

I've installed Juju 3.1, created an EKS cluster (using eksctl), but when I try to bootstrap k8s I'm getting below error:

ubuntu@ip-172-31-21-174:~$ juju add-k8s orc8r-eks
ERROR making juju admin credentials in cluster: ensuring cluster role "juju-credential-fa43c6ef" in namespace "kube-system": Get "https://4F0593858604288576B1D52B9F281FC8.gr7.eu-central-1.eks.amazonaws.com/apis/rbac.authorization.k8s.io/v1/clusterroles/juju-credential-fa43c6ef": getting credentials: exec: executable aws not found

It looks like you are trying to use a client-go credential plugin that is not installed.

To learn more about this feature, consult the documentation available at:
      https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins

awscli is installed though (using official instructions, not the snap):

ubuntu@ip-172-31-21-174:~$ which aws
/usr/local/bin/aws

Any idea what might be the issue here?

Thanks in advance.

BR,
Bartek

Vitaly Antonenko (anvial)
tags: added: bootstrap eks k8s
Revision history for this message
Bartlomiej Gmerek (gmerold) wrote :

I also have similar problem when using GKE:

ubuntu@ip-172-31-21-174:~$ juju add-k8s gke-orc8r
ERROR making juju admin credentials in cluster: ensuring cluster role "juju-credential-d562600d" in namespace "kube-system": Get "https://34.116.186.150/apis/rbac.authorization.k8s.io/v1/clusterroles/juju-credential-d562600d": getting credentials: exec: executable gke-gcloud-auth-plugin not found

It looks like you are trying to use a client-go credential plugin that is not installed.

To learn more about this feature, consult the documentation available at:
      https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins

Install gke-gcloud-auth-plugin for use with kubectl by following https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke

And yet:

ubuntu@ip-172-31-21-174:~$ which gke-gcloud-auth-plugin
/home/ubuntu/google-cloud-sdk/bin/gke-gcloud-auth-plugin

BR,
Bartek

Revision history for this message
Juan M. Tirado (tiradojm) wrote :

We are aware of this issue with GKE and working to fix it (see https://bugs.launchpad.net/juju/+bug/2007575). The EKS problem looks similar.

Changed in juju:
importance: Undecided → Medium
status: New → Triaged
tags: added: gke
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.