Enable creating IPV6 clusters with pod identities in addition to IRSA #8322
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
simonmarty
commented
Mar 31, 2025
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hello simonmarty 👋 Thank you for opening a Pull Request in eksctl project. The team will review the Pull Request and aim to respond within 1-10 business days. Meanwhile, please read about the Contribution and Code of Conduct guidelines here. You can find out more information about eksctl on our website
simonmarty
changed the title
Comment on lines
611
to
616
| if len(c.addonContainsManagedAddons([]string{PodIdentityAgentAddon})) != 0 && (c.IAM == nil || c.IAM != nil && IsDisabled(c.IAM.WithOIDC)) { | ||
|
|
||
| return fmt.Errorf("either pod identity or oidc needs to be enabled if IPv6 is set; set either one or use EKS Auto Mode") | ||
| } | ||
|
|
||
| if len(c.addonContainsManagedAddons([]string{PodIdentityAgentAddon})) == 0 && !c.AddonsConfig.AutoApplyPodIdentityAssociations { |
There was a problem hiding this comment.
I'm a little confused by this check. So if the pod identity addon does exist, then we check for OIDC, but if it doesn't, then we check for pod identity settings on the addon itself? Am I reading that correctly? If so, I'm not really sure I understand. Shouldn't it be if there is no pod identity addon, then OIDC needs to be enabled, otherwise either OIDC OR pod identity can be used?
There was a problem hiding this comment.
The first if block
if len(c.addonContainsManagedAddons([]string{PodIdentityAgentAddon})) != 0 && (c.IAM == nil || c.IAM != nil && IsDisabled(c.IAM.WithOIDC)) {
Checks that there is at least one way to provide credentials to the VPC CNI addon. If there is not at least one provider (either Pod identity Agent or IRSA), then we exit early.
The second block
if len(c.addonContainsManagedAddons([]string{PodIdentityAgentAddon})) == 0 && !c.AddonsConfig.AutoApplyPodIdentityAssociations {
Performs extra validations needed if we are using pod identities (namely, that the VPC CNI addon has a pod identity configured in one way or another).
I can add comments to clarify this, if you think of a better way to organize these conditions lmk.
There was a problem hiding this comment.
Ah ok, that makes sense too. Yeah I was thinking in my head like 'do the oidc check' then [if still needed] 'do the pod identity check' might make it more clear what's going on, rather than adding a condition to the earlier one just to short-circuit.
Either way, comments would be helpful :)
Comment on lines
611
to
616
| if len(c.addonContainsManagedAddons([]string{PodIdentityAgentAddon})) != 0 && (c.IAM == nil || c.IAM != nil && IsDisabled(c.IAM.WithOIDC)) { | ||
|
|
||
| return fmt.Errorf("either pod identity or oidc needs to be enabled if IPv6 is set; set either one or use EKS Auto Mode") | ||
| } | ||
|
|
||
| if len(c.addonContainsManagedAddons([]string{PodIdentityAgentAddon})) == 0 && !c.AddonsConfig.AutoApplyPodIdentityAssociations { |
There was a problem hiding this comment.
Ah ok, that makes sense too. Yeah I was thinking in my head like 'do the oidc check' then [if still needed] 'do the pod identity check' might make it more clear what's going on, rather than adding a condition to the earlier one just to short-circuit.
Either way, comments would be helpful :)
cheeseandcereal
approved these changes
Apr 1, 2025
This was referenced Apr 1, 2025
yehielnetapp
added a commit
to spotinst/weaveworks-eksctl
that referenced
this pull request
May 28, 2025
* Fix addons integration test aws-efs-csi-driver now supports Pod Identity. Signed-off-by: cpu1 <chepatwm@amazon.com> * Remove deletion of aws-efs-csi-driver Signed-off-by: cpu1 <chepatwm@amazon.com> * Support for Autonomous Mode Signed-off-by: cpu1 <chepatwm@amazon.com> * Remove unused mocks Signed-off-by: cpu1 <chepatwm@amazon.com> * Rename AutonomousMode to AutoMode Signed-off-by: cpu1 <chepatwm@amazon.com> * Attach Auto Mode policies to cluster role when enabling Auto Mode Signed-off-by: cpu1 <chepatwm@amazon.com> * Update goformation Signed-off-by: cpu1 <chepatwm@amazon.com> * Bump aws-sdk-go-v2 version and correct cluster types * Fix tests, regenerate mocks Signed-off-by: cpu1 <chepatwm@amazon.com> * Add support for EKS Hybrid Nodes (eksctl-io#8062) add support for hybrid nodes * Add release notes for v0.195.0 Signed-off-by: cpu1 <chepatwm@amazon.com> * Prepare for next development iteration * Fix deepcopy diff * Reword IRSA warning message Signed-off-by: cpu1 <chepatwm@amazon.com> * userdocs: fix comment for custom managed nodegroup Signed-off-by: Kush Upadhyay <kushupad@amazon.com> * Add release notes for v0.196.0 Signed-off-by: cpu1 <chepatwm@amazon.com> * Prepare for next development iteration * add readme note for auto mode * add link to markdown and note for hybrid nodes * Add IAM capability if a custom IAM role is provided for Auto Mode Signed-off-by: cpu1 <chepatwm@amazon.com> * Cleanup Hybrid Nodes docs (eksctl-io#8072) cleanup hybrid nodes docs * Add release notes for v0.197.0 * Prepare for next development iteration * Add support for `preBootstrapCommands` in AL2023 (eksctl-io#8031) add support for preBootstrapCommands in AL2023 * Add release notes for v0.198.0 (eksctl-io#8077) Co-authored-by: tiberiugc <tiberiucopaciu@gmail.com> * Prepare for next development iteration (eksctl-io#8080) * Add support for `overrideBootstrapCommand` in AL2023 (eksctl-io#8078) * add support for overrideBootstrapCommand in AL2023 * e2e tests * Migrate dependent goformation module to a local fork (eksctl-io#8081) Migrate goformation module to a local fork * EKS Auto Mode should not require setting default addons or OIDC (eksctl-io#8082) * Allow importing subnets with IPv6 only (eksctl-io#8086) allow importing subnets with IPv6 only * Add support for C8g and R8g instance types (eksctl-io#8041) * Support EKS managed nodegroup node repair config (eksctl-io#8087) * Add release notes for v0.199.0 (eksctl-io#8079) * Prepare for next development iteration (eksctl-io#8088) * Update excluded contributors from release notes (eksctl-io#8092) * Support for Bangkok region (`ap-southeast-7`) (eksctl-io#8114) support ap-southeast-7 region * Add release notes for v0.200.0 (eksctl-io#8093) Co-authored-by: tiberiugc <tiberiucopaciu@gmail.com> * support mx-central-1 region * Prepare for next development iteration (eksctl-io#8116) * Support create cluster default addon metrics-server * Repair AL2023 with IPv6 node creation (eksctl-io#8120) repair al2023 nodes with ipv6 * Update doc dependencies and supported Python runtime to publish latest doc updates (eksctl-io#8119) * docs: Update doc dependencies and supported Python runtime * fix: Correct link checking which seems to have been failing for quite some time * Bump actions/cache from 4.0.2 to 4.2.0 Bumps [actions/cache](https://github.com/actions/cache) from 4.0.2 to 4.2.0. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0c45773...1bd1e32) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump peter-evans/create-pull-request from 6.0.2 to 7.0.6 Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.2 to 7.0.6. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@70a41ab...67ccf78) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Bump actions/setup-go from 5.0.0 to 5.2.0 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.0.0 to 5.2.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@0c52d54...3041bf5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump docker/metadata-action from 5.5.1 to 5.6.1 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.5.1 to 5.6.1. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@8e5442c...369eb59) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump actions/checkout from 4.1.2 to 4.2.2 (eksctl-io#8021) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.2.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@9bb5618...11bd719) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/setup-python from 5.1.0 to 5.3.0 (eksctl-io#8022) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.1.0 to 5.3.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@82c7e63...0b93645) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump goreleaser/goreleaser-action from 5.0.0 to 6.1.0 (eksctl-io#8055) Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 5.0.0 to 6.1.0. - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@7ec5c2b...9ed2f89) --- updated-dependencies: - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump docker/build-push-action from 5.3.0 to 6.11.0 (eksctl-io#8124) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.3.0 to 6.11.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@2cdde99...b32b51a) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore: Add diff created by running `make build` (eksctl-io#8121) * Ubuntu 24.04 support (eksctl-io#8094) feat: Ubuntu 24.04 support This adds image lookup support for Ubuntu 24.04 (using image names and ssm param resolution). Co-authored-by: Robby Pocase <robby.pocase@canonical.com> * Remove EFA installation scripts; EFA is installed by default on EKS AL2 GPU, EKS Al2023 NVIDIA, and EKS AL2023 Neuron AMIs (eksctl-io#8113) * fix: Remove EFA installation scripts; EFA is installed by default on EKS accelerated AMIs * chore: Update EFA device plugin instances and container image to match `eks-charts` * chore: Clean up dangling reference * fix: Update test for EFA AL2 user data * docs: Update remaining references * Bump github.com/aws/aws-sdk-go-v2/service/outposts from 1.48.0 to 1.48.1 (eksctl-io#8133) Bumps [github.com/aws/aws-sdk-go-v2/service/outposts](https://github.com/aws/aws-sdk-go-v2) from 1.48.0 to 1.48.1. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.48.0...service/s3/v1.48.1) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/outposts dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing from 1.28.8 to 1.28.9 (eksctl-io#8132) Bump github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing Bumps [github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing](https://github.com/aws/aws-sdk-go-v2) from 1.28.8 to 1.28.9. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@config/v1.28.8...config/v1.28.9) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider from 1.36.3 to 1.48.4 (eksctl-io#8130) Bump github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider Bumps [github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider](https://github.com/aws/aws-sdk-go-v2) from 1.36.3 to 1.48.4. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@service/iam/v1.36.3...service/eks/v1.48.4) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go-v2/service/cloudformation from 1.56.3 to 1.56.4 (eksctl-io#8127) Bump github.com/aws/aws-sdk-go-v2/service/cloudformation Bumps [github.com/aws/aws-sdk-go-v2/service/cloudformation](https://github.com/aws/aws-sdk-go-v2) from 1.56.3 to 1.56.4. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@service/ssm/v1.56.3...service/ssm/v1.56.4) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/cloudformation dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 from 1.43.3 to 1.43.4 (eksctl-io#8129) Bump github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 Bumps [github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2](https://github.com/aws/aws-sdk-go-v2) from 1.43.3 to 1.43.4. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@service/ssm/v1.43.3...service/fsx/v1.43.4) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go-v2/config from 1.27.11 to 1.28.9 (eksctl-io#8131) Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.27.11 to 1.28.9. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@config/v1.27.11...config/v1.28.9) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/Masterminds/semver/v3 from 3.2.1 to 3.3.1 (eksctl-io#8047) Bumps [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) from 3.2.1 to 3.3.1. - [Release notes](https://github.com/Masterminds/semver/releases) - [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md) - [Commits](Masterminds/semver@v3.2.1...v3.3.1) --- updated-dependencies: - dependency-name: github.com/Masterminds/semver/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update coredns (eksctl-io#7901) update coredns Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com> * Update aws-node to v1.19.2 (eksctl-io#7899) update aws-node to v1.19.2 Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com> * Update nvidia-device-plugin to v0.17.0 (eksctl-io#7918) update nvidia-device-plugin to v0.17.0 Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com> * Fix E2E tests (eksctl-io#8139) * Add release notes for v0.201.0 (eksctl-io#8115) Co-authored-by: tiberiugc <tiberiucopaciu@gmail.com> * Prepare for next development iteration (eksctl-io#8143) * Remove SSM install script from AL2; SSM is pre-installed on EKS AL based AMIs (eksctl-io#8135) * Enable default addon creation for auto mode clusters (eksctl-io#8140) * Enable default addon creation for auto mode clusters * Update pkg/actions/addon/tasks.go Co-authored-by: Amine <hilalyamine@gmail.com> --------- Co-authored-by: Gustavo Diaz <gustidia@amazon.com> Co-authored-by: Amine <hilalyamine@gmail.com> * Disable metrics-server default addon creation for unsupported regions (eksctl-io#8146) Co-authored-by: Gustavo Diaz <gustidia@amazon.com> * Update import path of local goformation fork, fixing `go mod verify` (eksctl-io#8148) Change import path of local goformation fork to original fork name * Fix e2e integration tests (eksctl-io#8149) * Use `DescribeClusterVersions` API instead of hardcoding EKS version data (eksctl-io#8144) use DescribeClusterVersions API instead of hardcoding EKS version data in eksctl * Remove `xtables.lock` which should be managed by the VPC CNI (eksctl-io#8134) * Remove `xtables.lock` which should be managed by the VPC CNI * chore: Update `aws-node` self-managed config to match latest VPC CNI chart spec * Wait for vpccni to become active before updating it to use IRSA (eksctl-io#8152) wait for vpccni to become active before updating it to use IRSA * Upgrade to go 1.22 (eksctl-io#8125) * Upgrade to go 1.22 * fix: Add missing test deps * chore: Move tool installation to its own make target * chore: Update `goformation` go version to `1.22` and run `make build` * Migrate `goformation` under `pkg/` as a local package and remove location re-write (eksctl-io#8153) * Migrate `goformation` under `pkg/` as a local package and remove location re-write * chore: Fix linkchecker and go version used in CI * fix: Update lint ignore path for `goformation` * Bump github.com/github-release/github-release from 0.10.0 to 0.10.1 (eksctl-io#8107) Bumps [github.com/github-release/github-release](https://github.com/github-release/github-release) from 0.10.0 to 0.10.1. - [Release notes](https://github.com/github-release/github-release/releases) - [Changelog](https://github.com/github-release/github-release/blob/master/github-release.go) - [Commits](github-release/github-release@v0.10.0...v0.10.1) --- updated-dependencies: - dependency-name: github.com/github-release/github-release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/gofrs/flock from 0.8.1 to 0.12.1 (eksctl-io#8024) Bumps [github.com/gofrs/flock](https://github.com/gofrs/flock) from 0.8.1 to 0.12.1. - [Release notes](https://github.com/gofrs/flock/releases) - [Commits](gofrs/flock@v0.8.1...v0.12.1) --- updated-dependencies: - dependency-name: github.com/gofrs/flock dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Adding support for us-isof and eu-isoe regions (eksctl-io#8151) adding support for us-isof and eu-isoe regions * Add release notes for v0.202.0 (eksctl-io#8142) add release notes for v0.202.0 Co-authored-by: tiberiugc <tiberiucopaciu@gmail.com> * Revert dependencies changes that are making release workflow fail (eksctl-io#8157) * Revert "Bump github.com/gofrs/flock from 0.8.1 to 0.12.1 (eksctl-io#8024)" This reverts commit 18394bd. * Revert "Bump github.com/github-release/github-release from 0.10.0 to 0.10.1 (eksctl-io#8107)" This reverts commit 34ab1f8. * Revert "Migrate `goformation` under `pkg/` as a local package and remove location re-write (eksctl-io#8153)" This reverts commit d0e5360. * Revert "Upgrade to go 1.22 (eksctl-io#8125)" This reverts commit ccdd44c. * Prepare for next development iteration (eksctl-io#8159) * Bump golang.org/x/crypto from v0.22.0 to v0.32.0 (eksctl-io#8166) * Bump golang.org/x/crypto from v0.22.0 to v0.32.0 * commit new image tag --------- Co-authored-by: Gustavo Diaz <gustidia@amazon.com> * [Hybrid Nodes] Remove strict requirement of providing a VGW or TGW during cluster creation (eksctl-io#8168) [Hybrid Nodes] Remote strict requirement of providing a VGW or TGW during cluster creation * [Hybrid Nodes] Make `remoteNetworkConfig.IAM.Provider` field case insensitive (eksctl-io#8169) make RemoteNetworkConfig.IAM.Provider case insensitive * Resolve clusterDNS for IPv6 MNG AL2023 with custom AMI (eksctl-io#8170) * resolve cluster DNS for IPv6 MNG AL2023 with custom AMI * correct error message * Add release notes for v0.203.0 (eksctl-io#8154) Add notes for v0.203.0 Co-authored-by: Tibi <110664232+TiberiuGC@users.noreply.github.com> * Allow disabling default addons with Auto Mode (eksctl-io#8165) * Bump actions/setup-python from 5.3.0 to 5.4.0 (eksctl-io#8177) Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@0b93645...4237552) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump aws-actions/configure-aws-credentials from 4.0.2 to 4.0.3 (eksctl-io#8178) Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 4.0.2 to 4.0.3. - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](aws-actions/configure-aws-credentials@e3dd6a4...4fc4975) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/stale from 9.0.0 to 9.1.0 (eksctl-io#8179) Bumps [actions/stale](https://github.com/actions/stale) from 9.0.0 to 9.1.0. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@28ca103...5bef64f) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump release-drafter/release-drafter from 6.0.0 to 6.1.0 (eksctl-io#8180) Bumps [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) from 6.0.0 to 6.1.0. - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](release-drafter/release-drafter@3f0f870...b1476f6) --- updated-dependencies: - dependency-name: release-drafter/release-drafter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/setup-go from 5.2.0 to 5.3.0 (eksctl-io#8181) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.2.0 to 5.3.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@3041bf5...f111f33) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump docker/build-push-action from 6.11.0 to 6.13.0 (eksctl-io#8182) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.11.0 to 6.13.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@b32b51a...ca877d9) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Enable Bottlerocket on Neuron Instance types (Inferentia and Trainium) (eksctl-io#8173) * feat: Add support for Bottlerocket AMIs on Neuron Instances * tests: Update unit-tests to support Bottlerocket on Neuron * assets: Update neuron-device-plugin * Added EBS IO2 volumeType support to Managed NodeGroup (eksctl-io#7989) * Enable NVIDIA Plugin automatically for AL2023 GPU AMIs (eksctl-io#8199) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Add addon name to some logging lines (eksctl-io#8200) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * New EFA plugin images need a new volume for EFA plugin to mount - `/dev/infiniband` (eksctl-io#8201) * Bump github.com/aws/aws-sdk-go-v2/service/cloudtrail from 1.47.0 to 1.47.2 (eksctl-io#8189) * Bump github.com/fatih/color from 1.16.0 to 1.18.0 (eksctl-io#8190) * Bump github.com/spf13/afero from 1.11.0 to 1.12.0 (eksctl-io#8187) * Bump github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2 from 1.43.8 to 1.43.12 (eksctl-io#8203) * Bump github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider from 1.48.4 to 1.49.4 (eksctl-io#8204) * Bump github.com/aws/aws-sdk-go-v2/service/cloudformation from 1.56.8 to 1.57.0 (eksctl-io#8205) * Update aws-node to v1.19.2 (eksctl-io#8160) * Bump github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs from 1.45.8 to 1.45.12 (eksctl-io#8202) * Replace `golang.org/x/exp/slices` with `slices` (eksctl-io#8195) The experimental functions in `golang.org/x/exp/slices` are now available in the standard library in Go 1.21. Reference: https://go.dev/doc/go1.21#slices Signed-off-by: Eng Zer Jun <engzerjun@gmail.com> * pre-Generate EC2 instance type details out of band (eksctl-io#8206) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Prepare for next development iteration (eksctl-io#8194) * Update building with golang 1.24 (eksctl-io#8210) Update to golang 1.24, bumping multiple dependencies Also update build image manifest, tag file and workflows * Fix broken karpenter doc links (eksctl-io#8213) Signed-off-by: Adam Crowder <adam@adamcrowder.net> * Fix broken link to "Creating and Managing Clusters" (eksctl-io#8212) * Add release notes for v0.204.0 (eksctl-io#8171) * Prepare for next development iteration (eksctl-io#8215) * Update attributions document (eksctl-io#8214) * Update GPU ec2 instance types in integration tests (eksctl-io#8217) * Support for setting MarketType/InstanceMarketOptions for use with "capacity-block" (eksctl-io#8207) * Support for setting MarketType/InstanceMarketOptions for use with "capacity-block" Signed-off-by: Davanum Srinivas <davanum@gmail.com> * set CapacityType field of AWS::EKS::Nodegroup correctly Signed-off-by: Davanum Srinivas <davanum@gmail.com> * MNG capacity block needs a single instance type in launch template Signed-off-by: Davanum Srinivas <davanum@gmail.com> --------- Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Migrate `goformation` under `pkg/` as a local package and remove location re-write (eksctl-io#8219) * Placement group should not be created when using a reservation (eksctl-io#8220) bug: placement group should not be added for reservation Reservations are special cases that often can be created with placement already in mind, or have instances in different availability zones (or far enough away) so adding a placement group automatically will prevent provision of a large set of resources. Changing the default behavior to always require the user to specify a placement group for EFA is overkill, but a good balance is, in the case EFA is enabled and there is no placement group, when there is a reservation do not add the group automatically, but issue a warning to the user they can choose to respond to. TLDR: when a user deploys a cluster via a reservation they are responsible for adding the placement group. Signed-off-by: vsoch <vsoch@users.noreply.github.com> Co-authored-by: vsoch <vsoch@users.noreply.github.com> * Fix issue installing the nvidia device plugin unconditionally on al2023 (eksctl-io#8225) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Remove support for p2 instances which require NVIDIA driver <= 470 (eksctl-io#8226) * Remove support for `p2` instances which require NVIDIA driver <= 470 * chore: Update references of `p2` to `g5` * Add support for creating access entries of type `EC2` for EKS Auto Mode (eksctl-io#8228) * Re-add support for env var keys from AWS SDK (eksctl-io#8231) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Update dependencies (eksctl-io#8229) * Update dependencies * Update build image manifest, tag file and workflows * Print the computed upgrade version correctly (eksctl-io#8232) print the computed upgrade version correctly Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Add missing coredns-1.32 json file (eksctl-io#8233) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * copy over older coredns json if missing (eksctl-io#8237) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Re-allow use of the `cnn1-az4` availability zone (eksctl-io#8240) Allow cnn1-az4 to be picked Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Enable auto-update of ec2 info (eksctl-io#8239) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Remove intermediate build image from add-on auto-update CI workflow (eksctl-io#8234) * Remove unused stringer dependency (eksctl-io#8211) * Remove build container image use from CI workflows (eksctl-io#8241) * Remove un-used build dependencies (eksctl-io#8242) * Remove archived github.com/bxcodec/faker dependency (eksctl-io#8245) * Do not run ci jobs in forks (eksctl-io#8246) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Add support for allow/deny regexp(s) in instanceSelector (eksctl-io#8247) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * GPUs != Accelerators (eksctl-io#8243) GPUs != Neuron Devices Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Fix failure when VPC CNI is configured to use both iam.withOIDC and useDefaultPodIdentityAssociations (eksctl-io#8249) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Bump github.com/blang/semver to v4.0.0 (eksctl-io#8244) * Update Karpenter usage documentation to reflect latest supported version(s) (eksctl-io#8250) * update karpenter version and fixed links reference * texts changed as suggested * chore: Documentation tweaks --------- Co-authored-by: Edmar Campos Cardoso <ecamposc@amazon.com> Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com> * Update GH CLI and aws-iam-authenticator versions in docker image (eksctl-io#8253) * Update GH CLI and aws-iam-authenticator versions in docker image Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Update build image manifest, tag file and workflows Signed-off-by: Davanum Srinivas <davanum@gmail.com> --------- Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Switch default for ExecConfig api version from v1alpha1->v1beta1 (eksctl-io#8252) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Fix go.sum; check go.mod and go.sum on CI (eksctl-io#8254) Fix go.sum; check go.mod, go.sum on CI * generate/verify schema .. had forgotten to update schema.json for neuron devices (eksctl-io#8255) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Replace 'github.com/pkg/errors' with 'errors' in tests (eksctl-io#8256) Replace 'github.com/pkg/errors' with 'errors' * Revert: Remove un-used build dependencies eksctl-io#8242 (eksctl-io#8257) * Update aws-node to v1.19.3 (eksctl-io#8258) update aws-node to v1.19.3 Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com> * Upgrade library: github.com/cenkalti/backoff/v5 (eksctl-io#8260) * Replace 'github.com/pkg/errors' with 'errors' (eksctl-io#8259) Remove github.com/pkg/errors dependency * Allow adding remote network config to private clusters (eksctl-io#8261) Fix hybrid node validation to allow private clusters * Revert "Fix failure when VPC CNI is configured to use both iam.withOIDC and useDefaultPodIdentityAssociations (eksctl-io#8264) Revert "Fix failure when VPC CNI is configured to use both iam.withOIDC and useDefaultPodIdentityAssociations" This reverts commit 93ba3bc. Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Add release notes for v0.205.0 (eksctl-io#8216) * Prepare for next development iteration (eksctl-io#8265) * Standardize on k8s 1.32.2 for go.mod (eksctl-io#8285) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Update zz_generated.deepcopy.go, also add new make target for the same (eksctl-io#8267) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Fix failure when VPC CNI is configured to use both iam.withOIDC and useDefaultPodIdentityAssociations (eksctl-io#8268) This reverts commit be999ef. Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Reduce blast radius of test that disables api server public access failing (eksctl-io#8288) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Update goformation from latest schema / Remove unused generated code (eksctl-io#8289) * skip generating code for things we don't use Signed-off-by: Davanum Srinivas <davanum@gmail.com> * use go:generate in goformation.go to regenerate code Signed-off-by: Davanum Srinivas <davanum@gmail.com> * add explicit error when a type is not found Signed-off-by: Davanum Srinivas <davanum@gmail.com> * fix test cases Signed-off-by: Davanum Srinivas <davanum@gmail.com> --------- Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Update ec2-info (eksctl-io#8290) update ec2-info Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com> * Allow core/default networking addons on auto-mode clusters with mixed node types (eksctl-io#8293) * Update ec2-info (eksctl-io#8297) update ec2-info Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com> * Update nvidia-device-plugin to v0.17.1 (eksctl-io#8296) update nvidia-device-plugin to v0.17.1 Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com> * Support for EKS internal environments (eksctl-io#8294) * Support for EKS internal beta/gamma environments Allow setting `AWS_ENDPOINT_URL_EKS` to internal URLs for testing/development cycles. We setup a AWS Lambda based CloudFormation Resource that acts as a proxy to pass through calls from CFN templates to the internal URLs. Added a couple of beta.go to encapsulate creating custom resources from the same info used to create the EKS related CFN resources. The hard part is the python based lambda code that turns the CFN handler payload into calls to various eks/iam and other APIs. Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Incorporate review feedback Signed-off-by: Davanum Srinivas <davanum@gmail.com> --------- Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Default to newest k8s 1.32 version (eksctl-io#8300) Signed-off-by: Davanum Srinivas <davanum@gmail.com> * Bump docker/build-push-action from 6.13.0 to 6.15.0 (eksctl-io#8271) * Bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (eksctl-io#8272) * Bump docker/metadata-action from 5.6.1 to 5.7.0 (eksctl-io#8273) * Bump golang.org/x/oauth2 from 0.26.0 to 0.27.0 (eksctl-io#8280) * Add support for i8g.48xlarge ec2 instance type (eksctl-io#8301) * Skip instance type support validation for custom AMI ID (eksctl-io#8303) * Bump golang.org/x/net from 0.35.0 to 0.36.0 (eksctl-io#8295) * Bump github.com/containerd/containerd from 1.7.25 to 1.7.27 (eksctl-io#8299) * Update aws-sdk-go-v2 dependencies (eksctl-io#8308) * Bump github.com/aws/aws-sdk-go-v2/service/iam from 1.39.2 to 1.40.0 (eksctl-io#8277) * Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 (eksctl-io#8310) * Allow specification of IAM permission boundary for Auto Mode's Node Role (eksctl-io#8307) * Remove deprecated "set-public-access-cidrs" integration tests (eksctl-io#8311) Remove deprecated "set-public-access-cidrs" tests Signed-off-by: Adam Crowder <adam@adamcrowder.net> * Fix auto mode creation when no permissions boundary is set (eksctl-io#8312) * Add release notes for v0.206.0 (eksctl-io#8266) * Prepare for next development iteration (eksctl-io#8313) * Add support for new force parameter when upgrading cluster version (eksctl-io#8319) * Remove redundant 'typecheck' linter (eksctl-io#8298) * Add latest changes to AWS Load Balancer Controller IAM Policy (eksctl-io#8316) * Add AutoModeNodeRole to Beta lambda ExecutionRole (eksctl-io#8323) * Bump actions/setup-go from 5.3.0 to 5.4.0 (eksctl-io#8324) * Bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (eksctl-io#8325) * Bump goreleaser/goreleaser-action from 6.2.1 to 6.3.0 (eksctl-io#8326) * Bump actions/setup-python from 5.4.0 to 5.5.0 (eksctl-io#8327) * Bump lycheeverse/lychee-action from 2.3.0 to 2.4.0 (eksctl-io#8330) * Bump docker/login-action from 3.3.0 to 3.4.0 (eksctl-io#8328) * Enable creating IPV6 clusters with pod identities in addition to IRSA (eksctl-io#8322) * Fix eks beta SP for ServiceRole (eksctl-io#8340) * Fully remove intermediate eksctl build image (eksctl-io#8341) * Add release notes for v0.207.0 (eksctl-io#8321) * Prepare for next development iteration (eksctl-io#8342) * Add support for Ubuntu Pro 20.04 based EKS images (eksctl-io#8317) * Drop support for Ubuntu 18.04 images (eksctl-io#8344) * Update aws-sdk-go-v2 dependencies and mockery comments (eksctl-io#8347) * Update aws-sdk-go-v2 dependencies * Update mock files comments with new mockery version number * Add support for AL2023 arm64 nvidia amiType (eksctl-io#8351) * Bump helm.sh/helm/v3 from 3.17.2 to 3.17.3 (eksctl-io#8348) * Bump golang.org/x/net from 0.37.0 to 0.38.0 (eksctl-io#8352) * Enable enclave options in EC2 Launch Template (eksctl-io#8349) * Fix get iamserviceaccount returning error for unrelated CloudFormation Stack (eksctl-io#8350) * Remove ubuntu 2004 pro integration tests (eksctl-io#8353) * Fix support for non-current-generation ec2 instance types (eksctl-io#8354) * Update ec2-info (eksctl-io#8361) update ec2-info Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com> * Fix CoreDNS scheduling on Fargate failing when component label in selector (eksctl-io#8357) Update cluster creation with Fargate to support adding a CoreDNS profile with the selector label `eks.amazonaws.com/component: coredns`. Closes issue eksctl-io#8355 * Update binary install for best practices (eksctl-io#8359) Replace the mv command with install for the "UNIX installation" method * Fix for `create podidentityassociation` bug in auto-mode clusters (eksctl-io#8358) Added auto-mode checks for IsPodIdentityAgentInstalled to allow for creation of podidentityassociations in auto-mode clusters as pod-identity-agent comes in-built in auto-mode clusters and doesn't need explicit installs. * Bump actions/setup-python from 5.5.0 to 5.6.0 (eksctl-io#8375) * Bump docker/build-push-action from 6.15.0 to 6.16.0 (eksctl-io#8374) * Bump golang.org/x/oauth2 from 0.27.0 to 0.29.0 (eksctl-io#8367) * Bump github.com/aws/aws-sdk-go from 1.55.6 to 1.55.7 (eksctl-io#8368) * Bump github.com/vburenin/ifacemaker from 1.2.1 to 1.3.0 (eksctl-io#8370) * Bump github.com/onsi/gomega from 1.36.2 to 1.37.0 (eksctl-io#8371) * Update ec2-info (eksctl-io#8362) * Update coredns default to v1.11.4-eksbuild.10 (eksctl-io#8363) * Bump golang.org/x/crypto from 0.36.0 to 0.37.0 (eksctl-io#8365) * Bump github.com/aws/aws-sdk-go-v2/config from 1.29.12 to 1.29.14 (eksctl-io#8372) * Add AmazonLinux2 end-of-life warning message when creating clusters and nodegroups (eksctl-io#8376) Log a warning message when users create AmazonLinux2-family clusters and nodegroups, letting them know that AL2 end of life is approaching*, and that the Eksctl default AMI family will change in the future * Fix nil pointer dereference when checking if auto mode enabled (eksctl-io#8378) * Add release notes for v0.208.0 (eksctl-io#8343) * fix clouformation fail,change install metric-server in ocean controller to false * clean non function text and alighn to eksctl 0208 * change goreleaser location --------- Signed-off-by: cpu1 <chepatwm@amazon.com> Signed-off-by: Kush Upadhyay <kushupad@amazon.com> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Davanum Srinivas <davanum@gmail.com> Signed-off-by: Eng Zer Jun <engzerjun@gmail.com> Signed-off-by: Adam Crowder <adam@adamcrowder.net> Signed-off-by: vsoch <vsoch@users.noreply.github.com> Co-authored-by: Chetan Patwal <cPu1@users.noreply.github.com> Co-authored-by: cpu1 <chepatwm@amazon.com> Co-authored-by: cpu1 <patwal.chetan@gmail.com> Co-authored-by: Amine <hilalyamine@gmail.com> Co-authored-by: Tibi <110664232+TiberiuGC@users.noreply.github.com> Co-authored-by: eksctl-bot <53547694+eksctl-bot@users.noreply.github.com> Co-authored-by: cPu1 <patwal.chetan@gmail.comm> Co-authored-by: Kush Upadhyay <kushupad@amazon.com> Co-authored-by: cPu1 <6298307+cPu1@users.noreply.github.com> Co-authored-by: Geoffrey Cline <geoffreyc@outlook.com> Co-authored-by: tiberiugc <tiberiucopaciu@gmail.com> Co-authored-by: Adam <adacrowd@amazon.com> Co-authored-by: Muhammet Şen <enmuhammet23@gmail.com> Co-authored-by: Gustavo Diaz <gustidia@amazon.com> Co-authored-by: Gustavo Diaz <38817851+gustavodiaz7722@users.noreply.github.com> Co-authored-by: Bryant Biggs <bryantbiggs@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Thomas Bechtold <thomas.bechtold@canonical.com> Co-authored-by: Robby Pocase <robby.pocase@canonical.com> Co-authored-by: michaelbeaumont <2266568+michaelbeaumont@users.noreply.github.com> Co-authored-by: artem-nefedov <requiem1337@gmail.com> Co-authored-by: Vighnesh Maheshwari <21048293+vigh-m@users.noreply.github.com> Co-authored-by: Sumit Bhowmick <33891296+BhowmickSumit@users.noreply.github.com> Co-authored-by: Davanum Srinivas <davanum@gmail.com> Co-authored-by: Eng Zer Jun <engzerjun@gmail.com> Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com> Co-authored-by: Vanessasaurus <814322+vsoch@users.noreply.github.com> Co-authored-by: vsoch <vsoch@users.noreply.github.com> Co-authored-by: Edmar Campos Cardoso <105178368+escardoso@users.noreply.github.com> Co-authored-by: Edmar Campos Cardoso <ecamposc@amazon.com> Co-authored-by: Cenk Altı <cenkalti@gmail.com> Co-authored-by: Nick Blaskey <nicholasblaskey@gmail.com> Co-authored-by: Nick Baker <ndbaker1@outlook.com> Co-authored-by: Aaron Donovan <amdonov@gmail.com> Co-authored-by: Martin Emrich <6672718+MartinEmrich@users.noreply.github.com> Co-authored-by: Sumukha Radhakrishna <sumukharadhakrishna@gmail.com> Co-authored-by: Simon Marty <simon.marty@protonmail.com> Co-authored-by: Sumukha Radhakrishna <rsumukha@amazon.com> Co-authored-by: Nathan Clonts <nathanclonts@gmail.com> Co-authored-by: Nick Baker <nbakerd@amazon.com> Co-authored-by: Tarik Demirović <demirovict@gmail.com> Co-authored-by: James Radtke <47249757+cloudxabide@users.noreply.github.com> Co-authored-by: Dheeraj <31967125+dheeraj-coding@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Currently, creating an IPV6 cluster fails validation if
withOIDCis not set totrue. Since the advent of EKS pod identities, OIDC is no longer necessary as long as the pod identity agent is added, and the VPC CNI addon is configured with a pod identity association. Updated the validation logic to allow either pod identities or IRSA for IPV6 clusters.Unrelated: caught two typos and added the VS Code folder to the gitignore since that's my IDE of choice (and a pretty common one at that).
Checklist
README.md, or theuserdocsdirectory)area/nodegroup) and kind (e.g.kind/improvement)BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯