如何在AWS中使用eksctl创建集群时解决错误
我正在尝试为我的根账户的用户账户在AWS us-east-1区域中创建一个集群。但是在尝试创建集群时却遇到了以下问题
[ℹ] eksctl version 0.22.0
[ℹ] using region us-east-1
[ℹ] subnets for us-east-1a - public:192.168.0.0/19 private:192.168.64.0/19
[ℹ] subnets for us-east-1b - public:192.168.32.0/19 private:192.168.96.0/19
[ℹ] using Kubernetes version 1.16
[ℹ] creating EKS cluster "in28minutes-cluster" in "us-east-1" region with managed nodes
[ℹ] will create 2 separate CloudFormation stacks for cluster itself and the initial managed nodegroup
[ℹ] if you encounter any issues, check CloudFormation console or try 'eksctl utils describe-stacks --region=us-east-1 --cluster=in28minutes-cluster'
[ℹ] CloudWatch logging will not be enabled for cluster "in28minutes-cluster" in "us-east-1"
[ℹ] you can enable it with 'eksctl utils update-cluster-logging --region=us-east-1 --cluster=in28minutes-cluster'
[ℹ] Kubernetes API endpoint access will use default of {publicAccess=true, privateAccess=false} for cluster "in28minutes-cluster" in "us-east-1"
[ℹ] 2 sequential tasks: { create cluster control plane "in28minutes-cluster", 2 sequential sub-tasks: { no tasks, create managed nodegroup "in28minutes-cluster-node-group" } }
[ℹ] building cluster stack "eksctl-in28minutes-cluster-cluster"
[ℹ] deploying stack "eksctl-in28minutes-cluster-cluster"
[✖] unexpected status "ROLLBACK_IN_PROGRESS" while waiting for CloudFormation stack "eksctl-in28minutes-cluster-cluster"
[ℹ] fetching stack events in attempt to troubleshoot the root cause of the failure
[✖] AWS::EC2::SubnetRouteTableAssociation/RouteTableAssociationPrivateUSEAST1B: CREATE_FAILED – "Resource creation cancelled"
[✖] AWS::EC2::Route/PublicSubnetRoute: CREATE_FAILED – "Resource creation cancelled"
[✖] AWS::EC2::SubnetRouteTableAssociation/RouteTableAssociationPrivateUSEAST1A: CREATE_FAILED – "Resource creation cancelled"
[✖] AWS::EC2::NatGateway/NATGateway: CREATE_FAILED – "Resource creation cancelled"
[✖] AWS::EC2::SubnetRouteTableAssociation/RouteTableAssociationPublicUSEAST1A: CREATE_FAILED – "Resource creation cancelled"
[✖] AWS::EC2::SubnetRouteTableAssociation/RouteTableAssociationPublicUSEAST1B: CREATE_FAILED – "Resource creation cancelled"
[✖] AWS::EKS::Cluster/ControlPlane: CREATE_FAILED – "User: arn:aws:iam::750121092648:user/HR is not authorized to perform: eks:CreateCluster on resource: arn:aws:eks:us-east-1:750121092648:cluster/in28minutes-cluster (Service: AmazonEKS; Status Code: 403; Error Code: AccessDeniedException; Request ID: 290ba47a-6423-4ce7-bd25-c429e1f69ea8)"
[!] 1 error(s) occurred and cluster hasn't been created properly, you may wish to check CloudFormation console
[ℹ] to cleanup resources, run 'eksctl delete cluster --region=us-east-1 --name=in28minutes-cluster'
[✖] waiting for CloudFormation stack "eksctl-in28minutes-cluster-cluster": ResourceNotReady: failed waiting for successful resource state
Error: failed to create cluster "in28minutes-cluster"
这是我用来创建集群的命令
create cluster --name in28minutes-cluster --nodegroup-name in28minutes-cluster-node-group --node-type t2.medium --nodes 3 --nodes-min 3 --nodes-max 7 --managed --asg-access --zones=us-east-1a,us-east-1b
我也为我的用户帐户扮演模拟角色
请帮助我解决此问题,我是aws kubernates的新手
1 个答案:
答案 0 :(得分:2)
此行来自您的日志
3, 4, 5, 6, ..., 99996似乎建议用户DECLARE @results TABLE (
DatabaseName nvarchar(100) NOT NULL,
SchemaName nvarchar(50) NOT NULL,
TableName nvarchar(100) NOT NULL,
Created datetime NOT NULL
);
DECLARE @dbName nvarchar(100);
DECLARE c CURSOR STATIC READ_ONLY FOR
SELECT QUOTENAME( [name] ) FROM sys.databases;
OPEN c;
FETCH NEXT FROM c INTO @dbName;
WHILE @@FETCH_STATUS = 0
BEGIN
DECLARE @dbQuery nvarchar(1000) = N'
SELECT
''' + @dbName + N''' AS DatabaseName,
s.[name] AS SchemaName,
t.[name] AS TableName,
t.create_date AS Created
FROM
' + @dbName + N'.sys.tables AS t
INNER JOIN sys.schemas AS s ON t.schema_id = s.schema_id
ORDER BY
s.[name],
t.[name]
';
INSERT INTO @results
( DatabaseName, SchemaName, TableName, Created )
EXECUTE sp_executesql @dbQuery;
FETCH NEXT FROM c INTO @dbName;
END;
CLOSE c;
DEALLOCATE c;
--------------------------
SELECT
*
FROM
@results
ORDER BY
DatabaseName,
SchemaName,
TableName;
没有所有必要的EKS权限。尝试(临时)附加[✖] AWS::EKS::Cluster/ControlPlane: CREATE_FAILED – "User: arn:aws:iam::750121092648:user/HR is not authorized to perform: eks:CreateCluster on resource: arn:aws:eks:us-east-1:750121092648:cluster/in28minutes-cluster (Service: AmazonEKS; Status Code: 403; Error Code: AccessDeniedException; Request ID: 290ba47a-6423-4ce7-bd25-c429e1f69ea8)"
用户到AWS管理的HR策略。然后,如果这可以解决问题,请将其范围缩小到仅与EKS相关的权限。
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?