底牌摆在桌面上,我是新人AWS所以我的无知可能是我的问题的根源。
我认为分享我的终端的输出是描述我的问题的最佳方式:
当我尝试启动 4 节点时,我发现了问题 AWS EKS集群通过eksctl create cluster --name atp-dev --node-type m5.large --nodes 4
这是该命令的输出:
2021-09-25 10:52:06 [ℹ] eksctl version 0.49.0
2021-09-25 10:52:06 [ℹ] using region us-west-2
2021-09-25 10:52:06 [ℹ] setting availability zones to [us-west-2a us-west-2b us-west-2d]
2021-09-25 10:52:06 [ℹ] subnets for us-west-2a - public:192.168.0.0/19 private:192.168.96.0/19
2021-09-25 10:52:06 [ℹ] subnets for us-west-2b - public:192.168.32.0/19 private:192.168.128.0/19
2021-09-25 10:52:06 [ℹ] subnets for us-west-2d - public:192.168.64.0/19 private:192.168.160.0/19
2021-09-25 10:52:07 [ℹ] nodegroup "ng-a477426f" will use "ami-0adca766413605f27" [AmazonLinux2/1.19]
2021-09-25 10:52:07 [ℹ] using Kubernetes version 1.19
2021-09-25 10:52:07 [ℹ] creating EKS cluster "atp-dev" in "us-west-2" region with un-managed nodes
2021-09-25 10:52:07 [ℹ] will create 2 separate CloudFormation stacks for cluster itself and the initial nodegroup
2021-09-25 10:52:07 [ℹ] if you encounter any issues, check CloudFormation console or try 'eksctl utils describe-stacks --region=us-west-2 --cluster=atp-dev'
2021-09-25 10:52:07 [ℹ] CloudWatch logging will not be enabled for cluster "atp-dev" in "us-west-2"
2021-09-25 10:52:07 [ℹ] you can enable it with 'eksctl utils update-cluster-logging --enable-types={SPECIFY-YOUR-LOG-TYPES-HERE (e.g. all)} --region=us-west-2 --cluster=atp-dev'
2021-09-25 10:52:07 [ℹ] Kubernetes API endpoint access will use default of {publicAccess=true, privateAccess=false} for cluster "atp-dev" in "us-west-2"
2021-09-25 10:52:07 [ℹ] 2 sequential tasks: { create cluster control plane "atp-dev", 3 sequential sub-tasks: { wait for control plane to become ready, create addons, create nodegroup "ng-a477426f" } }
2021-09-25 10:52:07 [ℹ] building cluster stack "eksctl-atp-dev-cluster"
2021-09-25 10:52:07 [!] 1 error(s) occurred and cluster hasn't been created properly, you may wish to check CloudFormation console
2021-09-25 10:52:07 [ℹ] to cleanup resources, run 'eksctl delete cluster --region=us-west-2 --name=atp-dev'
2021-09-25 10:52:07 [✖] creating CloudFormation stack "eksctl-atp-dev-cluster": AlreadyExistsException: Stack [eksctl-atp-dev-cluster] already exists
status code: 400, request id: 550e6a9d-d919-4a34-a012-7bc362f07c5a
Error: failed to create cluster "atp-dev"
我检查了CloudFormation像它建议的那样控制台,但没有可以与之交互的堆栈我尝试按照输出中的指示 eksctl utils describe-stacks --region=us-west-2 --cluster=atp-dev这给了我很多信息。
我无法真正解析,因为这是我对这一切的理解结束的地方:
2021-09-25 10:57:38 [ℹ] eksctl version 0.49.0
2021-09-25 10:57:38 [ℹ] using region us-west-2
2021-09-25 10:57:39 [ℹ] stack/eksctl-atp-dev-nodegroup-ng-7b715a90 = {
Capabilities: ["CAPABILITY_IAM"],
CreationTime: 2021-09-22 18:18:00.55 +0000 UTC,
DeletionTime: 2021-09-23 03:53:22.696 +0000 UTC,
Description: "EKS nodes (AMI family: AmazonLinux2, SSH access: false, private networking: false) [created and managed by eksctl]",
DisableRollback: false,
DriftInformation: {
StackDriftStatus: "NOT_CHECKED"
},
EnableTerminationProtection: false,
Outputs: [
{
OutputKey: "FeaturePrivateNetworking",
OutputValue: "false"
},
{
ExportName: "eksctl-atp-dev-nodegroup-ng-7b715a90::InstanceRoleARN",
OutputKey: "InstanceRoleARN",
OutputValue: "arn:aws:iam::988496401707:role/eksctl-atp-dev-nodegroup-ng-7b715-NodeInstanceRole-TR0AX0LF3N6J"
},
{
OutputKey: "FeatureLocalSecurityGroup",
OutputValue: "true"
},
{
ExportName: "eksctl-atp-dev-nodegroup-ng-7b715a90::InstanceProfileARN",
OutputKey: "InstanceProfileARN",
OutputValue: "arn:aws:iam::988496401707:instance-profile/eksctl-atp-dev-nodegroup-ng-7b715a90-NodeInstanceProfile-ZUE15KQVO72E"
},
{
OutputKey: "FeatureSharedSecurityGroup",
OutputValue: "true"
}
],
RollbackConfiguration: {
},
StackId: "arn:aws:cloudformation:us-west-2:988496401707:stack/eksctl-atp-dev-nodegroup-ng-7b715a90/6b591dc0-1bd1-11ec-9bec-0a0320ad966b",
StackName: "eksctl-atp-dev-nodegroup-ng-7b715a90",
StackStatus: "DELETE_FAILED",
StackStatusReason: "The following resource(s) failed to delete: [SG]. ",
Tags: [
{
Key: "alpha.eksctl.io/cluster-name",
Value: "atp-dev"
},
{
Key: "alpha.eksctl.io/nodegroup-name",
Value: "ng-7b715a90"
},
{
Key: "eksctl.cluster.k8s.io/v1alpha1/cluster-name",
Value: "atp-dev"
},
{
Key: "alpha.eksctl.io/nodegroup-type",
Value: "unmanaged"
},
{
Key: "alpha.eksctl.io/eksctl-version",
Value: "0.49.0"
},
{
Key: "eksctl.io/v1alpha2/nodegroup-name",
Value: "ng-7b715a90"
}
]
}
2021-09-25 10:57:39 [ℹ] stack/eksctl-atp-dev-cluster = {
Capabilities: ["CAPABILITY_IAM"],
CreationTime: 2021-09-22 18:02:51.122 +0000 UTC,
Description: "EKS cluster (dedicated VPC: true, dedicated IAM: true) [created and managed by eksctl]",
DisableRollback: false,
DriftInformation: {
StackDriftStatus: "NOT_CHECKED"
},
EnableTerminationProtection: false,
Outputs: [
{
ExportName: "eksctl-atp-dev-cluster::SubnetsPrivate",
OutputKey: "SubnetsPrivate",
OutputValue: "subnet-0b82f725a2a3635e0,subnet-013021889c8604724,subnet-0ecc53da4fe6b3dde"
},
{
ExportName: "eksctl-atp-dev-cluster::SubnetsPublic",
OutputKey: "SubnetsPublic",
OutputValue: "subnet-0f7457b575c99d0c3,subnet-044fa1e27da8b0c7e,subnet-03a4577caf8947eda"
},
{
OutputKey: "FeatureNATMode",
OutputValue: "Single"
},
{
ExportName: "eksctl-atp-dev-cluster::ServiceRoleARN",
OutputKey: "ServiceRoleARN",
OutputValue: "arn:aws:iam::988496401707:role/eksctl-atp-dev-cluster-ServiceRole-S4KL2UIIWWH"
},
{
ExportName: "eksctl-atp-dev-cluster::Endpoint",
OutputKey: "Endpoint",
OutputValue: "https://OUTPUTKEY.gr7.us-west-2.eks.amazonaws.com"
},
{
ExportName: "eksctl-ATP-dev-cluster::SharedNodeSecurityGroup",
OutputKey: "SharedNodeSecurityGroup",
OutputValue: "[REDACTED]"
},
{
ExportName: "eksctl-ATP-dev-cluster::VPC",
OutputKey: "VPC",
OutputValue: "[REDACTED]"
},
{
ExportName: "eksctl-atp-dev-cluster::ClusterSecurityGroupId",
OutputKey: "ClusterSecurityGroupId",
OutputValue: "[REDACTED]"
},
{
OutputKey: "ClusterStackName",
OutputValue: "eksctl-atp-dev-cluster"
},
{
OutputKey: "CertificateAuthorityData",
OutputValue: "[REDACTED]"
},
{
ExportName: "eksctl-atp-dev-cluster::SecurityGroup",
OutputKey: "SecurityGroup",
OutputValue: "[REDACTED]"
},
{
ExportName: "eksctl-atp-dev-cluster::ARN",
OutputKey: "ARN",
OutputValue: "arn:aws:eks:us-west-2:988496401707:cluster/atp-dev"
}
],
RollbackConfiguration: {
},
StackId: "arn:aws:cloudformation:us-west-2:988496401707:stack/eksctl-atp-dev-cluster/4d4a7bf0-1bcf-11ec-9822-028a7f03527f",
StackName: "eksctl-atp-dev-cluster",
StackStatus: "CREATE_COMPLETE",
StackStatusReason: "Export eksctl-atp-dev-cluster::VPC cannot be deleted as it is in use by eksctl-atp-dev-nodegroup-ng-7b715a90",
Tags: [{
Key: "alpha.eksctl.io/cluster-name",
Value: "atp-dev"
},{
Key: "eksctl.cluster.k8s.io/v1alpha1/cluster-name",
Value: "atp-dev"
},{
Key: "alpha.eksctl.io/eksctl-version",
Value: "0.49.0"
}]
}
最佳答案
有两个很棒的应用程序可以列出和删除几乎所有 AWS 资源,包括您的案例。
awsls用于列出AWS资源awsrm用于删除AWS资源
awsls 用于列出 AWS 资源
jckuester/awsls: A list command for AWS resources
awsls supports listing of over 250 types of resources across 100 different AWS services. The goal is to code-generate a list function for every AWS resource that is covered by the Terraform AWS Provider (currently over 500). If you want to contribute, the generator is here.
awsrm 用于删除 AWS 资源
jckuester/awsrm: A remove command for AWS resources
This command line tool follows the Unix Philosophy of
doing only one thing and doing it well:It simplifies deleting over 250 AWS resource types across multiple accounts and regions.
Like other Unix-like tools,
awsrmreveals its full power when combining it via pipes with other tools, such asawslsfor listing AWS resources andgrepfor filtering by resource attributes.
例如使用 awsrm
删除 aws_eks_cluster
要从您的账户中删除所有 aws_eks_cluster,您可能需要
awsls aws_eks_cluster | awsrm
要从特定区域删除aws_eks_cluster:
awsls aws_eks_cluster -r us-west-1 | awsrm -r us-west-1
要从特定配置文件和区域中删除aws_eks_cluster:
awsls aws_eks_cluster -p <yourprofile> -r us-west-1 | awsrm -r us-west-1 -p <yourprofile>
关于amazon-web-services - 当 AWS 节点组没有出现在 CloudFormation 中并且仅在尝试删除父集群或创建新集群时似乎存在时,如何销毁 AWS 节点组?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/69329317/