Reputation: 5858
EKS : could not find any suitable subnets for creating the ELB
I am trying to expose a service to the outside world using the loadBalancer type service.
For that, i have followed this doc
https://aws.amazon.com/premiumsupport/knowledge-center/eks-kubernetes-services-cluster/
My loadbalancer.yaml looks like this
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
type: LoadBalancer
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
But the load balancer is not creating as expected I am getting the following error
Warning SyncLoadBalancerFailed 8s (x3 over 23s) service-controller Error syncing load balancer: failed to ensure load balancer: could not find any suitable subnets for creating the ELB
Seems like its because of some issues in the subnet tags to solve,but i have the required tags in my subnets
kubernetes.io/cluster/<cluster-name>. owned
kubernetes.io/role/elb 1
But still, I am getting the error could not find any suitable subnets for creating the ELB
Upvotes: 21
Views: 42846
Answers (7)
Reputation: 1399
Usually the issue can be resolved by giving the tag however you can also add the annotations in the service. For eg: if you are exposing the Loadbalancer to the public, you can give the below annotations which will fix the issue.
annotations:
service.beta.kubernetes.io/aws-load-balancer-type: "elb"
service.beta.kubernetes.io/aws-load-balancer-subnets: "subnet-xxx,subnet-xxx2,subnet-xxx3"
Upvotes: 0
Reputation: 21
Resolution This has resolved my issue.
To identify a cluster's subnets, the Kubernetes Cloud Controller Manager (cloud-controller-manager) and AWS Load Balancer Controller (aws-load-balancer-controller) query that cluster's subnets by using the following tag as a filter:
Choose the appropriate option for tagging your subnets:
For public and private subnets used by load balancer resources Tag all public and private subnets that your cluster uses for load balancer resources with the following key-value pair:
Key: kubernetes.io/cluster/cluster-name Value: shared
The cluster-name value is for your Amazon EKS cluster. The shared value allows more than one cluster to use the subnet.
For private subnets used by internal load balancers To allow Kubernetes to use your private subnets for internal load balancers, tag all private subnets in your VPC with the following key-value pair:
Key: kubernetes.io/role/internal-elb Value: 1
For public subnets used by external load balancers To allow Kubernetes to use only tagged subnets for external load balancers, tag all public subnets in your VPC with the following key-value pair:
Key: kubernetes.io/role/elb Value: 1
Note: Use the preceding tag instead of using a public subnet in each Availability Zone.
reference: https://aws.amazon.com/premiumsupport/knowledge-center/eks-vpc-subnet-discovery/
Upvotes: 2
Reputation: 1282
Additional to Robert' answer, you can use the following kubectl command for annotating a service;
kubectl annotate svc <service-name> service.beta.kubernetes.io/aws-load-balancer-internal="true"
Upvotes: 3
Reputation: 1891
For people that may reach this question, I have faced the same error, but the problem was really simple.
The tag with key kubernetes.io/cluster/<cluster-name> had the wrong cluster name as the automation that deployed it was wrong.
Upvotes: 8
Reputation: 6982
In EKS 1.16, I need internet-facing NLB.
The root cause in EKS is that you haven't selected a public subnet while creating the cluster.
After creating the cluster EKS will not allow to update subnets as of now here
To resolve the issue, I have performed the below steps
- created a
public subnetin the same vpc of EKS - Attached
IGWin route tables in new created public subnets - Added below
tagsin public subnets kubernetes.io/cluster/<EKSClusterName>:shared
Note: In a 4th step, Replace your EKS cluster name in placeholder EKSClusterName
Upvotes: 3
Reputation: 3895
By default AWS EKS only attaches load balancers to public subnets. In order to launch it in a private subnet you need to not only label your subnets (which it looks like you did) but also annotate your load balancer-
service.beta.kubernetes.io/aws-load-balancer-internal: "true"
You can find more information here.
Upvotes: 27
Reputation: 11930
Possibly your subnet is not a public one, i.e. accessible from the internet. This will be required for your Loadbalancer to accept traffic from the outside world. In order to make it public, you need to attach an Internet Gateway to your VPC. Check here for more documentation.
Upvotes: 1
Related Questions
- EKS 1.21.5 - fails on "topologySpreadConstraints"
- AWS EKS 0/1 nodes are available. 1 insufficient pods
- Create EKS kubernetes pod in specific subnet
- Error: getting availability zones when trying to create EKS cluster
- AWS EKS - Failure creating load balancer controller
- AWS EC2 unable to access EKS
- How to configure the subnets for EKS?
- Install JupyterHub on EKS fails: "No suitable subnet for ELB"
- EKS Nodes behind an ELB is OutOfService
- Unable to create ELB with 2 kubernetes clusters in the same AWS VPC and subnets using kops solution