amazon-vpc-cni-k8s: vpc-cni 1.10.0 upgrade fails
EKS 1.21 cluster with cert-manager deployed when upgrading the VPC-CNI addon from 1.9.1 to 1.10.0 new pods in daemonset get the following error and fail to start:
`{“level”:“info”,“ts”:“2021-11-09T21:01:59.568Z”,“caller”:“entrypoint.sh”,“msg”:“Validating env variables …”} {“level”:“info”,“ts”:“2021-11-09T21:01:59.569Z”,“caller”:“entrypoint.sh”,“msg”:“Install CNI binaries…”} {“level”:“info”,“ts”:“2021-11-09T21:01:59.583Z”,“caller”:“entrypoint.sh”,“msg”:"Starting IPAM daemon in the background … "} {“level”:“info”,“ts”:“2021-11-09T21:01:59.584Z”,“caller”:“entrypoint.sh”,“msg”:"Checking for IPAM connectivity … "} I1109 21:02:00.660940 12 request.go:621] Throttling request took 1.0416662s, request: GET:https://172.20.0.1:443/apis/cert-manager.io/v1beta1?timeout=32s panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x39 pc=0x56248cd53508]
goroutine 580 [running]: github.com/aws/amazon-vpc-cni-k8s/pkg/ipamd.(*IPAMContext).StartNodeIPPoolManager(0x0) /go/src/github.com/aws/amazon-vpc-cni-k8s/pkg/ipamd/ipamd.go:633 +0x28 created by main._main /go/src/github.com/aws/amazon-vpc-cni-k8s/cmd/aws-k8s-agent/main.go:64 +0x32c`
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 25 (10 by maintainers)
@achevuru I tested the
1.10.1release and that seems to have fixed my issue. For now, I am using the1.9.3version as @fitchtech suggested usingaws_eks_addon.Thank you guys.
@fitchtech Issue is not tied to cert-manager or v1.10 image itself. It is due to an issue in the Managed add on manifest used for v1.10.0. Managed add on change was already in the process of roll back when you upgraded your cluster. I believe the rollback is already complete. It’ll be enabled once the issue is addressed.