cluster-api-provider-aws: CAPA fails silently when the instance profile of machine is incorrectly specified

/kind bug

What steps did you take and what happened: Create a new cluster. Specify a different/wrong instance profile role for controlplane than whats available on the account. CAPA fails silently with no errors or events being generated.

What did you expect to happen: CAPA must log the failure and generate a warning/error event indicating the reason.

Anything else you would like to add: [Miscellaneous information that will assist in solving the issue.]

Environment:

Cluster-api-provider-aws version:
Kubernetes version: (use kubectl version):
OS (e.g. from /etc/os-release):

About this issue

Original URL
State: closed
Created 5 years ago
Comments: 30 (30 by maintainers)

Most upvoted comments

Added the following log line to https://github.com/kubernetes-sigs/cluster-api-provider-aws/blob/master/pkg/cloud/services/ec2/instances.go#L190 s.scope.V(2).Info("Error running instance", "cause", fmt.Sprintf("%v", errors.Cause(err)), "isFailed", awserrors.IsFailedDependency(errors.Cause(err)))

and it produces:

I1002 19:38:09.709996 1 instances.go:190] controllers/AWSMachine "msg"="Error running instance" "awsCluster"="cloudsdale" "awsMachine"="cloudsdale-controlplane-0" "cluster"="cloudsdale" "machine"="cloudsdale-controlplane-0" "namespace"="default" "cause"="InvalidParameterValue: Value (invalid-controllers.cluster-api-provider-aws.sigs.k8s.io) for parameter iamInstanceProfile.name is invalid. Invalid IAM Instance Profile name\n\tstatus code: 400, request id: d4fb95aa-f14c-4dc7-84b3-efb14c8fab2f" "isFailed"=false

so the error is not categorized as a dependency error.

And actually, I do see events being generated:

Events:
  Type     Reason        Age   From            Message
  ----     ------        ----  ----            -------
  Warning  FailedCreate  30m   aws-controller  Failed to create instance: failed to run instance: InvalidParameterValue: Value (invalid-controllers.cluster-api-provider-aws.sigs.k8s.io) for parameter iamInstanceProfile.name is invalid. Invalid IAM Instance Profile name
           status code: 400, request id: 616cc148-52fb-4b8a-a80b-704acd2568a1
  Warning  FailedCreate  30m  aws-controller  Failed to create instance: failed to run instance: InvalidParameterValue: Value (invalid-controllers.cluster-api-provider-aws.sigs.k8s.io) for parameter iamInstanceProfile.name is invalid. Invalid IAM Instance Profile name
           status code: 400, request id: 3b15a0dd-4bd0-4888-8f22-29b85888b41c
  Warning  FailedCreate  30m  aws-controller  Failed to create instance: failed to run instance: InvalidParameterValue: Value (invalid-controllers.cluster-api-provider-aws.sigs.k8s.io) for parameter iamInstanceProfile.name is invalid. Invalid IAM Instance Profile name

is it possible this issue got solved in the mean time?

liztio on Oct 2, 2019

Reproduces in v0.4.0. CAPA pod logs:

I0913 15:00:44.621730       1 awsmachine_controller.go:233] controllers/AWSMachine/awscluster-controller/namespace=default/awsMachine=capi-quickstart-controlplane-0/infrastructure.cluster.x-k8s.io/v1alpha2/machine=capi-quickstart-controlplane-0/cluster=capi-quickstart/awsCluster=capi-quickstart "level"=0 "msg"="Reconciling AWSMachine"
I0913 15:00:45.215074       1 awscluster_controller.go:140] controllers/AWSCluster/awscluster-controller/namespace=default/awsCluster=capi-quickstart/infrastructure.cluster.x-k8s.io/v1alpha2/cluster=capi-quickstart "level"=0 "msg"="Reconciling AWSCluster"
E0913 15:00:46.158773       1 controller.go:218] controller-runtime/controller "msg"="Reconciler error" "error"="failed to create AWSMachine instance: failed to run instance: InvalidParameterValue: Value (badcontrollers.cluster-api-provider-aws.sigs.k8s.io) for parameter iamInstanceProfile.name is invalid. Invalid IAM Instance Profile name\n\tstatus code: 400, request id: ce82bd19-6f70-45cc-bed3-3ad169f92a1b"  "controller"="awsmachine" "request"={"Namespace":"default","Name":"capi-quickstart-controlplane-0"}

ncdc on Sep 13, 2019