Skip to content

EC2 Controller: API errors with VPC when not including optional fields enableDNSHostnames and enableDNSSupport #1826

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
aaroniscode opened this issue Jun 14, 2023 · 3 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. service/ec2 Indicates issues or PRs that are related to ec2-controller.

Comments

@aaroniscode
Copy link

aaroniscode commented Jun 14, 2023

Describe the bug
When creating a VPC and not including optional fields enableDNSHostnames and enableDNSSupport, the controller creates the VPC but then outputs API errors in the logs.

Steps to reproduce
Create a VPC custom resource

apiVersion: ec2.services.k8s.aws/v1alpha1
kind: VPC
metadata:
  name: test
  namespace: default
spec:
  cidrBlocks:
  - 10.0.0.0/16
  tags:
  - key: Name
    value: test

Logs show:

2023-06-14T19:43:03.578Z	INFO	ackrt	desired resource state has changed	{"account": "123456789012", "role": "", "region": "us-west-2", "kind": "VPC", "namespace": "default", "name": "test", "is_adopted": false, "generation": 2, "diff": [{"Path":{"Parts":["Spec","EnableDNSHostnames"]},"A":null,"B":false},{"Path":{"Parts":["Spec","EnableDNSSupport"]},"A":null,"B":true}]}
2023-06-14T19:43:03.733Z	ERROR	Reconciler error	{"controller": "vpc", "controllerGroup": "ec2.services.k8s.aws", "controllerKind": "VPC", "VPC": {"name":"test","namespace":"default"}, "namespace": "default", "name": "test", "reconcileID": "815db277-7e7f-46c0-9928-987d83e84a6b", "error": "InvalidParameterCombination: No attributes specified.\n\tstatus code: 400, request id: 051a766d-bd9a-4566-ab45-3d802f79d987"}
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler
	/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:329
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem
	/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:274
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2
	/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:235

Expected outcome
No errors in logs.

Environment

  • Kubernetes version: EKS 1.27
  • Using EKS (yes/no), if so version? yes, 1.27
  • AWS service targeted (S3, RDS, etc.) EC2 controller v1.0.3
@RedbackThomson RedbackThomson added kind/bug Categorizes issue or PR as related to a bug. service/ec2 Indicates issues or PRs that are related to ec2-controller. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. labels Jun 15, 2023
@RedbackThomson
Copy link
Contributor

Do you see this error echoed in the status of the VPC object?

@aaroniscode
Copy link
Author

yes

» kubectl get vpc -o yaml
apiVersion: v1
items:
- apiVersion: ec2.services.k8s.aws/v1alpha1
  kind: VPC
  metadata:
    annotations:
      kubectl.kubernetes.io/last-applied-configuration: |
        {"apiVersion":"ec2.services.k8s.aws/v1alpha1","kind":"VPC","metadata":{"annotations":{},"name":"test","namespace":"default"},"spec":{"cidrBlocks":["10.0.0.0/16"],"tags":[{"key":"Name","value":"test"}]}}
    creationTimestamp: "2023-06-16T15:45:36Z"
    finalizers:
    - finalizers.ec2.services.k8s.aws/VPC
    generation: 2
    name: test
    namespace: default
    resourceVersion: "412888"
    uid: 5eed331b-2aa7-4aa2-b9f9-2f5b1f422b05
  spec:
    cidrBlocks:
    - 10.0.0.0/16
    instanceTenancy: default
    tags:
    - key: Name
      value: test
  status:
    ackResourceMetadata:
      ownerAccountID: "123456789012"
      region: us-west-2
    cidrBlockAssociationSet:
    - associationID: vpc-cidr-assoc-090eaa19a20cb981d
      cidrBlock: 10.0.0.0/16
      cidrBlockState:
        state: associated
    conditions:
    - message: "InvalidParameterCombination: No attributes specified.\n\tstatus code:
        400, request id: 9cd67fa1-d85c-47fd-a3d2-b1ef9d79370f"
      status: "True"
      type: ACK.Recoverable
    - lastTransitionTime: "2023-06-16T15:45:41Z"
      message: Unable to determine if desired resource state matches latest observed
        state
      reason: "InvalidParameterCombination: No attributes specified.\n\tstatus code:
        400, request id: 9cd67fa1-d85c-47fd-a3d2-b1ef9d79370f"
      status: Unknown
      type: ACK.ResourceSynced
    dhcpOptionsID: dopt-953d41ed
    isDefault: false
    ownerID: "123456789012"
    state: available
    vpcID: vpc-0c209ff8cc5ae412c
kind: List
metadata:
  resourceVersion: ""

@jljaco jljaco added the lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. label Jun 28, 2023
@LikithaVemulapalli
Copy link
Member

Hello, considering only the existing functionality and how it works, both the optional fields enableDNSHostnames and enableDNSSupport are of type bool, and the only valid values are either true or false for these fields in order to avoid the above mentioned errors.

@jljaco jljaco added priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. and removed priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. labels Sep 28, 2023
ack-prow bot pushed a commit to aws-controllers-k8s/ec2-controller that referenced this issue Sep 30, 2024
Issue #: aws-controllers-k8s/community#1826

Description of changes: Only sync optional fields, if actually configured. More details are in the [commit message](3ebf6f9).

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
gfrey pushed a commit to gfrey/ack-ec2-controller that referenced this issue Oct 1, 2024
This improves aws-controllers-k8s#225.

Using a custom pre-compare function the defaults can be set accordingly.
This is now added with the defaults set to what the VPC defaults are.
The `disallowSecurityGroupDefaultRules` option is also handled here, as
it also has the issue describe in aws-controllers-k8s/community#1826.
ack-prow bot pushed a commit to aws-controllers-k8s/ec2-controller that referenced this issue Oct 3, 2024
This improves #225.

Using a custom pre-compare function the defaults can be set accordingly. This is now added with the defaults set to what the VPC defaults are. The `disallowSecurityGroupDefaultRules` option is also handled here, as it also has the issue describe in aws-controllers-k8s/community#1826.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/bug Categorizes issue or PR as related to a bug. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. service/ec2 Indicates issues or PRs that are related to ec2-controller.
Projects
None yet
Development

No branches or pull requests

4 participants