Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AWS EC2 description filter with tag not working for EKS NodeGroup #314

Open
bsmerja opened this issue Mar 15, 2023 · 2 comments
Open

AWS EC2 description filter with tag not working for EKS NodeGroup #314

bsmerja opened this issue Mar 15, 2023 · 2 comments
Labels
community Issues or PRs opened by an external contributor proposal An issue that proposes a feature request waiting for response Waiting for author's response

Comments

@bsmerja
Copy link

bsmerja commented Mar 15, 2023

Describe the bug
When there are multiple pods running in the EKS environment EKS node members have multiple Private IP addresses based on number of pods running on specific node, nginx-asg-sync fetches any one Private IP address and populates NGINX config, which cause 502 bad gateway.

To Reproduce

  1. Deploy N+ with nginx-asg-sync in front of EKS for Reverse Proxy / LB
  2. config.yaml with autoscaling_group: eks-Node-instances<1234> in line with aws:autoscaling:groupName: eks-Node-instances<1234>
  3. Run multiple pods on EKS

Will cause wrong IP addresses in upstream

Provide the following files as part of the bug report

  1. nginx -T outcome

    configuration file /var/lib/nginx/state/backend-eks.conf:
    server 10.1.20.227:31159;
    server 10.1.20.218:31159;
    server 10.1.20.232:31159;
    server 10.1.20.251:31159;
    
  2. actual IP addresses of EKS Nodes - kubectl get nodes -o wide

    NAME                                    STATUS  INTERNAL-IP                                               
    ip-10-1-20-218.region.compute.internal   Ready      10.1.20.218
    ip-10-1-20-227.region.compute.internal   Ready     10.1.20.227   
    ip-10-1-20-248.region.compute.internal   Ready    10.1.20.248   
    ip-10-1-20-82.region.compute.internal    Ready     10.1.20.82    
    
  3. Also, aws cli command gives Private IP address with filter and query as applied:

    aws ec2 describe-instances --filters "Name=tag:aws:autoscaling:groupName,Values=eks-Node-instances<1234>" --profile Users-<user-id> --query 'Reservations[*].Instances[*].[PrivateIpAddress]' --output text
    
    10.1.20.227
    10.1.20.218
    10.1.20.82
    10.1.20.248
    
  4. config.yaml:

    region: <region-name>
    api_endpoint: http://127.0.0.1:8080/api
    sync_interval_in_seconds: 5
    cloud_provider: AWS
    upstreams:
     - name: backend-eks
       autoscaling_group: eks-Node-instances<1234>
       port: 31159
       kind: http
       max_conns: 0
       max_fails: 1
       fail_timeout: 10s
       slow_start: 0s

Steps to reproduce the behaviour, such as:

  1. Scale from 2 to 5 EC2 instances
  2. New instances not added to nginx.conf
  3. See error in /var/log/nginx-asg-sync/nginx-asg-sync.log

Expected behavior
A clear and concise description of what you expected to happen.

Your environment
nginx-asg-sync version 0.5.0
nginx version: nginx/1.23.2 (nginx-plus-r28)
Amazon Linux 2

Additional context
Is it possible to add an additional query inside of config.yaml which I used to find exact Private address in following command:

aws ec2 describe-instances --filters "Name=tag:aws:autoscaling:groupName,Values=eks-Node-instances<1234>" --profile Users-1234 --query 'Reservations[].Instances[].[PrivateIpAddress]' --output text

@github-actions github-actions bot added the stale Pull requests/issues with no activity label May 15, 2023
@lucacome lucacome removed the stale Pull requests/issues with no activity label May 17, 2023
@github-actions github-actions bot added the stale Pull requests/issues with no activity label Jul 17, 2023
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Jul 25, 2023
@lucacome lucacome reopened this Jul 25, 2023
@github-actions github-actions bot removed the stale Pull requests/issues with no activity label Jul 26, 2023
@github-actions github-actions bot added the stale Pull requests/issues with no activity label Sep 25, 2023
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Oct 3, 2023
@lucacome lucacome reopened this Oct 3, 2023
@lucacome lucacome added proposal An issue that proposes a feature request and removed stale Pull requests/issues with no activity labels Oct 3, 2023
@github-actions github-actions bot added the stale Pull requests/issues with no activity label Dec 3, 2023
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Dec 10, 2023
@lucacome lucacome removed the stale Pull requests/issues with no activity label Jun 20, 2024
@lucacome lucacome reopened this Jun 20, 2024
Copy link

nginx-bot bot commented Aug 24, 2024

Hi @bsmerja! Welcome to the project! 🎉

Thanks for opening this issue!
Be sure to check out our Contributing Guidelines and the Issue Lifecycle while you wait for someone on the team to take a look at this.

@nginx-bot nginx-bot bot added the community Issues or PRs opened by an external contributor label Aug 24, 2024
@nginx nginx deleted a comment from github-actions bot Aug 25, 2024
@nginx nginx deleted a comment from github-actions bot Aug 25, 2024
@nginx nginx deleted a comment from github-actions bot Aug 25, 2024
@nginx nginx deleted a comment from github-actions bot Aug 25, 2024
@nginx nginx deleted a comment from github-actions bot Aug 25, 2024
@nginx nginx deleted a comment from github-actions bot Aug 25, 2024
@nginx nginx deleted a comment from github-actions bot Aug 25, 2024
@lucacome
Copy link
Member

Hi @bsmerja

I'm trying to reproduce this but creating pods doesn't affect the Autoscaling group for me. Are you still seeing this behavior?
If so can you share the logs from nginx-asg-sync as well?

@mpstefan mpstefan added the waiting for response Waiting for author's response label Aug 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
community Issues or PRs opened by an external contributor proposal An issue that proposes a feature request waiting for response Waiting for author's response
Projects
None yet
Development

No branches or pull requests

3 participants