LoadBalancer service in Kubernetes is not getting ELB external IP address as its stuck in pending state.
When immediately created it doesn't show any event logs but after a certain time it give the following error:
Error syncing load balancer: failed to check if load balancer exists before cleanup: NoCredentialProviders: no valid providers in chain. Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrors
My definition are as follows,
apiVersion: apps/v1
kind: Deployment
metadata:
name: sample-graphql-fetcher-srv
labels:
app: sample-graphql-fetcher-srv-api
spec:
replicas: 1 # tells deployment to run how many pods to run
selector:
matchLabels:
app: sample-graphql-fetcher-srv-api
template:
metadata:
labels:
app: sample-graphql-fetcher-srv-api
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- arm64
containers:
- name: nginx
image: <ecr_endpoint>/sample-graphql-fetcher-srv:0.2
ports:
- name: http
containerPort: 8080
imagePullPolicy: Always #IfNotPresent #
env:
- name: ENV_VAR
value: 'Value'
nodeSelector:
kubernetes.io/os: linux
---
apiVersion: v1
kind: Service
metadata:
name: sample-graphql-fetcher-srv-service
spec:
type: LoadBalancer
ports:
- port: 80
protocol: TCP
targetPort: 8080
selector:
app: sample-graphql-fetcher-srv-api
However the above definition works on a different cluster and it is providing with the elb endpoint immediately after creation.
I have checked the load balancer limits and elastic(static) IP limit but it had capacity. Also there are two other LoadBalancer Services with the elb endpoint that were created before.
Where can the problem lie on?
CodePudding user response:
Issue was in the Trust relationship in the cluster's role not having the following,
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "eks.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}