Amazon custom AMI doesn't join to EKS cluster

Question

I would like to have custom AMI fro EKS, however I have got error with joining a node to cluster.

All initial steps passed without error. But a node hasn't joined to a k8s cluster. And I see the error kubelet.go "Error getting node" err="node \"ip-10-0-31-89.ec2.internal\" not found"

I use this Amazon EKS optimized Amazon Linux AMIs ami-0baacf6d2f7060e93 for Kubernetes version 1.22

My userdata are:

#!/bin/bash
sudo /etc/eks/bootstrap.sh '${cluster_name}' \
--b64-cluster-ca '${cluster_ca_certificate}' \
--apiserver-endpoint '${cluster_endpoint}' \
--use-max-pods=true \
--max-pods=20 \
--container-runtime containerd \
--ip-family ipv4 \
--kubelet-extra-args --node-labels=${karpenter_key}=${cluster_name},managed-by=karpenter

Answer 1

sudo /etc/eks/bootstrap.sh '${cluster_name}'
...

Use of '' will not expand the variable you passed to the script. Try:

#!/bin/bash
/etc/eks/bootstrap.sh ${cluster_name} \
  --b64-cluster-ca ${cluster_ca_certificate} \
  --apiserver-endpoint ${cluster_endpoint} \
  --use-max-pods false \
  --container-runtime containerd \
  --ip-family ipv4 \
  --kubelet-extra-args "--node-labels=${karpenter_key}=${cluster_name},managed-by=karpenter --max-pods=20"

Create aws-auth here if you only use self-managed node group.

Answer 2

The error was due to the default security group wasn't attached to the node instance

Default: Cluster security group that was created by Amazon EKS for the cluster. Managed node groups use this security group for control-plane-to-data-plane communication. Referred to as 'Cluster security group' in the EKS console

Thanks all for your answers.