Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(module name): (short issue description) #26716

Closed
JCBSLMN opened this issue Aug 11, 2023 · 1 comment
Closed

(module name): (short issue description) #26716

JCBSLMN opened this issue Aug 11, 2023 · 1 comment
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud @aws-cdk/aws-eks Related to Amazon Elastic Kubernetes Service bug This issue is a bug. needs-triage This issue or PR still needs to be triaged.

Comments

@JCBSLMN
Copy link

JCBSLMN commented Aug 11, 2023
edited
Loading

Describe the bug

cluster destroy fail due to dependent resources.

Expected Behavior

when cdk destroy is run all resources destroyed.

Current Behavior

get deletion errors:

1:00:12 pm | DELETE_FAILED | AWS::EC2::Subnet | testvpcPublicSubnet1Subnet01CF7554
Resource handler returned message: "The subnet 'subnet-01609017cd3231660' has dependencies and cannot be deleted. (Service: Ec2, Status Code: 400, Request ID: 68635619-e61d-4c35-9074-958e4ee3d432)" (RequestToken: ef2884ea-38c1-dc07-d101-1f4bdaee
30fd, HandlerErrorCode: InvalidRequest)

1:01:38 pm | DELETE_FAILED | AWS::EC2::VPCGatewayAttachment | testvpcVPCGW7060AA15
Network vpc-054f99c6f5b77b893 has some mapped public address(es). Please unmap those public address(es) before detaching the gateway. (Service: AmazonEC2; Status Code: 400; Error Code: DependencyViolation; Request ID: 9b0e88c2-420e-4ccf-9ac9-a0b
3fe115acc; Proxy: null)

❌ TestStack: destroy failed Error: The stack named TestStack is in a failed state. You may need to delete it from the AWS console : DELETE_FAILED (The following resource(s) failed to delete: [testvpcPublicSubnet3Subnet667BDE9B, testvpcPublicSubnet2Subnet4E9D9728, testvpcVPCGW7060AA15, testvpcPublicSubnet1Subnet01CF7554]. ): Resource handler returned message: "The subnet 'subnet-07fbb2f08261768cc' has dependencies and cannot be deleted. (Service: Ec2, Status Code: 400, Request ID: f38fac04-5710-465b-a585-9d311e1b9371)" (RequestToken: 01c1cffd-e215-81b4-29cf-4735f390121b, HandlerErrorCode: InvalidRequest), Resource handler returned message: "The subnet 'subnet-0145d671f97ea3b67' has dependencies and cannot be deleted. (Service: Ec2, Status Code: 400, Request ID: 04c0c875-130a-4d6b-9ae7-e78109e52efc)" (RequestToken: 7843a559-44e0-041e-929e-762861d3bbd1, HandlerErrorCode: InvalidRequest), Resource handler returned message: "The subnet 'subnet-01609017cd3231660' has dependencies and cannot be deleted. (Service: Ec2, Status Code: 400, Request ID: 68635619-e61d-4c35-9074-958e4ee3d432)" (RequestToken: ef2884ea-38c1-dc07-d101-1f4bdaee30fd, HandlerErrorCode: InvalidRequest), Network vpc-054f99c6f5b77b893 has some mapped public address(es). Please unmap those public address(es) before detaching the gateway. (Service: AmazonEC2; Status Code: 400; Error Code: DependencyViolation; Request ID: 9b0e88c2-420e-4ccf-9ac9-a0b3fe115acc; Proxy: null)
at destroyStack (/usr/local/lib/node_modules/aws-cdk/lib/index.js:412:1796)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async CdkToolkit.destroy (/usr/local/lib/node_modules/aws-cdk/lib/index.js:415:161158)
at async exec4 (/usr/local/lib/node_modules/aws-cdk/lib/index.js:470:52002)

Reproduction Steps

create cluster with the following resources:

  vpc := awsec2.NewVpc(stack, jsii.String("test-vpc"), &awsec2.VpcProps{
	      NatGateways: jsii.Number(1),
      })

eksSecurityGroup := awsec2.NewSecurityGroup(stack, jsii.String("eks-test-sg"),
	&awsec2.SecurityGroupProps{
		Vpc:               vpc,
		SecurityGroupName: jsii.String("eks-test-sg"),
		AllowAllOutbound:  jsii.Bool(true)})

cluster := awseks.NewCluster(stack, jsii.String("test-eks-cluster"),
	&awseks.ClusterProps{
		Vpc:           vpc,
		SecurityGroup: eksSecurityGroup,
		VpcSubnets: &[]*awsec2.SubnetSelection{
			{Subnets: vpc.PrivateSubnets()}},
		ClusterName:     jsii.String("test-eks-cluster"),
		Version:         awseks.KubernetesVersion_V1_26(),
		KubectlLayer:    kubectlv26.NewKubectlV26Layer(stack, jsii.String("kubectl")),
		DefaultCapacity: jsii.Number(0),
		// DefaultCapacityInstance: awsec2.InstanceType_Of(awsec2.InstanceClass_T3, awsec2.InstanceSize_MICRO),
		// DefaultCapacityType:     awseks.DefaultCapacityType_NODEGROUP,
		OutputConfigCommand: jsii.Bool(true),
		EndpointAccess: awseks.EndpointAccess_PUBLIC_AND_PRIVATE().OnlyFrom(jsii.String(
			"159.196.210.0/24",
		)),
		// AlbController: &awseks.AlbControllerOptions{
		// 	Version: awseks.AlbControllerVersion_V2_5_1(),
		// },
	})

// get current IP address - curl ipecho.net/plain ; echo

cluster.AddNodegroupCapacity(jsii.String("extra-ng-spot"), &awseks.NodegroupOptions{
	InstanceTypes: &[]awsec2.InstanceType{
		awsec2.NewInstanceType(jsii.String("t3.medium")),
		awsec2.NewInstanceType(jsii.String("t2.medium")),
	},
	AmiType:        awseks.NodegroupAmiType_AL2_X86_64,
	ReleaseVersion: jsii.String("1.26.4-20230607"),
	MinSize:        jsii.Number(1),
	MaxSize:        jsii.Number(3),
	DesiredSize:    jsii.Number(1),
	CapacityType:   awseks.CapacityType_SPOT,
})

Possible Solution

create cluster with these resources:

    vpc := awsec2.NewVpc(stack, jsii.String("test-vpc"), &awsec2.VpcProps{
	        NatGateways: jsii.Number(1),
        })

eksSecurityGroup := awsec2.NewSecurityGroup(stack, jsii.String("eks-test-sg"),
	&awsec2.SecurityGroupProps{
		Vpc:               vpc,
		SecurityGroupName: jsii.String("eks-test-sg"),
		AllowAllOutbound:  jsii.Bool(true)})

cluster := awseks.NewCluster(stack, jsii.String("test-eks-cluster"),
	&awseks.ClusterProps{
		Vpc:           vpc,
		SecurityGroup: eksSecurityGroup,
		VpcSubnets: &[]*awsec2.SubnetSelection{
			{Subnets: vpc.PrivateSubnets()}},
		ClusterName:     jsii.String("test-eks-cluster"),
		Version:         awseks.KubernetesVersion_V1_26(),
		KubectlLayer:    kubectlv26.NewKubectlV26Layer(stack, jsii.String("kubectl")),
		DefaultCapacity: jsii.Number(0),
		OutputConfigCommand: jsii.Bool(true),
		EndpointAccess: awseks.EndpointAccess_PUBLIC_AND_PRIVATE().OnlyFrom(jsii.String(
			"XXX.XXX.XXX/24",
		)),
	})


cluster.AddNodegroupCapacity(jsii.String("extra-ng-spot"), &awseks.NodegroupOptions{
	InstanceTypes: &[]awsec2.InstanceType{
		awsec2.NewInstanceType(jsii.String("t3.medium")),
		awsec2.NewInstanceType(jsii.String("t2.medium")),
	},
	AmiType:        awseks.NodegroupAmiType_AL2_X86_64,
	ReleaseVersion: jsii.String("1.26.4-20230607"),
	MinSize:        jsii.Number(1),
	MaxSize:        jsii.Number(3),
	DesiredSize:    jsii.Number(1),
	CapacityType:   awseks.CapacityType_SPOT,
})

Additional Information/Context

No response

CDK CLI Version

2.85.0

Framework Version

No response

Node.js Version

v18.13.0

OS

Mac 11.7.9

Language

Go

Language Version

1.20.4 darwin/amd64

Other information

No response
@JCBSLMN JCBSLMN added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 11, 2023
@github-actions github-actions bot added @aws-cdk/aws-eks Related to Amazon Elastic Kubernetes Service @aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud labels Aug 11, 2023
@JCBSLMN JCBSLMN closed this as completed Aug 11, 2023
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@github-actions github-actions bot mentioned this issue Sep 1, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud @aws-cdk/aws-eks Related to Amazon Elastic Kubernetes Service bug This issue is a bug. needs-triage This issue or PR still needs to be triaged.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@JCBSLMN