Aws_eks_cluster empty data source error or Kubernetes provider localhost error

Roxyrob · April 16, 2023, 1:15am

I’m in a loop trying to destroy eks cluster using create = false instead of terraform destroy in “terraform-aws-eks” sample code:

eks_managed_node_group

I can run terraform apply without issues, but if I use create=false and terraform apply (instead of terraform destroy) to destroy eks cluster:

provider "kubernetes" {
  host                   = module.eks.cluster_endpoint
  cluster_ca_certificate = base64decode(module.eks.cluster_certificate_authority_data)
  exec {
    api_version = "client.authentication.k8s.io/v1beta1"
    command     = "aws"
    args        = ["eks", "get-token", "--cluster-name", local.name]
  }
}

module "eks" {
  source  = "terraform-aws-modules/eks/aws"
  version = "~> 19.12"

  create = var.create         ### => var.create = false
 ...
}

Terraform apply at provider evaluation probably notes module.eks destroy during resource using the kubernetes provider state check and returns:

│ Error: Get "http://localhost/api/v1/namespaces/kube-system/configmaps/aws-auth": dial tcp [::1]:80: connect: connection refused
│   with module.eks.kubernetes_config_map_v1_data.aws_auth[0],
│   on .terraform/modules/eks/main.tf line 553, in resource kubernetes_config_map_v1_data" "aws_auth":
│  553: resource "kubernetes_config_map_v1_data" "aws_auth" {

I try to add data source to decouple provider from module.eks

data "aws_eks_cluster" "clus1" {
  name = local.name
}

provider "kubernetes" {
  host                   = try(data.aws_eks_cluster.clus1.endpoint, module.eks.cluster_endpoint, null)
  cluster_ca_certificate = try(base64decode(data.aws_eks_cluster.clus1.certificate_authority[0].data), base64decode(module.eks.cluster_certificate_authority_data), null)
  exec {
    api_version = "client.authentication.k8s.io/v1beta1"
    command     = "aws"
    args        = ["eks", "get-token", "--cluster-name", local.name]
  }
}

and this worked for destruction but on next apply data source cannot find eks cluster and so returns:

│ Error: reading EKS Cluster (...): couldn't find resource
│   with data.aws_eks_cluster.clus1,
│   on main_eks_mila.tf line 27, in data "aws_eks_cluster" "clus1":
│   27: data "aws_eks_cluster" "clus1" {

And as far as I know, data source doesn’t allow empty result.

There is a viable solution to manage this ?

Topic		Replies	Views
Kubernetes provider error when using aws-eks as a submodule Terraform k8s	1	10163	May 26, 2020
EKS terraform apply failing - Error: unexpected state 'FAILED', wanted target 'ACTIVE'. last error: %!s(<nil>) AWS	3	6925	July 13, 2021
Solution: Error getting credentials Kubernetes	3	14534	December 15, 2023
EKS cluster not destroyed completely. Getting `Error: Unauthorized` AWS k8s	11	7976	October 9, 2022
The configmap “aws-auth” does not exist AWS k8s	6	1675	August 11, 2023

Aws_eks_cluster empty data source error or Kubernetes provider localhost error

Related topics