-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Getting Failed to watch of *v1alpha1.PolicyEndpoint ended with: an error on the server after upgrading VPC CNI to v1.17.1+ version with aws-network-policy-agent v1.1.0 #257
Comments
@ArtemProskochylo How did you upgrade the VPC CNI version? It appears that you're missing the required permissions for the |
Facing the same issue after upgrading to EKS 1.29 with CNI 1.18.0.
Seems like a bug. |
@danielap-ma If you're seeing the same error as above - then either the permissions are missing (please check if CNI pods have correct SA in place) or there are connectivity issues with your API Server. I quickly tried it and I don't see any such issue(s) on my end. |
Hi @achevuru
But I still see the following error in logs for v1.17.1: In another cluster running the updated version v1.18.1, I do not see those errors. I suppose it is a version-specific issue. I hope provided info will be useful for you. Thanks |
Hey @achevuru, |
Hi @omfurman-ma @danielap-ma , can you please ensure you have |
What happened:
After upgrading vpc-cni plugin to v1.17.1 and v1.18.0 versions I see a lot of errors for the aws-network-policy-agent container with v1.1.0 version. The issue is occurring even on fresh EKS installations where we are not using Network Policies.
Attach logs
W0424 08:27:34.397257 1 reflector.go:462] pkg/mod/k8s.io/[email protected]/tools/cache/reflector.go:229: watch of *v1alpha1.PolicyEndpoint ended with: an error on the server ("unable to decode an event from the watch stream: context canceled") has prevented the request from succeeding
What you expected to happen:
No error messages.
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?:
Environment:
kubectl version
):Client Version: v1.29.1
Server Version: v1.29.1-eks-b9c9ed7
cat /etc/os-release
): Bottlerocket OS 1.19.2 (aws-k8s-1.29)uname -a
): 6.1.77The text was updated successfully, but these errors were encountered: