https://pulumi.com logo
#aws
Title
# aws
p

proud-pizza-80589

05/24/2023, 3:37 PM
Hmm, i have 2 pulumi deployed EKS clusters, one in the japan and one in the singapore region where i can no longer run updates error: Error: Cannot retrieve the certificate fingerprint at the issuer URL: https://oidc.eks.ap-northeast-3.amazonaws.com at /Users/roderik/Development/bpaas/node_modules/.pnpm/@pulumi+eks@1.0.2_@swc+core@1.3.59_@types+node@18.16.14/node_modules/@pulumi/cert-thumprint.ts12711 at Generator.throw (<anonymous>) at rejected (/Users/roderik/Development/bpaas/node_modules/.pnpm/@pulumi+eks@1.0.2_@swc+core@1.3.59_@types+node@18.16.14/node_modules/@pulumi/eks/cert-thumprint.js1965) at processTicksAndRejections (nodeinternal/process/task queues95:5) the same cluster code (different stacks) in other regions still works and updates. So clearly a south east asia problem. Anyone have an idea?
t

tall-library-51128

05/24/2023, 3:50 PM
I haven't used
pulumi_eks
in a while (moved to
pulumi_aws
) but shouldn't the URL above be in this format ?
<https://oidc.eks.ap-northeast-3.amazonaws.com/id/><id>
or you redacted the value ?
p

proud-pizza-80589

05/24/2023, 3:51 PM
no, this is just the pulumi output
the stack export has the right urls and ids
trying to add some debugging code
Copy code
Error [ERR_SOCKET_CONNECTION_TIMEOUT]: Socket connection timeout
        at new NodeError (node:internal/errors:399:5)
        at internalConnectMultiple (node:net:1099:20)
        at Timeout.internalConnectMultipleTimeout (node:net:1638:3)
        at listOnTimeout (node:internal/timers:575:11)
        at processTimers (node:internal/timers:514:7) {
      code: 'ERR_SOCKET_CONNECTION_TIMEOUT'
    }
t

tall-library-51128

05/24/2023, 3:56 PM
I see, you're onto something here. Private Endpoint maybe ?
p

proud-pizza-80589

05/24/2023, 3:56 PM
no, nothing, and i can curl the full url with id from my computer (403 error but no connection issue)
ok, i accidentally switched to node 20, switched to 18 and it works now
t

tall-library-51128

05/24/2023, 4:01 PM
sorry, you mean Node js
🙂
p

proud-pizza-80589

05/24/2023, 4:01 PM
😉 not sure what changed in node 20 to cause this
t

tall-library-51128

05/24/2023, 4:02 PM
good luck! I gave
pulumi_eks
a try last year and ended up using plain
pulumi_aws
so in the case above I would run
pulumi_tls
to get the fingerprint.
p

proud-pizza-80589

05/24/2023, 4:04 PM
don't actually need node 20, was messign with my zsh config and my aliasses were gone
g

gray-electrician-97832

05/31/2023, 4:15 PM
asdf
is your friend!
p

proud-pizza-80589

06/03/2023, 8:23 AM
trying out volta now, also looks cool
4 Views