08/20/2020, 3:20 PM
i've tried deploying eks but the nodes remain in a 'NotReady' status since it can't pull the VPC CNI plugin image for the aws-node DaemonSet. Not sure if this is problem happens in other regions but i'm seeing it in both the us-east-1 and ca-central-1 regions. see below:
  Type     Reason     Age               From                                                   Message
  ----     ------     ----              ----                                                   -------
  Normal   Scheduled  9m                default-scheduler                                      Successfully assigned kube-system/aws-node-7rl2w to
  Normal   Pulling    7m (x4 over 9m)   kubelet,  Pulling image "<|>"
  Warning  Failed     7m (x4 over 9m)   kubelet,  Failed to pull image "<|>": rpc error: code = Unknown desc = Error response from daemon: Get <>: no basic auth credentials
  Warning  Failed     7m (x4 over 9m)   kubelet,  Error: ErrImagePull
  Normal   BackOff    7m (x6 over 9m)   kubelet,  Back-off pulling image "<|>"
  Warning  Failed     4m (x21 over 9m)  kubelet,  Error: ImagePullBackOff
and my pulumi program:
import * as awsx from "@pulumi/awsx";
import * as eks from "@pulumi/eks";

// Create a VPC for our cluster.
const vpc = new awsx.ec2.Vpc("vpc", { numberOfAvailabilityZones: 2 });

// Create the EKS cluster itself and a deployment of the Kubernetes dashboard.
const cluster = new eks.Cluster("cluster", {
    subnetIds: vpc.publicSubnetIds,
    instanceType: "t2.medium",
    desiredCapacity: 1,
    minSize: 1,
    maxSize: 2,
    deployDashboard: true,

// Export the cluster's kubeconfig.
export const kubeconfig = cluster.kubeconfig;
I've checked the roles and it looks like the node has permissions to read from ECR. Any ideas why this is happening?