I'm trying to install Kubernetes with Kubespray using AWS a cloud provider. The installation fails with
FAILED - RETRYING: Master | wait for the apiserver to be running
When I check the logs of the kubelet docker container on the master I see
Flag --enable-cri has been deprecated, The non-CRI implementation will be deprecated and removed in a future version.
I0824 16:30:03.413509 13279 feature_gate.go:144] feature gates: map[Accelerators:true]
I0824 16:30:03.413727 13279 aws.go:762] Building AWS cloudprovider
I0824 16:30:03.413878 13279 aws.go:725] Zone not specified in configuration file; querying AWS metadata service
Error: failed to run Kubelet: could not init cloud provider "aws": error finding instance i-0cb81504d85c14b90: error listing AWS instances: RequestError: send request failed
caused by: Post https://ec2.us-east-1.amazonaws.com/: dial tcp 54.239.28.168:443: i/o timeout
Error: failed to run Kubelet: could not init cloud provider "aws": error finding instance i-0cb81504d85c14b90: error listing AWS instances: RequestError: send request failed
caused by: Post https://ec2.us-east-1.amazonaws.com/: dial tcp 54.239.28.168:443: i/o timeout
Flag --enable-cri has been deprecated, The non-CRI implementation will be deprecated and removed in a future version.
I0824 16:32:04.169558 13517 feature_gate.go:144] feature gates: map[Accelerators:true]
I0824 16:32:04.169808 13517 aws.go:762] Building AWS cloudprovider
I0824 16:32:04.169852 13517 aws.go:725] Zone not specified in configuration file; querying AWS metadata serviceI'm positive this is a firewall issue. I have an IAM role with the proper permissions. When I set the https_proxy variable I am able to
curl https://ec2.us-east-1.amazonaws.com/When the proxy variable is not set the curl fails. I tried setting the https_proxy variable inside the hyperkube container. However this causes a cert error when the apiserver tries to handshake with the etcd nodes.
Is there a way to get kubelet to only use the proxy when calling out to https://ec2.us-east-1.amazonaws.com/?