Troubleshooting common errors
When you deploy kdb Insights Enterprise using the provided Infrastructure as Code (IaC) bundle, the deployment can fail for various reasons. Below are some common errors and possible actions you can take to address them.
Common errors and solutions
No capacity to create EC2 Instances
No capacity to create EC2 Instances. Please increase quota code L-1216C47A (On-Demand Standard EC2 Instances). Available On Demand vCPUs: 5, Required On Demand vCPUs: 142
Request a resource quota increase in the AWS console.
Security group rules not found
Error: waiting for Security Group (<securit-group>) Rule (...) create: couldn't find resource
Check if the security group IDs are correct and ensure they have been created properly.
Insufficient permissions to create cloudWatch logs group
AccessDeniedException: User with accountId: (...) is not authorized to perform CreateLogGroup with Tags.
Add the logs:TagResource
permission to the IAM user.
Network ACL entry already exists
NetworkAclEntryAlreadyExists: The network acl entry identified by (...) already exists.
Update or remove the duplicate entries in the network ACL.
Invalid instance type for EKS
InvalidParameterException: [is4gen.xlarge] is not a valid instance type for requested amiType AL2_x86_64
Modify the instance type to a compatible type.
Unsupported availability zone for EKS
UnsupportedAvailabilityZoneException: Cannot create cluster because EKS does not support creating control plane instances in us-east-1e.
Check the supported availability zones:
data "aws_availability_zones" "available" {
state = "available"
filter {
name = "opt-in-status"
values = ["opt-in-not-required"]
}
filter {
name = "availability-zone"
values = ["us-east-1a","us-east-1b","us-east-1c"]
}
}
data "aws_availability_zones" "available" {
state = "available"
exclude_names = ["us-east-1d","us-east-1e","us-east-1f"]
filter {
name = "opt-in-status"
values = ["opt-in-not-required"]
}
}
main.tf
file as necessary:
cd terraform/modules/k8s_cluster_aws/
vim main.tf
IAM policy or role already exists
EntityAlreadyExists: A policy/role called (...) already exists. Duplicate names are not allowed.
Rename the IAM policy or role, or reuse the existing one if appropriate.
remote-exec
provisioner error:
Error: remote-exec provisioner error: timeout - last error: dial tcp 52.33.134.220:22: i/o timeout
Check and update the Terraform scripts to ensure the whitelist IPs are correct.
Invalid instance type for EKS node group
InvalidParameterException: [is4gen.xlarge] is not a valid instance type for requested amiType AL2_x86_64
Modify the instance type to a compatible type in the main.tf
file:
resource "aws_eks_node_group" "this" {
instance_type = "t3.medium" # Change to a valid instance type
...
}