-
Notifications
You must be signed in to change notification settings - Fork 463
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Delete failed #129
Comments
Hm, that's the same issue which we saw occasionally in the past. The kube controller manager cannot delete load balancers or security groups from AWS (more often security groups). Generally, it deletes the load balancers first and the corresponding security groups second. However, AWS takes a while to detach the network interface from the load balancer and blocks the deletion of the security group until then. |
Let's wait for the smoke tests. If they fail, we should do something. The only thing we can do is to delete the security groups automatically and not wait on the controller manager to (not) do it. |
FYI: I've prepared an implementation that deletes the ELB security groups. Thus, just in case we need it, we can quickly have it. |
This is a mitigation for kubernetes/kubernetes#17626 and the not yet merged pull requests kubernetes/kubernetes#54569 and kubernetes/kubernetes#65912. The kube-controller-manager does not add a finalizer to `Service` objects and may forget that it has created resources in the infrastructure due to this. closes gardener#129 ```improvement user Gardener does now explicitly delete the load balancers and security groups belonging to Kubernetes services for AWS Shoots. This is to mitigate the issue that the kube-controller-manager does not use finalizers on Service objects and may forget that it has created resources in the underlying infrastructure. ```
I created a couple of clusters for testing and deleted them. I did not use the programmatic interface and I did not fiddle around with the IaaS resources or opened the console, but I got this error (
canary
:core
/vlerencaw9
):The text was updated successfully, but these errors were encountered: