diff --git a/pkg/apis/eksctl.io/v1alpha5/validation.go b/pkg/apis/eksctl.io/v1alpha5/validation.go index 00acd0d53b..bc93185ae8 100644 --- a/pkg/apis/eksctl.io/v1alpha5/validation.go +++ b/pkg/apis/eksctl.io/v1alpha5/validation.go @@ -108,14 +108,10 @@ func (c *ClusterConfig) validateRemoteNetworkingConfig() error { return setNonEmpty("remoteNetworkConfig.remoteNodeNetworks") } - if c.VPC.ID != "" { - if rnc.VPCGatewayID.IsSet() { + if rnc.VPCGatewayID.IsSet() { + if c.VPC.ID != "" { return fmt.Errorf("remoteNetworkConfig.vpcGatewayID is not supported when using pre-existing VPC") } - } else { - if !rnc.VPCGatewayID.IsSet() { - return setNonEmpty("remoteNetworkConfig.vpcGatewayID") - } // vpcGatewayId must be either a virtual private gateway or a transit gateway if !rnc.VPCGatewayID.IsTransitGateway() && !rnc.VPCGatewayID.IsVirtualPrivateGateway() { return fmt.Errorf("invalid value %q provided for remoteNetworkConfig.vpcGatewayID; "+ diff --git a/pkg/apis/eksctl.io/v1alpha5/validation_test.go b/pkg/apis/eksctl.io/v1alpha5/validation_test.go index 45c2a1876f..e5d7b94242 100644 --- a/pkg/apis/eksctl.io/v1alpha5/validation_test.go +++ b/pkg/apis/eksctl.io/v1alpha5/validation_test.go @@ -1013,12 +1013,6 @@ var _ = Describe("ClusterConfig validation", func() { }, expectedErr: "remoteNetworkConfig.vpcGatewayID is not supported when using pre-existing VPC", }), - Entry("both vpcGatewayID and pre-existing VPC are missing", remoteNetworkConfigEntry{ - overrideConfig: func(cc *api.ClusterConfig) { - cc.RemoteNetworkConfig.VPCGatewayID = nil - }, - expectedErr: "remoteNetworkConfig.vpcGatewayID must be set and non-empty", - }), Entry("unsupported vpcGateway type", remoteNetworkConfigEntry{ overrideConfig: func(cc *api.ClusterConfig) { gatewayID := api.VPCGateway("igw-1234") diff --git a/pkg/cfn/builder/vpc_ipv4.go b/pkg/cfn/builder/vpc_ipv4.go index dbe912a80f..8f6a75c175 100644 --- a/pkg/cfn/builder/vpc_ipv4.go +++ b/pkg/cfn/builder/vpc_ipv4.go @@ -6,6 +6,7 @@ import ( "strconv" "strings" + "github.com/kris-nova/logger" "github.com/weaveworks/eksctl/pkg/awsapi" gfncfn "github.com/awslabs/goformation/v4/cloudformation/cloudformation" @@ -396,6 +397,7 @@ func (v *IPv4VPCResourceSet) addHybridNodesNetworking() { } }) default: + logger.Warning("a TGW or VGW was not provided for hybrid nodes connectivity, hence eksctl won't configure any related routes and gateway attachments for your VPC") return } } diff --git a/userdocs/src/usage/hybrid-nodes.md b/userdocs/src/usage/hybrid-nodes.md index 787d2a3ed8..1753f6d799 100644 --- a/userdocs/src/usage/hybrid-nodes.md +++ b/userdocs/src/usage/hybrid-nodes.md @@ -29,7 +29,7 @@ remoteNetworkConfig: - cidrs: ["10.86.30.0/23"] ``` -If your connectivity method of choice does not involve using a TGW or VGW, you must not rely on eksctl to create the VPC for you, and instead provide a pre-existing one. On a related note, if you are using a pre-existing VPC, eksctl won't make any amendments to it, and ensuring all networking requirements are in place falls under your responsibility. +If your connectivity method of choice does not involve using a TGW or VGW, you can omit setting `remoteNetworkConfig.vpcGatewayID` or provide a pre-existing VPC. On a related note, if you are using a pre-existing VPC, eksctl won't make any amendments to it, and ensuring all networking requirements are in place falls under your responsibility. ???+ note eksctl does not setup any networking infrastructure outside your AWS VPC (i.e. any infrastructure from VGW/TGW to the remote networks)