Has anybody gotten the spot-interrupt-handler to work with eks and istio? It needs to interact with the kubernetes api, but I’m not sure what to specify in the service entry. If I look at the logs of the spot-interrupt-handler, it shows this:
Unable to connect to the server: read tcp 10.232.11.207:41244->172.20.0.1:443: read: connection reset by peer
[ERROR] Unable to fetch the name of the node running the pod "spot-interrupt-handler-nrsh4" in the namespace "default". Maybe a bug?:
The spot termination service says that it uses 169.254.169.254 on the host, but 172.20.0.1 is the “kubernetes” service for the kubernetes api in the default namespace. It resolves to just “kubernetes” and “kubernetes.default” within the namespace. I have tried the following to no avail:
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: spot-interrupt-handler-external
spec:
hosts:
- not.used
ports:
- number: 80
name: http
protocol: http
location: MESH_EXTERNAL
resolution: STATIC
endpoints:
- address: 169.254.169.254
and separately:
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: kubernetes-external
spec:
hosts:
- kubernetes
ports:
- number: 443
name: https
protocol: https
resolution: DNS
location: MESH_EXTERNAL
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: kubernetes-external
spec:
hosts:
- kubernetes
tls:
- match:
- port: 443
sni_hosts:
- kubernetes
route:
- destination:
host: kubernetes
port:
number: 443
weight: 100
spot termination notices: https://aws.amazon.com/blogs/aws/new-ec2-spot-instance-termination-notices/
spot interrupt handler: https://github.com/kube-aws/kube-spot-termination-notice-handler