Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[@aws-cdk/aws-ec2] subnetselect subnets are used for filtering instead of being used directly #10672

Closed
lschierer opened this issue Oct 3, 2020 · 9 comments
Closed

[@aws-cdk/aws-ec2] subnetselect subnets are used for filtering instead of being used directly #10672

lschierer opened this issue Oct 3, 2020 · 9 comments
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud @aws-cdk/aws-elasticloadbalancingv2 Related to Amazon Elastic Load Balancing V2 bug This issue is a bug. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. effort/medium Medium work item – several days of effort p2

Comments

@lschierer
Copy link

new NetworkLoadBalancer is not detecting public subnets.

Reproduction Steps

import * as r53 from '@aws-cdk/aws-route53';
import * as r53targets from '@aws-cdk/aws-route53-targets';
import * as autoscaling from '@aws-cdk/aws-autoscaling';
import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2';
import * as ssm from '@aws-cdk/aws-ssm';

export class SchiererHosts extends core.Construct {

  constructor(scope: core.Construct, id: string) {
    super(scope, id);

    let SchiererVPC = ec2.Vpc.fromVpcAttributes(this, 'SchiererVPC', {
      vpcId: "vpc-0d979df11347689be",
      availabilityZones: [
        "us-east-1a",
        "us-east-1c",
      ],
    });
    let IADazA_Public = new ec2.PublicSubnet(this, "ADazA Public", {
      vpcId: SchiererVPC.vpcId,
      availabilityZone: "us-east-1a",
      mapPublicIpOnLaunch: true,
      cidrBlock: "10.199.41.0/24",
    });
    let IADazC_Public = new ec2.PublicSubnet(this, "ADazC Public", {
      vpcId: SchiererVPC.vpcId,
      availabilityZone: "us-east-1c",
      mapPublicIpOnLaunch: true,
      cidrBlock: "10.199.47.0/24",
    });

    let opusLB = new elbv2.NetworkLoadBalancer(this, "OpusLB", {
      internetFacing: true,
      vpc: SchiererVPC,
      vpcSubnets: {
        subnets: [
          IADazA_Public,
          IADazC_Public,
        ]
      },
    });

  }
}

I also tried to let it pick subnets by itse,f (no vpcSubnets attribute for the NetworkLoadBalancer) and get the same behavior.

What did you expect to happen?

I expect that since I created these brand new subnets using the PublicSubnet constructor, that they would be valid as pubic subnets for NetworkLoadBalancer.

What actually happened?

$ npx cdk synth
There are no 'Public' subnet groups in this VPC. Available types:
Subprocess exited with error 1

Environment

aws/codebuild/standard:4.0 on Linux and Ubuntu 20.04.1 LTS

  • CLI Version : cdk version 1.6.6 (for both)
  • Framework Version:
  • Node.js Version: v12.18.4
  • Language (Version): [email protected]

Other

This is 🐛 Bug Report
@lschierer lschierer added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Oct 3, 2020
@github-actions github-actions bot added the @aws-cdk/aws-elasticloadbalancingv2 Related to Amazon Elastic Load Balancing V2 label Oct 3, 2020
@lschierer lschierer changed the title [@aws-cdk/aws-elasticloadbalancingv2] [@aws-cdk/aws-ec2] Oct 3, 2020
@github-actions github-actions bot added the @aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud label Oct 3, 2020
@lschierer
Copy link
Author

it looks like it was the error message was just essentially misleading. I had the CIDR ranges on the subnets wrong - they did not match the imported VPC. Once I corrected that, the subnets became public subnets. Mismatched CIDR ranges should tell me that they are mismatched, not produce a subnet that can't be used.

@lschierer
Copy link
Author

I take back the last comment, I had removed the elb lines and continued to get the same error. Fixing the CIDR blocks got rid of that, so I thought the problem solved. I commented however before I put the call to new elbv2.NetworkLoadBalancer() back. when I did, the error returned. So something more complicated is going on that I haven't isolated yet.

@rix0rrr
Copy link
Contributor

rix0rrr commented Oct 5, 2020

The issue is probably because subnets is filtering down the subnets it found on the VPC rather than taking the objects you passed. Since the VPC was created without subnets, the empty list filters down to an empty list.

I agree that this is not intuitive.

@rix0rrr rix0rrr changed the title [@aws-cdk/aws-ec2] [@aws-cdk/aws-ec2] subnetselect subnets are used for filtering instead of being used directl8y Oct 5, 2020
@rix0rrr rix0rrr changed the title [@aws-cdk/aws-ec2] subnetselect subnets are used for filtering instead of being used directl8y [@aws-cdk/aws-ec2] subnetselect subnets are used for filtering instead of being used directly Oct 5, 2020
@lschierer
Copy link
Author

so I rather naively thought the ec2.Vpc.fromVpcAttributes was using the attributes listed to identify the VPC to import, and then would discover things about the VPC to fill in the rest of the object's properties. It did not occur to me that anything I did not specify in that call would end up blank. Is that something that I missed in the documentation?

@rix0rrr
Copy link
Contributor

rix0rrr commented Oct 6, 2020

You were probably looking for this: https://docs.aws.amazon.com/cdk/api/latest/docs/aws-ec2-readme.html#importing-an-existing-vpc

@lschierer
Copy link
Author

I did start with that function, but I read somewhere in the docs that functions that depend on context do not work well with codepipelines and codebuild yet.

@rix0rrr
Copy link
Contributor

rix0rrr commented Oct 6, 2020

Well. It's not at the location where we'd like it to be vis-a-vis cross-account queries, but as long as you stay within an account (or have access to the target account's credentials), you can do a cdk synth and commit cdk.context.json and everything will work as intended.

@rix0rrr rix0rrr added the p2 label Oct 13, 2020
@rix0rrr
Copy link
Contributor

rix0rrr commented Oct 13, 2020

Probably relevant for #5927

@SomayaB SomayaB removed the needs-triage This issue or PR still needs to be triaged. label Nov 20, 2020
@njlynch njlynch removed their assignment Jan 22, 2021
@rix0rrr rix0rrr added the effort/medium Medium work item – several days of effort label Apr 23, 2021
@rix0rrr rix0rrr removed their assignment Jun 3, 2021
@github-actions
Copy link

github-actions bot commented Jun 3, 2022

This issue has not received any attention in 1 year. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

@github-actions github-actions bot added closing-soon This issue will automatically close in 4 days unless further comments are made. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. and removed closing-soon This issue will automatically close in 4 days unless further comments are made. labels Jun 3, 2022
@github-actions github-actions bot closed this as completed Jun 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud @aws-cdk/aws-elasticloadbalancingv2 Related to Amazon Elastic Load Balancing V2 bug This issue is a bug. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. effort/medium Medium work item – several days of effort p2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rix0rrr @njlynch @lschierer @SomayaB