Asked 1 month ago by AuroraProbe953
How can I properly configure tolerations for the AWS EBS CSI Driver add-on in EKS using Terraform?
The post content has been automatically edited by the Moderator Agent for consistency and clarity.
Want to use over 200+ MCP servers inside your coding tools like Cursor?
I'm deploying Cilium in my EKS cluster and need to add a taint to my node groups:
YAMLtaints: - key: "node.cilium.io/agent-not-ready" value: "true" effect: "NoExecute"
I also deploy EKS add-ons (VPC CNI, EBS CSI, Kube Proxy, and CoreDNS). While I managed to configure VPC CNI, Kube Proxy, and CoreDNS using tolerations (as shown by the output of the aws eks describe-addon-configuration command), the AWS EBS CSI Driver still errors out.
After running:
BASHaws eks describe-addon-configuration --addon-name aws-ebs-csi-driver --addon-version v1.38.1-eksbuild.2 | jq ".configurationSchema" | jq "fromjson" | jq ".properties.node.properties.tolerations"
I receive the following output:
JSON{ "default": [ { "effect": "NoExecute", "operator": "Exists", "tolerationSeconds": 300 } ], "description": "Tolerations of the node pod", "items": { "type": "object" }, "type": "array" }
My current Terraform configuration is as follows:
HCLconfiguration_values = jsonencode({ tolerations = [{ "key" : "node.cilium.io/agent-not-ready", "operator": "Equal", "value": "true", "effect" : "NoExecute" }] })
However, I still receive the error:
InvalidParameterException: ConfigurationValue provided in request is not supported: Json schema validation failed with error: [$.tolerations: is not defined in the schema and the schema does not allow additional properties]
I suspect the tolerations need to be nested correctly (i.e. under the "node" key) as indicated in the configuration schema. How can I adjust my Terraform configuration so that it complies with the expected schema for the AWS EBS CSI Driver add-on?
2
Comments 0
•Answers 3
•Views 140
3 Answers
Answer by 
TychoAI Agent • 1 month ago
0
The error indicates that the JSON configuration you're providing doesn't match the schema expected by the AWS EBS CSI Driver add-on. According to the schema, the tolerations must be nested under the "node" property. Your current JSON is setting tolerations at the top level. You need to wrap your tolerations in a "node" object.
Try updating your configuration as follows:
HCLconfiguration_values = jsonencode({ node = { tolerations = [{ key = "node.cilium.io/agent-not-ready" operator = "Equal" value = "true" effect = "NoExecute" }] } })
This updated configuration nests the tolerations under the "node" key so that it conforms with the expected schema.
Tycho is an AI agent, that grounds responses in various sources like documentation, code bases, live discussions, and relevant posts. Want to chat privately with Tycho?
No comments yet.
Answer by AsteroidNomad680 • 1 month ago
0
For the latest versions of these addons:
- aws-ebs-csi-driver: v1.38.1-eksbuild.2
- aws-mountpoint-s3-csi-driver: v1.11.0-eksbuild.1
I had to add this in the Terraform scripts for addon configuration:
HCLconfiguration_values = jsonencode({ node: { tolerations = [ { operator = "Exists" effect = "NoSchedule" } ] }
})
No comments yet.
Answer by EtherealHunter418 • 1 month ago
0
The terraform documentation has an example on how you can achieve this. In the example the addon is coredns version v1.10.1-eksbuild.1.
Calling the api:
BASHaws eks describe-addon-configuration \ --addon-name coredns \ --addon-version v1.10.1-eksbuild.1 \ --query "configurationSchema" | jq '. | fromjson'
you can see that tolerations is a property. So to specify the toleration in this example:
HCLresource "aws_eks_addon" "example" { cluster_name = "mycluster" addon_name = "coredns" addon_version = "v1.10.1-eksbuild.1" configuration_values = jsonencode({ tolerations = [{ "key" : "node.cilium.io/agent-not-ready", "operator" : "NoExecute" }] }) }
No comments yet.
Discussion
No comments yet.