NoCredentialProviders with kube2iam + m5

[erikmack]

steps to reproduce:

• have a working ark installation, authorized by kube2iam, on an EC2 cluster on m4.xlarge instances.
• modify cluster to use m5.xlarge instances (we use kops)

expect: ark runs happily
actual: "NoCredentialProviders: no valid providers in chain"

• modify cluster to use m4.xlarge's again

actual: ark runs happily as before

I've confirmed that kube2iam works on the m5 cluster using the 'aws s3 ls' test documented here - the issue seems specific to ark.

This issue appears relevant, but nothing in ark looks for public-ipv4 specifically.

I'm not sure what else to do to troubleshoot this.

[jrnt30]

This is almost certainly an issue with Kube2iam on m5. To date, I don't know of anyone who has it working when built off of master due to this issue.

Your command may work, but are those s3 buckets also discoverable by the host system, which if memory serves me correctly are the credentials you are probably pulling with that kube2iam issue.

[erikmack]

Thanks, I see that kube2iam has implemented a fix there. I'll look forward to testing it.

[erikmack]

The upgrade to kube2iam 0.10.0 has fixed me. Thanks for your help.