Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

1.6.1 develop to master merge #610

Merged
merged 3 commits into from
Oct 30, 2018
Merged

1.6.1 develop to master merge #610

merged 3 commits into from
Oct 30, 2018

Conversation

fnubalaj
Copy link
Contributor

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

lukeseawalker and others added 3 commits October 29, 2018 11:29
@lukeseawalker
Add missing cloudformation:DescribeStacks policy
666c146 
The policy requirement was added here 8166743
This fix commit 486a913

Signed-off-by: Luca Carrogu <[email protected]>
@fnubalaj
Fix a bug in 1.6.0 where cfncluster configure was broken
9b8a2d2 
Signed-off-by: Balaji Sridharan <[email protected]>
@fnubalaj
Remove cluster_name completely while using describe_stacks
be76b28 
Signed-off-by: Balaji Sridharan <[email protected]>
@fnubalaj fnubalaj closed this Oct 30, 2018
@fnubalaj fnubalaj reopened this Oct 30, 2018
@fnubalaj fnubalaj merged commit f9ff393 into master Oct 30, 2018
chambm
chambm reviewed Nov 2, 2018
View reviewed changes
Copy link

@chambm chambm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't know what prompted this change, but it was problematic for me. It took me a while to track this down as the reason my compute nodes weren't joining the scheduler. I had used the cfncluster.cfn.json directly to start a cluster via the AWS CFN web interface. I chose a more descriptive name that didn't start with "cfncluster-" so it didn't have the right permission for DescribeStacks.

@sean-smith
Copy link
Contributor

You're specifically referencing this commit: 486a913

You can use a custom ec2_iam_role and give it broader DescribeStacks permissions. Unfortunately we want to scope the iam permissions down to just cfncluster stacks, so for your use case you'd need a custom role.
See https://cfncluster.readthedocs.io/en/latest/configuration.html#ec2-iam-role
And https://cfncluster.readthedocs.io/en/latest/iam.html

@chambm
Copy link

chambm commented Nov 2, 2018

I need a custom IAM role for having a custom stack name? If that's the case, then somewhere there needs to be a check that if there is no custom IAM role, the stack name must match cfncluster-*. So I would have found out a lot sooner (and cheaper) that I needed to rename the stack. :)

@sean-smith
Copy link
Contributor

I guess the fundamental issue here is we name all stacks cfncluster- in the cli, and we assume that stacks created by cfncluster follow that naming criteria.

We are not taking into account stacks created outside the cli.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chambm chambm chambm left review comments

@sean-smith sean-smith sean-smith approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@fnubalaj @sean-smith @chambm @lukeseawalker