Automatic Right-Sizing-Troubleshooting

Cloud service provider relevance: EKS, AKS, and GKE.

VPA not reporting message appears at the top of the right-sizing page

vpa-not-reporting

This may indicate that the VPA updater and admission controller pods are not reporting.

In this case, the right-sizing recommendations cannot be injected when a pod is launched, and you will not be able to attach a rule to a workload, which will move to the Limited status.

note

Spot checks the health of the VPA pods belonging to the Spot Ocean VPA Project.
For the Native VPA project, health checks are performed as long as the deployment's name is not changed.

Security Group Not Correctly Configured

In this case, your pod may not be launched according to the values defined in the VPA.

To avoid this issue, ensure that the inbound rule for your node group's security group allows traffic to TCP port 443, which is used by the Spot webhook listener. This enables smooth communication between the Kubernetes API server and the webhook. Also, configure TCP port 8000 for internal health checks and metrics endpoints, which are required for webhook readiness.

See Create a security group for your Amazon EC2 instance - Amazon Elastic Compute Cloud.

VPA not reporting message appears at the top of the right-sizing page​

Security Group Not Correctly Configured​

VPA not reporting message appears at the top of the right-sizing page

Security Group Not Correctly Configured