Added AL2023 support for Outpost nodes

[nkvetsinski]

Description

AL2 is on deprecation path, making AL2023 the only supported operating
system for node-groups on Outpost. Using AL2 will now cause validation
error. Leaving the AL2 code in place, to be deleted after this OS is
officially deprecated.

Some mocks/dependencies got updated too, I'm including them in the PR, not sure if that's how you guys do it.

Checklist

• Added tests that cover your change (if possible)
• Added/modified documentation as required (such as the README.md, or the userdocs directory) (kind of)
• Manually tested
• Made sure the title of the PR is a good description that can go into the release notes
• (Core team) Added labels for change area (e.g. area/nodegroup) and kind (e.g. kind/improvement)

Testing

Created a cluster on real outpost. Then added a node using the following command:

eksctl create nodegroup --cluster $CLUSTER_NAME \ --name $NG_NAME --node-type $INSTANCE_TYPE \ --nodes 1 --nodes-min 1 --nodes-max 1 \ --managed=false --node-volume-type gp2 \ --subnet-ids $SUBNET \ --node-ami-family AmazonLinux2023 --node-private-networking 

The node failed joining initially, because of a bug in the DescribeCluster EKS API for the outpost use case. We return the port for the cluster endpoint (see below), which causes nodeadm to fail resolving the cluster endpoint DNS. In order to do the end-to-end test, I sanitized the endpoint and the node was able to join.

kubectl get nodes -o wide NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME <REDACTED>.us-west-2.compute.internal NotReady control-plane 43h v1.31.12-eks-e386d34 <REDACTED> <none> Bottlerocket OS 1.50.0 (aws-k8s-1.31) 6.1.156 containerd://1.7.28+bottlerocket <REDACTED>.us-west-2.compute.internal NotReady control-plane 43h v1.31.12-eks-e386d34 <REDACTED> <none> Bottlerocket OS 1.50.0 (aws-k8s-1.31) 6.1.156 containerd://1.7.28+bottlerocket <REDACTED>.us-west-2.compute.internal NotReady control-plane 43h v1.31.12-eks-e386d34 <REDACTED> <none> Bottlerocket OS 1.50.0 (aws-k8s-1.31) 6.1.156 containerd://1.7.28+bottlerocket <REDACTED>.us-west-2.compute.internal Ready <none> 45s v1.31.13-eks-ecaa3a6 <REDACTED> <none> Amazon Linux 2023.9.20251117 6.1.158-178.288.amzn2023.x86_64 containerd://2.1.4 

I decided to fix the EKS API, instead of sanitizing the DescribeCluster output in eksctl.

# describe non Outpost cluster aws eks describe-cluster --name $CLUSTER_NAME |jq ".cluster.endpoint" "https://<REDACTED>.gr7.us-west-2.eks.amazonaws.com" # describe Outpost cluster aws eks describe-cluster --name $CLUSTER_NAME |jq ".cluster.endpoint" "https://<REDACTED>.b5005t.rv3.us-west-2.eks.amazonaws.com:443" 

BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯

• Backfilled missing tests for code in same general area 🎉
• Refactored something and made the world a better place 🌟

[github-actions]

Hello nkvetsinski 👋 Thank you for opening a Pull Request in eksctl project. The team will review the Pull Request and aim to respond within 1-10 business days. Meanwhile, please read about the Contribution and Code of Conduct guidelines here. You can find out more information about eksctl on our website

[NicholasBlaskey]

causing a build failure, not sure if you need to rebase / can also leave off the generated changes

https://github.com/eksctl-io/eksctl/actions/runs/19619569203/job/56388775476?pr=8591

[nkvetsinski]

I can try to rebase

[NicholasBlaskey]

I don't have much context on this feature but just creating an AL2 node we only log a warning and still let users create it if they explicitly try to.

Are we worried about breaking customers who may rely on AL2 and aren't ready to migrate yet? Just calling this out explicitly so if that is the intention that is fine too.

If this is the intention can we be more clear in the PR title that you can no longer create AL2 outpost clusters (will get added to release notes)