I think I’ve found a likely source for the error:
The docker bridge network is now disabled by default in EKS AMI images.
To confirm, we an force docker to use the node’s network and get a successful name resolution:
[ec2-user@ip-192-168-70-145 ~]$ docker run --network=host --rm -it busybox nslookup -type=a archive.ubuntu.com
Server: 192.168.0.2
Address: 192.168.0.2:53
Non-authoritative answer:
Name: archive.ubuntu.com
Address: 91.189.88.152
Name: archive.ubuntu.com
Address: 91.189.88.162
Name: archive.ubuntu.com
Address: 91.189.91.23
Name: archive.ubuntu.com
Address: 91.189.88.149
Name: archive.ubuntu.com
Address: 91.189.88.161
However, there was added a new --enable-docker-bridge as a bootstrap argument that is supposed to restore the previous behaviour.
I am currently searching for the correct way to pass in --enable-docker-bridge with eksctl (I know how to do it with CloudFormation but I figure there has to be a way of passing this option in when the nodegroup is created with eksctl).