Introduction

The Kubernetes Cluster Autoscaler automatically adjusts node count based on pod scheduling needs. When pods are pending but nodes aren't being added, or when underutilized nodes aren't removed, the autoscaler isn't functioning correctly.

Symptoms

Pods stuck pending:

```bash $ kubectl get pods

NAME READY STATUS RESTARTS AGE my-app-12345-abcde 0/1 Pending 0 5m my-app-12345-fghij 0/1 Pending 0 5m

$ kubectl describe pod my-app-12345-abcde

Events: Warning FailedScheduling 5m default-scheduler 0/3 nodes are available: 3 Insufficient cpu. ```

Autoscaler logs:

```bash $ kubectl logs -n kube-system deployment/cluster-autoscaler

I0115 10:00:00.000000 static_autoscaler.go:123] No ASG found matching tags # Or: E0115 10:00:00.000000 static_autoscaler.go:123] Failed to scale up: AccessDenied ```

No scaling events:

```bash $ kubectl get events --field-selector reason=TriggeredScaleUp

# Empty - autoscaler not triggering ```

Common Causes

  1. 1.Missing ASG tags - Autoscaler can't discover node groups
  2. 2.IAM permissions missing - Can't modify ASG capacity
  3. 3.Resource requests missing - Pods don't specify CPU/memory
  4. 4.Autoscaler not configured - Wrong ASG name or region
  5. 5.ASG at max capacity - Can't add more nodes
  6. 6.Pod scheduling constraints - Node selectors, taints blocking placement
  7. 7.Autoscaler pod crashing - Deployment issues

Step-by-Step Fix

  1. 1.Check logs for specific error messages
  2. 2.Verify configuration settings
  3. 3.Test network connectivity
  4. 4.Review recent changes
  5. 5.Apply corrective action
  6. 6.Verify the fix

Step 1: Check Autoscaler Pod Status

```bash # Get autoscaler deployment kubectl get deployment -n kube-system cluster-autoscaler

# Check pod status kubectl get pods -n kube-system -l app=cluster-autoscaler

# View logs kubectl logs -n kube-system -l app=cluster-autoscaler --tail=100

# Look for errors: # - "No ASG found" -> Tag issue # - "AccessDenied" -> IAM issue # - "No pending pods" -> Resource request issue ```

Step 2: Verify ASG Tags

The ASG must have specific tags for autoscaler discovery:

```bash # Get ASG details aws autoscaling describe-auto-scaling-groups \ --auto-scaling-group-name my-eks-nodegroup \ --query 'AutoScalingGroups[*].Tags'

# Required tags: # k8s.io/cluster-autoscaler/enabled: true # k8s.io/cluster-autoscaler/my-cluster: owned ```

Add missing tags:

```bash aws autoscaling create-or-update-tags \ --tags ResourceId=my-eks-nodegroup,ResourceType=auto-scaling-group,Key=k8s.io/cluster-autoscaler/enabled,Value=true,PropagateAtLaunch=false

aws autoscaling create-or-update-tags \ --tags ResourceId=my-eks-nodegroup,ResourceType=auto-scaling-group,Key=k8s.io/cluster-autoscaler/my-cluster,Value=owned,PropagateAtLaunch=false ```

Step 3: Check IAM Permissions

```bash # Get autoscaler service account kubectl get serviceaccount -n kube-system cluster-autoscaler -o yaml

# If using IRSA, check annotation kubectl get serviceaccount -n kube-system cluster-autoscaler \ -o jsonpath='{.metadata.annotations.eks\.amazonaws\.com/role-arn}'

# Verify role permissions aws iam get-role-policy --role-name cluster-autoscaler-role --policy-name autoscaler-policy ```

Required IAM policy:

json
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "autoscaling:DescribeAutoScalingGroups",
        "autoscaling:DescribeAutoScalingInstances",
        "autoscaling:DescribeLaunchConfigurations",
        "autoscaling:DescribeTags",
        "autoscaling:SetDesiredCapacity",
        "autoscaling:TerminateInstanceInAutoScalingGroup",
        "ec2:DescribeLaunchTemplateVersions"
      ],
      "Resource": "*"
    }
  ]
}

Step 4: Verify ASG Min/Max Configuration

```bash # Check ASG limits aws autoscaling describe-auto-scaling-groups \ --auto-scaling-group-name my-eks-nodegroup \ --query 'AutoScalingGroups[*].[MinSize,MaxSize,DesiredCapacity]'

# If MaxSize = DesiredCapacity, can't scale up # Increase MaxSize: aws autoscaling update-auto-scaling-group \ --auto-scaling-group-name my-eks-nodegroup \ --max-size 10 ```

Step 5: Check Pod Resource Requests

```bash # Pods must have resource requests for autoscaler to work kubectl get pods -o custom-columns=NAME:.metadata.name,CPU:.spec.containers[*].resources.requests.cpu,MEMORY:.spec.containers[*].resources.requests.memory

# If empty, add resource requests: # Pod spec should include: resources: requests: cpu: "100m" memory: "128Mi" ```

Step 6: Verify Autoscaler Command Line Args

```bash # Check autoscaler deployment arguments kubectl get deployment -n kube-system cluster-autoscaler -o yaml | grep -A 20 args

# Required arguments: # - --node-group-auto-discovery=asg:tag=k8s.io/cluster-autoscaler/enabled,k8s.io/cluster-autoscaler/my-cluster # - --scale-down-enabled=true # - --skip-nodes-with-system-pods=false # - --expander=least-waste # - --balance-similar-node-groups # - --aws-region=us-east-1 ```

Update deployment if needed:

bash
kubectl set image deployment/cluster-autoscaler -n kube-system \
  cluster-autoscaler=k8s.gcr.io/autoscaling/cluster-autoscaler:v1.28.0

Step 7: Check for Pending Pods

```bash # Autoscaler only scales for pending pods with unmet requests kubectl get pods --field-selector=status.phase=Pending

# Describe pending pods kubectl describe pod PENDING_POD | grep -A 10 Events

# Check if pending due to resources: # "Insufficient cpu" or "Insufficient memory" -> Autoscaler should trigger # "node(s) didn't match node selector" -> Constraint issue, autoscaler won't help # "node(s) had taints that the pod didn't tolerate" -> Taint issue ```

Step 8: Check Node Taints and Labels

```bash # Get node taints kubectl describe nodes | grep -A 5 Taints

# If nodes have taints, autoscaler may not scale for pods without tolerations # Remove unnecessary taints: kubectl taint nodes NODE_NAME KEY:NoSchedule-

# Check node labels for scheduling constraints kubectl get nodes --show-labels ```

Step 9: Test Autoscaler Scaling

```bash # Deploy a test deployment that requires scaling kubectl apply -f - <<EOF apiVersion: apps/v1 kind: Deployment metadata: name: stress-test spec: replicas: 10 selector: matchLabels: app: stress-test template: metadata: labels: app: stress-test spec: containers: - name: stress image: nginx resources: requests: cpu: "1" memory: "1Gi" EOF

# Watch pods and nodes watch kubectl get pods,nodes

# Check autoscaler logs kubectl logs -n kube-system -l app=cluster-autoscaler -f ```

Step 10: Check Cluster Oversubscription

```bash # Check current node resource allocation kubectl describe nodes | grep -A 5 "Allocated resources"

# If all resources allocated, new pods trigger scaling # If resources available but pods pending, check constraints

# Get resource requests vs capacity kubectl top nodes kubectl describe nodes | grep -A 3 "Resource Requests" ```

Autoscaler Configuration Best Practices

yaml
# Recommended autoscaler args
spec:
  containers:
  - name: cluster-autoscaler
    args:
    - --node-group-auto-discovery=asg:tag=k8s.io/cluster-autoscaler/enabled,k8s.io/cluster-autoscaler/my-cluster
    - --scale-down-enabled=true
    - --scale-down-unneeded-time=10m
    - --scale-down-delay-after-add=10m
    - --scale-down-delay-after-failure=3m
    - --scale-down-delay-after-delete=10m
    - --skip-nodes-with-system-pods=false
    - --skip-nodes-with-local-storage=false
    - --expander=least-waste
    - --balance-similar-node-groups=true
    - --aws-region=us-east-1
    env:
    - name: AWS_REGION
      value: us-east-1

Verification

```bash # Trigger scaling kubectl scale deployment stress-test --replicas=10

# Watch autoscaler logs kubectl logs -n kube-system -l app=cluster-autoscaler -f

# Should see: # "Pods pending, scaling up" # "Scale-up: setting ... to 5"

# Check new nodes joining kubectl get nodes -w

# Verify scaling event kubectl get events --field-selector reason=TriggeredScaleUp ```

  • [Fix AWS EKS Node Not Joining](/articles/fix-aws-eks-node-not-joining)
  • [Fix AWS EKS Pod Networking Failed](/articles/fix-aws-eks-pod-networking-failed)
  • [Fix Kubernetes Pod Stuck in Pending](/articles/fix-kubernetes-pod-crashloopbackoff)
  • [AWS troubleshooting: Fix IAM Permission Denied - Complete Tro](fix-iam-permission-denied)
  • [AWS cloud troubleshooting: AWS ACM Certificate Pending Validation Because the](aws-acm-certificate-pending-validation-wrong-route53-zone)
  • [AWS cloud troubleshooting: AWS ALB Returns 502 Because the Target Closed the ](aws-alb-502-target-closed-connection-keepalive-timeout-mismatch)
  • [AWS cloud troubleshooting: Fix AWS ALB CreateListener TargetGroupNotFound Err](aws-alb-createlistener-targetgroupnotfound)
  • [AWS cloud troubleshooting: Fix Aws Alb Lambda 502 Bad Gateway Issue in AWS](aws-alb-lambda-502-bad-gateway)

<script type="application/ld+json"> { "@context": "https://schema.org", "@type": "TechArticle", "headline": "Fix AWS EKS Cluster Autoscaler Not Scaling", "description": "Troubleshoot EKS cluster autoscaler issues. Fix ASG tags, IAM permissions, and autoscaler configuration.", "url": "https://www.fixwikihub.com/fix-aws-eks-cluster-autoscaler-not-scaling", "publisher": { "@type": "Organization", "name": "FixWikiHub", "url": "https://www.fixwikihub.com" }, "author": { "@type": "Person", "name": "FixWikiHub Editorial Team" }, "datePublished": "2026-04-01T22:09:21.900Z", "dateModified": "2026-04-01T22:09:21.900Z" } </script>