Skip to content

Commit

Permalink
update troubleshooting docs for CNI image compatibility; fix location…
Browse files Browse the repository at this point in the history
… where make command is run
  • Loading branch information
jdn5126 committed Nov 8, 2022
1 parent 407fa7c commit 53abb14
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 1 deletion.
14 changes: 14 additions & 0 deletions docs/troubleshooting.md
Original file line number Diff line number Diff line change
Expand Up @@ -220,6 +220,20 @@ cni v1.10.x introduced 2 new env variables - ENABLE_IPv4 and ENABLE_IPv6. The ab
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/release-1.10/config/master/aws-k8s-cni.yaml
```

## CNI Compatibility

The [CNI image](../scripts/dockerfiles/Dockerfile.release) built for the `aws-node` manifest uses Amazon Linux 2 as the base image. Support for other Linux distributions (custom AMIs) is best-effort. Known issues with other Linux distributions are captured here:

- **iptables** - iptables is installed by default in `aws-node` container images. Newer distributions of RHEL (RHEL 8.x+), Ubuntu (Ubuntu 20.x+), etc. have moved to using nftables. This leads to issues such as [this](https://github.com/aws/amazon-vpc-cni-k8s/issues/1847) when running IPAMD.
To resolve this issue on distributions that use nftables, there are currently two options:
1. Uninstall nftables and install iptables-legacy in base distribution
2. Build a custom CNI image based on nftables, such as:
```
from $ACCOUNT.dkr.ecr.$REGION.amazonaws.com/amazon-k8s-cni:$IMAGE_TAG
run yum install iptables-nft -y
run cd /usr/sbin && rm iptables && ln -s xtables-nft-multi iptables
```

## cni-metrics-helper

See the [cni-metrics-helper README](../cmd/cni-metrics-helper/README.md).
Expand Down
2 changes: 1 addition & 1 deletion scripts/lib/canary.sh
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ fi

if [[ -z "${SKIP_MAKE_TEST_BINARIES}" ]]; then
echo "making ginkgo test binaries"
(cd $SCRIPT_DIR/../test && make build-test-binaries)
(cd $SCRIPT_DIR/../ && make build-test-binaries)
else
echo "skipping making ginkgo test binaries"
fi
Expand Down

0 comments on commit 53abb14

Please sign in to comment.