-
Notifications
You must be signed in to change notification settings - Fork 744
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Imdsv2 for entrypoint #1743
Merged
Merged
Imdsv2 for entrypoint #1743
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
achevuru
approved these changes
Nov 10, 2021
jayanthvn
added a commit
to jayanthvn/amazon-vpc-cni-k8s
that referenced
this pull request
Nov 10, 2021
achevuru
pushed a commit
that referenced
this pull request
Nov 10, 2021
cgchinmay
pushed a commit
to cgchinmay/amazon-vpc-cni-k8s
that referenced
this pull request
Nov 12, 2021
…ariables if available removed unnecessary logs Update failing test Updated ClusterRole permissions Rename mType to metricType Fetch Region only if not available Remove redundant logging helm chart changes to use the new AWS_CLUSTER_ID env variable Minor fixes to fetching region and cluster_id logic Simply logic to fetch cluster_id and region Updated cni-metrics-helper Readme with instructions for using IRSA Updated clusterRole template for cni-metrics-helper helm chart Manifests and Readme updates (aws#1732) * Manifests and Readme updates * update manifest.jsonnet Readme updates (aws#1735) Updates to troubleshooting doc (aws#1737) * Updates to troubleshooting doc * updates to troubleshooting doc imdsv2 changes (aws#1743) fix flaky canary test (aws#1742) add CODEOWNERS (aws#1747) Snat tests: [agent is already updated] (aws#1513) * resolved conflicts with go.sum * Updated test agent image * Removed redundant files * Addressed PR comments Fixed go.sum in root folder Changed DescribeInstanceWithFilter to DescribeInstances Moved GetPrimaryInstanceId from ec2 interface Added GinkgoWriter Updated Readme for Snat test Rearranged snat_test logic Updated Readme for test/e2e * Minor change to logging Updated Chart version for cni-metrics-helper
Shreya027
pushed a commit
to Shreya027/amazon-vpc-cni-k8s
that referenced
this pull request
Nov 16, 2021
cgchinmay
pushed a commit
to cgchinmay/amazon-vpc-cni-k8s
that referenced
this pull request
Dec 9, 2021
# This is the 1st commit message: Add VlanId in the cmdAdd Result struct This VlanId will appear in the prevResult during cmdDel request Test prevResult contents CleanUp Pod Network using vlanId from prevResult in CNI itself No need to call ipamd Log formatting changes Added hostNetworking Setup test for pods using security groups revoke unnecessary test agent image changes Revoke unnecessary changes remove focussed test set replica count to total number of branch interface Fix replica count # This is the commit message aws#2: Updated cleanUpPodENI method # This is the commit message aws#3: Skip processing Delete request if prevResult is nil Add Logging vlanId to ipamd # This is the commit message aws#4: Add support to test with containerd nodegroup in pod-eni test # This is the commit message aws#5: Add check for empty Netns() in cni # This is the commit message aws#6: Manifests and Readme updates (aws#1732) * Manifests and Readme updates * update manifest.jsonnet # This is the commit message aws#7: Readme updates (aws#1735) # This is the commit message aws#8: Updates to troubleshooting doc (aws#1737) * Updates to troubleshooting doc * updates to troubleshooting doc # This is the commit message aws#9: imdsv2 changes (aws#1743) # This is the commit message aws#10: fix flaky canary test (aws#1742) # This is the commit message aws#11: add CODEOWNERS (aws#1747)
cgchinmay
pushed a commit
to cgchinmay/amazon-vpc-cni-k8s
that referenced
this pull request
Dec 9, 2021
This VlanId will appear in the prevResult during cmdDel request CleanUp Pod Network using vlanId from prevResult in CNI itself No need to call ipamd Log formatting changes Added hostNetworking Setup test for pods using security groups Updated cleanUpPodENI method Skip processing Delete request if prevResult is nil Add Logging vlanId to ipamd Add support to test with containerd nodegroup in pod-eni test Add check for empty Netns() in cni Manifests and Readme updates (aws#1732) * Manifests and Readme updates * update manifest.jsonnet Readme updates (aws#1735) Updates to troubleshooting doc (aws#1737) * Updates to troubleshooting doc * updates to troubleshooting doc imdsv2 changes (aws#1743) fix flaky canary test (aws#1742) add CODEOWNERS (aws#1747) Snat tests: [agent is already updated] (aws#1513) * resolved conflicts with go.sum * Updated test agent image * Removed redundant files * Addressed PR comments Fixed go.sum in root folder Changed DescribeInstanceWithFilter to DescribeInstances Moved GetPrimaryInstanceId from ec2 interface Added GinkgoWriter Updated Readme for Snat test Rearranged snat_test logic Updated Readme for test/e2e * Minor change to logging Fix compilation errors (aws#1751) add support for running canary script in different regions (aws#1752) Regenerate pod eni values for new instance types (aws#1754) * Regenerate pod eni values for new instance types Co-authored-by: Senthil Kumaran <senthilx@amazon.com> Minor change to container runtime argument Check for Empty NetNs() first Fallback to older method if prevResult is nil Closed issue message (aws#1761) * closed issue message * update message fix typo in upload script (aws#1763) Update calico file path Use an unique s3 bucket name (aws#1760) Update region Workflow to build arm and x86 images (aws#1764) DataStore.GetStats() refactoring to simplify adding new fields (aws#1704) * DataStore.GetStats() refactoring to simplify adding new fields * cleanup * cleanup * cleanup * goimports * rename test to TestGetStatsV4 * address comments * fix typo * update * update "IP pool is too low" logging * GetStats() -> GetIpStats() * GetStats() -> GetIpStats() in tests and comments * update test * cleanup test * add logPoolStats comment Fix KOPS_STATE_STORE (aws#1770) Automation script for running IT (aws#1759) Update issue template Update issue template with email address Update issue template Update go.mod for integration folder (aws#1741) * Update go.mod for integration folder - Update go.mod for integration folder * Change integration test to use new K8s test framework * Modify server pod image * Switch to Nginx port 80 for server pod * Switch server port in client test * Remove custom command directive for Nginx pod * Added ping command for host checks README: mention arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy (aws#1768) Co-authored-by: Shreya027 <shrenaik@amazon.com> Add dl1.24xlarge to ENILimits override list (aws#1777) Chart and Manifest updates (aws#1771) * Chart and Manifest updates * Update probe timeout values Change workflow to use git install (aws#1785) - Change workflow to use git install as the go get command was altering go.mod file without updating go.sum file
cgchinmay
pushed a commit
to cgchinmay/amazon-vpc-cni-k8s
that referenced
this pull request
Dec 9, 2021
Add VlanId in the cmdAdd Result struct This VlanId will appear in the prevResult during cmdDel request CleanUp Pod Network using vlanId from prevResult in CNI itself No need to call ipamd Log formatting changes Added hostNetworking Setup test for pods using security groups Updated cleanUpPodENI method Skip processing Delete request if prevResult is nil Add Logging vlanId to ipamd Add support to test with containerd nodegroup in pod-eni test Add check for empty Netns() in cni Manifests and Readme updates (aws#1732) * Manifests and Readme updates * update manifest.jsonnet Readme updates (aws#1735) Updates to troubleshooting doc (aws#1737) * Updates to troubleshooting doc * updates to troubleshooting doc imdsv2 changes (aws#1743) fix flaky canary test (aws#1742) add CODEOWNERS (aws#1747) Snat tests: [agent is already updated] (aws#1513) * resolved conflicts with go.sum * Updated test agent image * Removed redundant files * Addressed PR comments Fixed go.sum in root folder Changed DescribeInstanceWithFilter to DescribeInstances Moved GetPrimaryInstanceId from ec2 interface Added GinkgoWriter Updated Readme for Snat test Rearranged snat_test logic Updated Readme for test/e2e * Minor change to logging Fix compilation errors (aws#1751) add support for running canary script in different regions (aws#1752) Regenerate pod eni values for new instance types (aws#1754) * Regenerate pod eni values for new instance types Co-authored-by: Senthil Kumaran <senthilx@amazon.com> Minor change to container runtime argument Check for Empty NetNs() first Fallback to older method if prevResult is nil Closed issue message (aws#1761) * closed issue message * update message fix typo in upload script (aws#1763) Update calico file path Use an unique s3 bucket name (aws#1760) Update region Workflow to build arm and x86 images (aws#1764) DataStore.GetStats() refactoring to simplify adding new fields (aws#1704) * DataStore.GetStats() refactoring to simplify adding new fields * cleanup * cleanup * cleanup * goimports * rename test to TestGetStatsV4 * address comments * fix typo * update * update "IP pool is too low" logging * GetStats() -> GetIpStats() * GetStats() -> GetIpStats() in tests and comments * update test * cleanup test * add logPoolStats comment Fix KOPS_STATE_STORE (aws#1770) Automation script for running IT (aws#1759) Update issue template Update issue template with email address Update issue template Update go.mod for integration folder (aws#1741) * Update go.mod for integration folder - Update go.mod for integration folder * Change integration test to use new K8s test framework * Modify server pod image * Switch to Nginx port 80 for server pod * Switch server port in client test * Remove custom command directive for Nginx pod * Added ping command for host checks README: mention arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy (aws#1768) Co-authored-by: Shreya027 <shrenaik@amazon.com> Add dl1.24xlarge to ENILimits override list (aws#1777) Chart and Manifest updates (aws#1771) * Chart and Manifest updates * Update probe timeout values Change workflow to use git install (aws#1785) - Change workflow to use git install as the go get command was altering go.mod file without updating go.sum file
This was referenced Dec 14, 2021
This was referenced Jan 13, 2022
haouc
pushed a commit
to haouc/amazon-vpc-cni-k8s
that referenced
this pull request
Feb 9, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
Porting PR #1727 from @chlunde
Which issue does this PR fix:
IMDSv1 disabled nodes will fail to be marked as ready because the conf file is not copied and entry point script is hung.
What does this PR do / Why do we need it:
Use tokens.
If an issue # is not available please add repro steps and logs from IPAMD/CNI showing the issue:
Testing done on this change:
Yes
Node is marked as not ready with v1.10.0 with IMDSV1 disabled -
Conf file is missing -
With fix -
Node is ready -
Automation added to e2e:
No
Will this break upgrades or downgrades. Has updating a running cluster been tested?:
No
Does this change require updates to the CNI daemonset config files to work?:
Does this PR introduce any user-facing change?:
No
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.