-
Notifications
You must be signed in to change notification settings - Fork 748
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce DISABLE_LEAKED_ENI_CLEANUP
to disable leaked ENI cleanup task
#2370
Conversation
236eaa2
to
5680c38
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor nits..
4383feb
to
b3e9f4b
Compare
return getEnvBoolWithDefault(envDisableENIProvisioning, false) | ||
} | ||
|
||
func disableLeakedENICleanup() bool { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we rename this? I am not getting a good variable name but something like disableENIOperations
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is used exclusively for disabling the leaked ENI cleanup task, though. It doesn't disable other ENI operations. disableENIProvisioning
is the flag we use for cases like not allocating or deallocating an ENI
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right, but the API is checking if v6 is enabled or disable ENI provisioning is set or disabled leaked eni cleanup is set..so it would be better to have some common name for readability.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will sync up offline on this..
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
discussed offline, lgtm, we will consider refactoring later time.
What type of PR is this?
feature
Which issue does this PR fix:
#2360
What does this PR do / Why do we need it:
This PR adds a new environment variable,
DISABLE_LEAKED_ENI_CLEANUP
, that disables the leaked ENI cleanup task that IPAMD runs every hour. It also disables the task for IPv6 clusters. The task runs on each node every hour and creates a burst of EC2 API calls that can lead to throttling in larger accounts. Eventually, the task of cleaning up leaked ENIs will move to the VPC Resource Controller. This solution is to help customers in the interim.If an issue # is not available please add repro steps and logs from IPAMD/CNI showing the issue:
N/A
Testing done on this change:
Manually verified that task does not run when environment variable is set and that existing integration tests pass.
Automation added to e2e:
N/A
Will this PR introduce any new dependencies?:
N/A
Will this break upgrades or downgrades. Has updating a running cluster been tested?:
No, Yes
Does this change require updates to the CNI daemonset config files to work?:
No
Does this PR introduce any user-facing change?:
Yes
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.