EKS bootstrap: --enable-docker-bridge is not working

[dschunack]

What happened:

With the release of v20210716 or newer is the bootstrap option "--enable-docker-bridge" no longer working.
The bootstrap script was changed to integrate containerd support and the restart of the docker daemon was replaces with a start of the docker daemon, but docker is enabled and running by default after the installation. Means the start command doesn't have any impact and the docker0 bridged will not be activated due to an missing restart to load the new docker daemon.json config. The code in the docker daemon.json is OK and a manual restart of the docker daemon activates the docker0 bridge. Looks like that the new bootstrap scripts was not 100% tested before it was released.

What you expected to happen:
docker0 bridge is activated and used by the docker daemon.

How to reproduce it (as minimally and precisely as possible):

Start a new EKS Node with AMI Image v20210716 or newer and use the "--enable-docker-bridge true" for the bootstrap of the node. Use "ip a s docker0" to check if the docker0 bridge was created.

~]# ip a s docker0
Device "docker0" does not exist.

Execute "systemctl restart docker" and check it again. After the restart of the service is the docker0 bridge available.

~]# ip a s docker0
3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether 02:42:38:08:2b:a4 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0

Anything else we need to know?:

You can disabled docker by default if you build the AMI images or you change the the following line L439 with a restart instead of a start.

Environment:

• AWS Region: all
• Instance Type(s): all
• EKS Platform version (use aws eks describe-cluster --name <name> --query cluster.platformVersion): all
• Kubernetes version (use aws eks describe-cluster --name <name> --query cluster.version): all
• AMI Version: v20210716 or newer
• Kernel (e.g. uname -a): 5.4.129-63.229.amzn2.x86_64 Template is missing source_ami_id in the variables section #1 SMP Tue Jul 20 21:22:08 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
• Release information (run cat /etc/eks/release on a node):

BASE_AMI_ID="ami-01e809b6b105324b3"
BUILD_TIME="Thu Jul 22 16:13:01 UTC 2021"
BUILD_KERNEL="5.4.129-63.229.amzn2.x86_64"
ARCH="x86_64"

[ravisinha0506]

Ack. Looking into this.

[ravisinha0506]

The change is merged to the master branch.

[mrparkers]

Thanks for the fix @ravisinha0506, I was able to confirm that this works. When can we expect a new release that contains this change?

[ravisinha0506]

Hi @mrparkers, we have made few ami releases which contain this fix. Please use the latest release and let us know if any issues are found.

[dschunack]

Hi,

Patch is available since AMI release v20210813, but it's not described in any of the release notes.
When you publish new releases, it is useful to include information about fixed problems as comments in the release.

[mrparkers]

Thanks for the new release, the newest AMIs have resolved the issue for me 👍

[saurav-agarwalla]

Resolving since this is fixed now. I'll make sure that we put these fixes in the release notes in the future.