Difference between revisions of "Amazon VPC CNI plugin for Kubernetes: aws-node"
Jump to navigation
Jump to search
↑ https://aws.github.io/aws-eks-best-practices/networking/vpc-cni/#understand-security-context
(→Errors) |
|||
| (47 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | Amazon [[VPC]] [[CNI]] plugin for [[Kubernetes]] | |
| + | * https://docs.aws.amazon.com/eks/latest/userguide/cni-iam-role.html | ||
| + | |||
| + | * <code>[[ipamd]] ([[aws-node]])</code> [[Daemonset]] <ref>https://aws.github.io/aws-eks-best-practices/networking/vpc-cni/#understand-security-context</ref> | ||
| + | |||
| + | * Obtain version:<code>[[kubectl describe daemonset aws-node --namespace kube-system]] | grep amazon-k8s-cni: | cut -d : -f 3</code> | ||
| + | * <code>[[aws eks describe-addon --cluster-name]] my-cluster --addon-name vpc-cni [[--query]] addon.addonVersion --output text</code> | ||
| − | + | Containers: | |
| − | + | {{aws-node containers}} | |
| + | |||
| + | |||
| + | [[kubectl get pods -n kube-system]] | grep [[aws-node]] | ||
| + | aws-node-7wqrv 2/2 Running 0 72d | ||
| + | aws-node-rfld6 2/2 Running 0 26h | ||
| + | aws-node-w75dq 0/2 [[Init:0/1]] 0 26h | ||
| + | |||
| + | [[kubectl logs -n kube-system aws-node]] | ||
| + | kubectl logs -n kube-system aws-node-123 -c [[aws-node]] | ||
| + | kubectl logs -n kube-system aws-node-123 -c [[aws-eks-nodeagent]] | ||
| + | kubectl logs -n kube-system aws-node-123 -c [[aws-vpc-cni-init]] | ||
| + | |||
| + | == Errors == | ||
| + | [[FailedSync]] (507)3.8 mins ago [[error determining status]]: [[rpc error]]: code = Unknown desc = Error: [[No such container]]: 91234567XXXXXXX | ||
| + | |||
| + | aws-node-w75dq 0/2 [[Init:0/1]] 0 26h | ||
| + | |||
| + | Error from server ([[BadRequest]]): container "[[aws-node]]" in pod "aws-node-12345" is waiting to start: [[CreateContainerError]] | ||
| + | |||
| + | kube-system [[aws-node]]-kjz6s 0/2 [[ImageInspectError]] 1 105m 10.111.111.111 ip-10-111-111-111.eu-west-3.compute.internal <none> <none> | ||
| + | |||
| + | == Events == | ||
| + | * <code>[[Liveness probe errored]]</code> | ||
| + | * <code>[[Error: context deadline exceeded]]</code> | ||
== Related == | == Related == | ||
| Line 8: | Line 38: | ||
* <code>[[kubectl get daemonset]]</code> | * <code>[[kubectl get daemonset]]</code> | ||
* <code>[[kubectl get serviceaccounts]]</code> | * <code>[[kubectl get serviceaccounts]]</code> | ||
| + | * <code>[[kubectl get pods -n kube-system]]</code> | ||
| + | * <code>[[kubectl set env daemonset -n kube-system]]</code> | ||
| + | * <code>[[sts:AssumeRoleWithWebIdentity]]</code> | ||
| + | * <code>[[eksctl create iamserviceaccount]]</code> | ||
| + | * <code>[[kubectl -n kube-system edit daemonset/aws-node]]</code> | ||
| + | * [[Amazon VPC-CNI: cluster addons]] | ||
| + | * <code>[[kubectl events]]</code>: <code>[[Failed]], [[FailedSync]], [[Unhealthy]], [[Killing]]</code> | ||
== See also == | == See also == | ||
| + | * {{aws-node}} | ||
| + | * {{AWS VPC CNI}} | ||
| + | * {{kube-system}} | ||
* {{CNI}} | * {{CNI}} | ||
| − | + | ||
[[Category:EKS]] | [[Category:EKS]] | ||
Latest revision as of 09:10, 29 February 2024
Amazon VPC CNI plugin for Kubernetes
- Obtain version:
kubectl describe daemonset aws-node --namespace kube-system | grep amazon-k8s-cni: | cut -d : -f 3 aws eks describe-addon --cluster-name my-cluster --addon-name vpc-cni --query addon.addonVersion --output text
Containers:
kubectl get pods -n kube-system | grep aws-node aws-node-7wqrv 2/2 Running 0 72d aws-node-rfld6 2/2 Running 0 26h aws-node-w75dq 0/2 Init:0/1 0 26h
kubectl logs -n kube-system aws-node kubectl logs -n kube-system aws-node-123 -c aws-node kubectl logs -n kube-system aws-node-123 -c aws-eks-nodeagent kubectl logs -n kube-system aws-node-123 -c aws-vpc-cni-init
Contents
Errors[edit]
FailedSync (507)3.8 mins ago error determining status: rpc error: code = Unknown desc = Error: No such container: 91234567XXXXXXX
aws-node-w75dq 0/2 Init:0/1 0 26h
Error from server (BadRequest): container "aws-node" in pod "aws-node-12345" is waiting to start: CreateContainerError
kube-system aws-node-kjz6s 0/2 ImageInspectError 1 105m 10.111.111.111 ip-10-111-111-111.eu-west-3.compute.internal <none> <none>
Events[edit]
Related[edit]
kube-systemkubectl get daemonsetkubectl get serviceaccountskubectl get pods -n kube-systemkubectl set env daemonset -n kube-systemsts:AssumeRoleWithWebIdentityeksctl create iamserviceaccountkubectl -n kube-system edit daemonset/aws-node- Amazon VPC-CNI: cluster addons
kubectl events:Failed, FailedSync, Unhealthy, Killing
See also[edit]
aws-node, ipamd, kubectl logs -n kube-system aws-node,aws-vpc-cni-init, aws-node, aws-eks-nodeagent- AWS VPC CNI,
aws-node (ipamd): (aws-node, aws-eks-nodeagent, aws-vpc-cni-init), cluster_addons: vpc-cni, aws-network-policy-agent:aws-eks-na-cli, AmazonEKS_CNI_Policy,AmazonEKS_CNI_Policy kube-system:kubectl get pods -n kube-system, kube-dns, aws-node- Kubernetes networking: Container Network Interface (CNI), VPC CNI, Multus CNI, Calico, Flannel
Advertising:
