From 23dd4150cb1e05350f9d72f74184aff2dc1f633b Mon Sep 17 00:00:00 2001 From: Hao Zhou Date: Thu, 21 Dec 2023 16:50:18 -0800 Subject: [PATCH] update debugging doc (#349) --- docs/troubleshooting.md | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md index 036828b7..f8d39732 100644 --- a/docs/troubleshooting.md +++ b/docs/troubleshooting.md @@ -161,6 +161,7 @@ containers: - name: ENABLE_POD_ENI value: "true" ``` +If you are using ConfigMaps that are referred from VPC CNI containers' `env`, you need have the same key/value pair setup in the referred ConfigMap. **Resolution** If the environment variable is not set, @@ -168,15 +169,29 @@ If the environment variable is not set, - Follow the guide to [enable SGP feature](https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html). ### Verify Trunk ENI is created +Get the EKS managed CRD CNINode +``` +kubectl get cninode +``` +The CNINode's FEATURE column should have +``` +[{"name":"SecurityGroupsForPods"}] +``` -Describe the Node, +Alternatively, you can check node for further confirming. +Describe the Node ``` -kubectl describe node node-name +kubectl describe node +``` + +The following annotation will be added in node's `Capacity` and `Allocatable` if Trunk ENI is created successfully +``` +vpc.amazonaws.com/pod-eni: 9 (could be other values depending on your instance type) ``` -The following label will be set if Trunk ENI is created, +Your node should also receive an event like the following: ``` -Labels: vpc.amazonaws.com/has-trunk-attached=true +Normal NodeTrunkInitiated 5m12s vpc-resource-controller The node has trunk interface initialized successfully ``` **Resolution**