Skip to content

Commit

Permalink
update debugging doc
Browse files Browse the repository at this point in the history
  • Loading branch information
haouc committed Dec 22, 2023
1 parent 7df7de0 commit d69afe9
Showing 1 changed file with 19 additions and 4 deletions.
23 changes: 19 additions & 4 deletions docs/troubleshooting.md
Original file line number Diff line number Diff line change
Expand Up @@ -161,22 +161,37 @@ containers:
- name: ENABLE_POD_ENI
value: "true"
```
If you are using ConfigMaps that are referred from VPC CNI containers' `env`, you need have the same key/value pair setup in the referred ConfigMap.

**Resolution**
If the environment variable is not set,

- Follow the guide to [enable SGP feature](https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html).

### Verify Trunk ENI is created
Get the EKS managed CRD CNINode
```
kubectl get cninode <NODDE_NAME>
```
The CNINode's FEATURE column should have
```
[{"name":"SecurityGroupsForPods"}]
```

Describe the Node,
Alternatively, you can check node for further confirming.
Describe the Node
```
kubectl describe node node-name
kubectl describe node <NODE_NAME>
```

The following annotation will be added in node's `Capacity` and `Allocatable` if Trunk ENI is created successfully
```
vpc.amazonaws.com/pod-eni: 9 (could be other values depending on your instance type)
```

The following label will be set if Trunk ENI is created,
Your node should also receive an event like the following:
```
Labels: vpc.amazonaws.com/has-trunk-attached=true
Normal NodeTrunkInitiated 5m12s vpc-resource-controller The node has trunk interface initialized successfully
```

**Resolution**
Expand Down

0 comments on commit d69afe9

Please sign in to comment.