From d69afe96844a9ff6b51e795152a3e10e41fb5a83 Mon Sep 17 00:00:00 2001 From: Hao Zhou Date: Fri, 22 Dec 2023 00:28:48 +0000 Subject: [PATCH] update debugging doc --- docs/troubleshooting.md | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md index 036828b7..f8d39732 100644 --- a/docs/troubleshooting.md +++ b/docs/troubleshooting.md @@ -161,6 +161,7 @@ containers: - name: ENABLE_POD_ENI value: "true" ``` +If you are using ConfigMaps that are referred from VPC CNI containers' `env`, you need have the same key/value pair setup in the referred ConfigMap. **Resolution** If the environment variable is not set, @@ -168,15 +169,29 @@ If the environment variable is not set, - Follow the guide to [enable SGP feature](https://docs.aws.amazon.com/eks/latest/userguide/security-groups-for-pods.html). ### Verify Trunk ENI is created +Get the EKS managed CRD CNINode +``` +kubectl get cninode +``` +The CNINode's FEATURE column should have +``` +[{"name":"SecurityGroupsForPods"}] +``` -Describe the Node, +Alternatively, you can check node for further confirming. +Describe the Node ``` -kubectl describe node node-name +kubectl describe node +``` + +The following annotation will be added in node's `Capacity` and `Allocatable` if Trunk ENI is created successfully +``` +vpc.amazonaws.com/pod-eni: 9 (could be other values depending on your instance type) ``` -The following label will be set if Trunk ENI is created, +Your node should also receive an event like the following: ``` -Labels: vpc.amazonaws.com/has-trunk-attached=true +Normal NodeTrunkInitiated 5m12s vpc-resource-controller The node has trunk interface initialized successfully ``` **Resolution**