README
¶
amazon-vpc-cni-k8s
Networking plugin for pod networking in Kubernetes using Elastic Network Interfaces on AWS.
Setup
Download the latest version of the yaml and apply it the cluster.
kubectl apply -f aws-k8s-cni.yaml
Launch kubelet with network plugins set to cni (--network-plugin=cni), the cni directories configured (--cni-config-dir and --cni-bin-dir) and node ip set to the primary IPv4 address of the primary ENI for the instance (--node-ip=$(curl http://169.254.169.254/latest/meta-data/local-ipv4)). It is also recommended to set --max-pods equal to the number of ENIs for the instance type * (the number of IPs per ENI - 1) see to prevent scheduling that exceeds the IP resources available to the kubelet.
The default manifest expects --cni-conf-dir=/etc/cni/net.d and --cni-bin-dir=/opt/cni/bin.
L-IPAM requires following IAM policy:
{
"Effect": "Allow",
"Action": [
"ec2:CreateNetworkInterface",
"ec2:AttachNetworkInterface",
"ec2:DeleteNetworkInterface",
"ec2:DetachNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeInstances",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:AssignPrivateIpAddresses"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": "tag:TagResources",
"Resource": "*"
},
Building
make staticbuilds the binary filesmake docker-builduses a docker container (golang:1.10) to build the binaries.make dockerwill create a docker container using the docker-build with the finished binaries, with a tag ofamazon/amazon-k8s-cni:latestunit-test,lintandvetprovide ways to run the respective tests/tools and should be run before submitting a PR.
Components
There are 2 components:
- CNI Plugin, which will wire up host's and pod's network stack when called.
- L-IPAM, which is a long running node-Local IP Address Management (IPAM) daemon, is responsible for:
- maintaining a warm-pool of available IP addresses, and
- assigning an IP address to a Pod.
The details can be found in Proposal: CNI plugin for Kubernetes networking over AWS VPC
Contributing
Documentation
¶
There is no documentation for this package.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
pkg
|
|
|
awsutils/mocks
Package mock_awsutils is a generated GoMock package.
|
Package mock_awsutils is a generated GoMock package. |
|
cninswrapper/mock_ns
Package mock_ns is a generated GoMock package.
|
Package mock_ns is a generated GoMock package. |
|
cninswrapper/mocks
Package mock_cninswrapper is a generated GoMock package.
|
Package mock_cninswrapper is a generated GoMock package. |
|
docker/mocks
Package mock_docker is a generated GoMock package.
|
Package mock_docker is a generated GoMock package. |
|
ec2metadata/mocks
Package mock_ec2metadata is a generated GoMock package.
|
Package mock_ec2metadata is a generated GoMock package. |
|
ec2wrapper/mocks
Package mock_ec2wrapper is a generated GoMock package.
|
Package mock_ec2wrapper is a generated GoMock package. |
|
grpcwrapper/mocks
Package mock_grpcwrapper is a generated GoMock package.
|
Package mock_grpcwrapper is a generated GoMock package. |
|
httpwrapper/mocks
Package mock_httpwrapper is a generated GoMock package.
|
Package mock_httpwrapper is a generated GoMock package. |
|
ioutilwrapper/mocks
Package mock_ioutilwrapper is a generated GoMock package.
|
Package mock_ioutilwrapper is a generated GoMock package. |
|
ipwrapper/mocks
Package mock_ipwrapper is a generated GoMock package.
|
Package mock_ipwrapper is a generated GoMock package. |
|
k8sapi
Package k8sapi contains logic to retrive pods running on local node
|
Package k8sapi contains logic to retrive pods running on local node |
|
k8sapi/mocks
Package mock_k8sapi is a generated GoMock package.
|
Package mock_k8sapi is a generated GoMock package. |
|
netlinkwrapper/mock_netlink
Package mock_netlink is a generated GoMock package.
|
Package mock_netlink is a generated GoMock package. |
|
netlinkwrapper/mocks
Package mock_netlinkwrapper is a generated GoMock package.
|
Package mock_netlinkwrapper is a generated GoMock package. |
|
netlinkwrapper/mocks_link
Package mock_netlink is a generated GoMock package.
|
Package mock_netlink is a generated GoMock package. |
|
networkutils/mocks
Package mock_networkutils is a generated GoMock package.
|
Package mock_networkutils is a generated GoMock package. |
|
nswrapper/mocks
Package mock_nswrapper is a generated GoMock package.
|
Package mock_nswrapper is a generated GoMock package. |
|
resourcegroupstaggingapiwrapper/mocks
Package mock_resourcegroupstaggingapiwrapper is a generated GoMock package.
|
Package mock_resourcegroupstaggingapiwrapper is a generated GoMock package. |
|
rpcwrapper/mocks
Package mock_rpcwrapper is a generated GoMock package.
|
Package mock_rpcwrapper is a generated GoMock package. |
|
typeswrapper/mocks
Package mock_typeswrapper is a generated GoMock package.
|
Package mock_typeswrapper is a generated GoMock package. |
|
utils/ttime
Package ttime implements a testable alternative to the Go "time" package.
|
Package ttime implements a testable alternative to the Go "time" package. |
|
utils/ttime/mocks
Package mock_ttime is a generated GoMock package.
|
Package mock_ttime is a generated GoMock package. |
|
plugins
|
|
|
routed-eni/driver/mocks
Package mock_driver is a generated GoMock package.
|
Package mock_driver is a generated GoMock package. |
|
Package rpc is a generated protocol buffer package.
|
Package rpc is a generated protocol buffer package. |
|
mocks
Package mock_rpc is a generated GoMock package.
|
Package mock_rpc is a generated GoMock package. |
Click to show internal directories.
Click to hide internal directories.