eks-anywhere icon indicating copy to clipboard operation
eks-anywhere copied to clipboard

Published 20 hours ago • verified publisher icon aws

Customize cillium cni configuration

Open vivek-koppuru opened this issue 3 years ago • 9 comments

What would you like to be added: As mentioned in https://github.com/aws/eks-anywhere/issues/362, we want the ability to be able to modify configuration of the cni being installed (for example cilium in this case) before installing it on EKS-A. Currently, EKS-A deploys fixed version of cilium that can only be modified after the fact, which is currently not supported either.

Why is this needed: Different users may have different use cases for configuration when deploying a cni on their EKS-A cluster. The option for debugging is a possibility as well for why a user might want to edit the cni configuration beforehand.

vivek-koppuru avatar Oct 05 '21 22:10 vivek-koppuru

It would be nice to be able to set the cluster-id and cluster-name parameters as well. Ideally we would be able to specify any field in the cilium-config configmap, but at least being able to set those two would should go a long way towards using Cilium ClusterMesh

cryptk avatar May 20 '22 16:05 cryptk

Perhaps buried in the documentation, but I'm wondering which are the reasons why EKS-A uses a non-vanilla Cilium Docker image? At the moment, the Cilium version is pretty old. At the time of writing, we are already at 1.12, and the EKS-A spins up cluster running Cilium 1.9.

mazzy89 avatar May 22 '22 08:05 mazzy89

@mazzy89 @vivek-koppuru I agree Cilium 1.9 is too old, that is why I suggested if not shipping most recent version, at least give users option to select cilium versions to deploy

vincentmli avatar May 23 '22 20:05 vincentmli

@vincentmli the problem is if we had the option to select the cilium version, would be still ok? The Cilium version EKS-A runs is not the vanilla one, is it? EKS-A team bakes their own image. Not sure why though. I haven't looked at it.

mazzy89 avatar May 23 '22 21:05 mazzy89

@vincentmli the problem is if we had the option to select the cilium version, would be still ok? The Cilium version EKS-A runs is not the vanilla one, is it? EKS-A team bakes their own image. Not sure why though. I haven't looked at it.

my goal is to test EKS-A with vanilla cilium version or most recent release version, I have not checked what cilium version EKS-A runs, seems you were saying it runs with cilium 1.9 which is old.

vincentmli avatar May 23 '22 22:05 vincentmli

@vincentmli did you run the test with a vanilla version?

mazzy89 avatar Aug 21 '22 09:08 mazzy89

@mazzy89 no, not yet, does EKS-A include cilium version 1.12 now?

vincentmli avatar Aug 21 '22 14:08 vincentmli

Still old version

mazzy89 avatar Aug 27 '22 09:08 mazzy89

from what I heard from one user that similar product Google Anthos will include Cilium 1.12

vincentmli avatar Aug 27 '22 14:08 vincentmli

I also wonder if https://github.com/cilium/cilium/issues/21486 is the reason eks-a not shipping cilium 1.12, @vivek-koppuru do you have idea?

vincentmli avatar Sep 29 '22 03:09 vincentmli

Yea we don't maintain those images so we have to support what's available. @vincentmli

vivek-koppuru avatar Sep 29 '22 04:09 vivek-koppuru

Is this something that is blocking you?

vivek-koppuru avatar Sep 29 '22 04:09 vivek-koppuru

cilium 1.12 has VTEP feature I worked on to work with F5 BIG-IP, so I would like eks-a shipping with cilium 1.12

vincentmli avatar Sep 29 '22 14:09 vincentmli