awslabs
[POC] feat(nodeadm): reconcile max pods with ipamd
Issue #, if available:
Description of changes: This adds a new nodeadm phase (after run) that will poll IPAMD for some pre-configured timeout, and then re-configure the reserved resources for kubelet after receiving a response. It is intended as a one-off, so it will short-circuit if there's an indication a previous configuration ran. It also requires enabling a new feature gate, and running a supported version of kubelet. This is intended to allow nodeadm to automatically configure kubelet based on the features of the VPC CNI actively in-use, gauged via the locally running instance of ipamd.
This utilizes a feature branch of the VPC CNI for interrogating the allocatable IPs: https://github.com/aws/amazon-vpc-cni-k8s/compare/master...mselim00:amazon-vpc-cni-k8s:expose-ip-count
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Testing Done
See this guide for recommended testing for PRs. Some tests may not apply. Completing tests and providing additional validation steps are not required, but it is recommended and may reduce review time and time to merge.
High level question - Do we have to vendor the CNI repository here? Can't we add as a go.mod dependency ?
Do we have to vendor the CNI repository here? Can't we add as a go.mod dependency ?
We vendor all dependencies for nodeadm to allow for consistent and network-less builds. I'll look into the size difference to make sure we're not getting too much unnecessary bloat though
ref: https://github.com/awslabs/amazon-eks-ami/blob/6137919b86dad11cd8d847732ae91f91b8932049/templates/al2023/provisioners/install-nodeadm.sh#L19-L26
Working on splitting off the limiting aspect for the max pods value in another PR: https://github.com/awslabs/amazon-eks-ami/pull/2325