WARM_ENI_TARGET is 1. But worker node ENI 2 (with coredns pods used)

Question

WARM_ENI_TARGET is 1. But worker node ENI 2 (with coredns pods used)

itjobs-levi opened this issue 6 months ago · 2 comments

What happened:

Environment:

Kubernetes version (use kubectl version): 1.29
CNI Version : v1.16.4-eksbuild.2
OS (e.g: cat /etc/os-release): amazon linux 2023
Kernel (e.g. uname -a):

Problem scenario:

I have no deployments on the worker node.
Since WARM_ENI_TARGET is set to 1, I thought the worker node would have one ENI.
(WARM_IP_TARGET not used)

However, worker nodes have two ENIs by default.

Running pods are aws-node, coredns*2, eks-pod-identity, and kube-proxy.

I suspected the coredns pod.

So, I created another worker node.
At this time, there was only one ENI, and only aws-node, eks-pod-identity, and kube-proxy pods were running.

Then, I killed one coredns and moved it to the newly created worker node.

the worker node also had two ENIs.

Is this normal behavior?

Answer 1 · 2024-03-28T23:29:30.000Z

Hi! Yes this behavior is normal. WARM_ENI_TARGET=1 means VPC-CNI will keep one extra ENI (with max IPs allocated) ready to be used. The reason you saw two ENIs is because coredns pods do not use the host IP. Rather, they get an IP from an ENI. Since the primary ENI no longer has max IPs, VPC-CNI will spin up another ENI (with max IPs allocated).

Answer 2 · 2024-03-29T01:10:17.000Z

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.