search

aws-quickstart / cdk-eks-blueprints

AWS Quick Start Team
Apache License 2.0
454 stars 204 forks source link

add support for tuning plugin in VPC CNI addon #1080

Closed phsiao closed 1 week ago

phsiao commented 1 month ago

Describe the feature

Enable the VPC CNI addon to support the CNI tuning plugin, allowing for more granular sysctl customization.

Use Case

Our current on-premises cluster employs the tuning plugin to modify specific system parameters (sysctls) at the cluster level. These adjustments, such as:

net.ipv4.tcp_keepalive_time=30
net.ipv4.tcp_keepalive_intvl=15
net.ipv4.tcp_keepalive_probes=6
net.ipv4.ip_unprivileged_port_start=0

are necessary to align the cluster's default behavior with our specific operational requirements.

Proposed Solution

I propose adding a new tuning plugin configuration block analogous to the one used for disabling IPv6. This would allow users to specify an array of sysctl key-value pairs, which would then be automatically converted into another tuning plugin configuration block, enabling flexible customization.

Other Information

No response

Acknowledgements

CDK version used

2.147.3

EKS Blueprints Version

1.15.1

Node.js Version

v20.13.0

Environment details (OS name and version, etc.)

Linux

shapirov103 commented 1 week ago

@phsiao the suggested approach is specific to the go codebase that backs vpc-cni. The change that you are proposing (and the approach) is more relevant to submit against that repo https://github.com/aws/amazon-vpc-cni-k8s/

I don't see how we can inject these params, unless the VPC-CNI configuration allows to pass them through the standard config mechanism (aka core addon advanced config). If you have a solution, please feel free to submit a PR.

phsiao commented 1 week ago

My mistake. I overlooked the different repo name.