search

aws / amazon-vpc-cni-k8s

Networking plugin repository for pod networking in Kubernetes using Elastic Network Interfaces on AWS
Apache License 2.0
2.28k stars 743 forks source link

Enhanced subnet discovery should use configurable tags #2904

Open dougbyrne opened 6 months ago

dougbyrne commented 6 months ago

What would you like to be added: The enhanced subnet discovery should use configurable tags. Currently the CNI will use any subnet in a matching VPC and AZ with the tag kubernetes.io/role/cni: 1. The CNI should have additional configurable tag filters.

Why is this needed: If multiple EKS clusters share a VPC, they will all share subnets. It is desirable to specify additional tags unique to each cluster to limit the discovery scope. An example filter might be kubernetes.io/cluster/my-example-cluster: shared.

Subnet ID tag kubernetes.io/role/cni tag kubernetes.io/cluster/my-example-cluster tag kubernetes.io/cluster/some-other-cluster Selected by my example cluster Selected by some other cluster
subnet-123 1 shared untagged :white_check_mark: Yes :x: No
subnet-456 1 untagged shared :x: No :white_check_mark: Yes
subnet-789 1 shared shared :white_check_mark: Yes :white_check_mark: Yes
subnet-abc untagged shared untagged :x: No :x: No
subnet-def untagged untagged untagged :x: No :x: No
github-actions[bot] commented 4 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days

dougbyrne commented 4 months ago

Unstale

github-actions[bot] commented 2 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days

dougbyrne commented 2 months ago

Unstale

github-actions[bot] commented 4 days ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days

lorengordon commented 4 days ago

Unstale