search

lyft / cni-ipvlan-vpc-k8s

AWS VPC Kubernetes CNI driver using IPvlan
Apache License 2.0
360 stars 58 forks source link

Incorrect handling of errors in IPAM #39

Open gdearment opened 6 years ago

gdearment commented 6 years ago

The error handling in the IPAM add command is such that it is very hard to understand why something is failing. I've run into two problems that are due to the same general issue:

  1. The allocateClient doesn't differentiate between an interface already being maxed out on allowed IPv4 or IPv6 IP addresses and all IP addresses in a subnet being taken. Only the later is represented in the error here
  2. The error message from AllocateClient.AllocateIPFirstAvailableAtIndex(...) is clobbered unless there is more than one subnet that is tagged. This happens here.

For [2], if you have a single subnet for allocating Pod ENIs into, and the ENI is already attached to the host but has reached its maximum number of IPs, the error that will get returned is unable to create a new elastic network interface due to No subnets are available which haven't already been used but this is incorrect.

theatrus commented 6 years ago

Thanks for the report @gdearment ! I agree, this could use some improvement.