Comments (2)
ChrisMcKee
commented on June 25, 2024
1
@vpineda1996 it hijacks port-80 on the node; If I deploy haproxy ingress daemonset on hostnetwork and use a random port e.g. 30680 it will work fine.
If I have haproxy installed already attached to port 80; installing the AWS Identity addon will kick the haproxy pods causing an outage.
It sounds like you're saying it doesn't use the eks-node host-network / 80? but it is.
from containers-roadmap.
vpineda1996
commented on June 25, 2024
The EKS Pod Identity Agent only binds to the address on link-local interface created by the initial setup. Specifically, the call to bind binds to port 80 on the following IP addresses:
fd00:ec2::23169.254.170.23
You can get around this limitation by specifying the address of the interface you are trying to bind to port 80. eg if you are doing a bind 0.0.0.0:80, it will fail but if you know the IP of your instance (eg 10.0.163.96) then you can do a direct bind 10.0.163.96:80.
To know the primary IP that your instance has you can run ip addr and find the interface that has the primary IP (normally named ens6)
5: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc mq state UP group default qlen 1000
link/ether 0a:24:fe:7c:d3:99 brd ff:ff:ff:ff:ff:ff
altname enp0s6
altname ens6
inet 10.0.163.96/19 brd 10.0.191.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::824:feff:fe7c:d399/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
Alternatively you can use EC2's DescribeInstances API to find the primary network interface IP.
from containers-roadmap.
Related Issues (20)
- EKS Managed core-dns Addons Not able to change deployment replicaCount HOT 3
- [EKS] [request]: Multi-cluster dashboard
- [EKS] [Feature]: Enable DNS64 in CoreDNS on IPv6 clusters HOT 1
- [EKS] [Addon Update]: Add Resource Limits/Requests to EFS CSI Managed Addon
- [ECR] [BUG]: pull through cache doesn't support image with / in the name HOT 1
- [ECR] [REPLICATION] [feature]: Allow image tag filters in ECR cross account replication along with the current Repo filter.
- [ECR] [request]: Support for Alpine Linux v3.20 on Enhanced Vulnerability Scanning - Inspector HOT 1
- [ECR] [request]: Support for Alpine 3.20 on Basic Vulnerability Scan - claircore HOT 5
- [EKS] [request]: No available versions of AWS Cloudwatch Observability Add-on for EKS 1.30 HOT 6
- [EKS] [request]: NVME Disk setup for Windows HOT 1
- [EKS]: amazon-cloudwatch-observability addon allow fluent-bit Only Install HOT 1
- [EKS] [eks-pod-identity] [bug]: Setting the STS Session name in eks-pod-identity-agent HOT 3
- [EKS] [S3 CSI Driver] [request]: Support advanced configuration
- ECS console should not allow variable names with spaces, especially at the end HOT 1
- [EKS] [request]: No available versions of adot add on for EKS 1.30 HOT 1
- [ECS] [Fargate]: Stopped task error message enhancements
- [ECS] [Fargate]: Allow the use a Private CA without AWS Private CA in Service Connect
- [Fargate] [request]: Fargate sysctls support for net.core
- [ECS] [Service Connect Proxy Tracing Configuration]: Allow configuration of Service Connect Proxies via Supported Environment Variables
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from containers-roadmap.