--- "apiVersion": "v1" "kind": "ServiceAccount" "metadata": "name": "aws-node" "namespace": "kube-system" --- "apiVersion": "rbac.authorization.k8s.io/v1" "kind": "ClusterRoleBinding" "metadata": "name": "aws-node" "roleRef": "apiGroup": "rbac.authorization.k8s.io" "kind": "ClusterRole" "name": "aws-node" "subjects": - "kind": "ServiceAccount" "name": "aws-node" "namespace": "kube-system" --- "apiVersion": "rbac.authorization.k8s.io/v1" "kind": "ClusterRole" "metadata": "name": "aws-node" "rules": - "apiGroups": - "crd.k8s.amazonaws.com" "resources": - "eniconfigs" "verbs": - "get" - "list" - "watch" - "apiGroups": - "" "resources": - "namespaces" "verbs": - "list" - "watch" - "get" - "apiGroups": - "" "resources": - "pods" "verbs": - "list" - "watch" - "get" - "apiGroups": - "" "resources": - "nodes" "verbs": - "list" - "watch" - "get" - "update" - "apiGroups": - "extensions" "resources": - "*" "verbs": - "list" - "watch" --- "apiVersion": "apiextensions.k8s.io/v1" "kind": "CustomResourceDefinition" "metadata": "name": "eniconfigs.crd.k8s.amazonaws.com" "spec": "group": "crd.k8s.amazonaws.com" "names": "kind": "ENIConfig" "plural": "eniconfigs" "singular": "eniconfig" "preserveUnknownFields": false "scope": "Cluster" "versions": - "name": "v1alpha1" "schema": "openAPIV3Schema": "type": "object" "x-kubernetes-preserve-unknown-fields": true "served": true "storage": true --- "apiVersion": "apps/v1" "kind": "DaemonSet" "metadata": "labels": "k8s-app": "aws-node" "name": "aws-node" "namespace": "kube-system" "spec": "selector": "matchLabels": "k8s-app": "aws-node" "template": "metadata": "labels": "k8s-app": "aws-node" "spec": "affinity": "nodeAffinity": "requiredDuringSchedulingIgnoredDuringExecution": "nodeSelectorTerms": - "matchExpressions": - "key": "beta.kubernetes.io/os" "operator": "In" "values": - "linux" - "key": "beta.kubernetes.io/arch" "operator": "In" "values": - "amd64" - "arm64" - "key": "eks.amazonaws.com/compute-type" "operator": "NotIn" "values": - "fargate" - "matchExpressions": - "key": "kubernetes.io/os" "operator": "In" "values": - "linux" - "key": "kubernetes.io/arch" "operator": "In" "values": - "amd64" - "arm64" - "key": "eks.amazonaws.com/compute-type" "operator": "NotIn" "values": - "fargate" "containers": - "env": - "name": "ADDITIONAL_ENI_TAGS" "value": "{}" - "name": "AWS_VPC_CNI_NODE_PORT_SUPPORT" "value": "true" - "name": "AWS_VPC_ENI_MTU" "value": "9001" - "name": "AWS_VPC_K8S_CNI_CONFIGURE_RPFILTER" "value": "false" - "name": "AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG" "value": "false" - "name": "AWS_VPC_K8S_CNI_EXTERNALSNAT" "value": "false" - "name": "AWS_VPC_K8S_CNI_LOGLEVEL" "value": "DEBUG" - "name": "AWS_VPC_K8S_CNI_LOG_FILE" "value": "/host/var/log/aws-routed-eni/ipamd.log" - "name": "AWS_VPC_K8S_CNI_RANDOMIZESNAT" "value": "prng" - "name": "AWS_VPC_K8S_CNI_VETHPREFIX" "value": "eni" - "name": "AWS_VPC_K8S_PLUGIN_LOG_FILE" "value": "/var/log/aws-routed-eni/plugin.log" - "name": "AWS_VPC_K8S_PLUGIN_LOG_LEVEL" "value": "DEBUG" - "name": "DISABLE_INTROSPECTION" "value": "false" - "name": "DISABLE_METRICS" "value": "false" - "name": "DISABLE_NETWORK_RESOURCE_PROVISIONING" "value": "false" - "name": "ENABLE_POD_ENI" "value": "false" - "name": "ENABLE_PREFIX_DELEGATION" "value": "false" - "name": "MY_NODE_NAME" "valueFrom": "fieldRef": "fieldPath": "spec.nodeName" - "name": "WARM_ENI_TARGET" "value": "1" - "name": "WARM_PREFIX_TARGET" "value": "1" "image": "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni:v1.9.3" "livenessProbe": "exec": "command": - "/app/grpc-health-probe" - "-addr=:50051" - "-connect-timeout=2s" - "-rpc-timeout=2s" "initialDelaySeconds": 60 "timeoutSeconds": 5 "name": "aws-node" "ports": - "containerPort": 61678 "name": "metrics" "readinessProbe": "exec": "command": - "/app/grpc-health-probe" - "-addr=:50051" - "-connect-timeout=2s" - "-rpc-timeout=2s" "initialDelaySeconds": 1 "resources": "requests": "cpu": "10m" "securityContext": "capabilities": "add": - "NET_ADMIN" "volumeMounts": - "mountPath": "/host/opt/cni/bin" "name": "cni-bin-dir" - "mountPath": "/host/etc/cni/net.d" "name": "cni-net-dir" - "mountPath": "/host/var/log/aws-routed-eni" "name": "log-dir" - "mountPath": "/var/run/aws-node" "name": "run-dir" - "mountPath": "/var/run/dockershim.sock" "name": "dockershim" - "mountPath": "/run/xtables.lock" "name": "xtables-lock" "hostNetwork": true "initContainers": - "env": - "name": "DISABLE_TCP_EARLY_DEMUX" "value": "false" "image": "602401143452.dkr.ecr.us-west-2.amazonaws.com/amazon-k8s-cni-init:v1.9.3" "name": "aws-vpc-cni-init" "securityContext": "privileged": true "volumeMounts": - "mountPath": "/host/opt/cni/bin" "name": "cni-bin-dir" "priorityClassName": "system-node-critical" "serviceAccountName": "aws-node" "terminationGracePeriodSeconds": 10 "tolerations": - "operator": "Exists" "volumes": - "hostPath": "path": "/opt/cni/bin" "name": "cni-bin-dir" - "hostPath": "path": "/etc/cni/net.d" "name": "cni-net-dir" - "hostPath": "path": "/var/run/dockershim.sock" "name": "dockershim" - "hostPath": "path": "/run/xtables.lock" "name": "xtables-lock" - "hostPath": "path": "/var/log/aws-routed-eni" "type": "DirectoryOrCreate" "name": "log-dir" - "hostPath": "path": "/var/run/aws-node" "type": "DirectoryOrCreate" "name": "run-dir" "updateStrategy": "rollingUpdate": "maxUnavailable": "10%" "type": "RollingUpdate" ...