Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why two ENIs by default in EKS?

Tags:

kubernetes

amazon-eks

When I create an EKS cluster I see that worker nodes have two ENIs, eth0 and eth1.

Does EKS require two ENIs for its functionality ? Or two ENIs are added to provide more IPs for the pods (using default AWS CNI) ?

like image 445
Manohar Avatar asked May 21 '20 05:05

Manohar

People also ask

How many IP addresses does EKS need?

The subnets must each have at least six IP addresses for use by Amazon EKS. However, we recommend at least 16 IP addresses.

How many pods can run on a EKS node?

Most managed Kubernetes services even impose hard limits on the number of pods per node: On Amazon Elastic Kubernetes Service (EKS), the maximum number of pods per node depends on the node type and ranges from 4 to 737.

What is control plane and data plane in EKS?

The Amazon EKS control plane consists of control plane nodes that run the Kubernetes software, such as etcd and the Kubernetes API server. The control plane runs in an account managed by AWS, and the Kubernetes API is exposed via the Amazon EKS endpoint associated with your cluster.

What is the default version of Kubernetes in EKS?

CoreDNS version 1.8. 0 is the recommended version for Amazon EKS 1.19 clusters. This version is installed by default in new Amazon EKS 1.19 clusters. For more information, see Managing the CoreDNS add-on.

2 Answers

By default EKS uses aws-vpc-cni-k8s to allocate IP addresses for pods. The default settings for the CNI plugin is WARM_ENI_TARGET=1 which will ensure you have an additional ENI available for future assignment. Your addresses will be assigned to the first ENI until the max IPs per ENI for the instance type is exhausted, then allocations will come from the second ENI. Once an IP address is assigned to the second ENI a third ENI will be allocated according to the WARM_ENI_TARGET setting. It will continue to allocate additional ENIs as you use addresses until you reach the maximum number of ENIs for the instance type.

like image 80
Steve Buzonas Avatar answered Sep 29 '22 10:09

Steve Buzonas

The other reason for the second ENI is so that you can you can use secondary CIDRS attached to your VPC. This allowed specific IP planning with a set of IP addresses just for the PODS. When a t3.small gets 11 IPs and a M5.2xlarge gets 58 IPs, you have to plan the subnets.

Review the docs: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html

like image 35
mpechner Avatar answered Sep 29 '22 12:09

mpechner
Sign in to Comment

Related questions

how to reset my kubectl settings back to default
kafka on kubernetes cannot produce/consume topics (ClosedChannelException, ErrorLoggingCallback)
swarm, kubernetes or mesos for batch processing jobs
How to migrate the pods automatically to another node in kubernetes?
Easiest way to do docker build command within Jenkinsfile running on Jenkins slave node?
installing nginx-ingress on Kubernetes to run on localhost MacOs - Docker for Mac(Edge)
Best practices for defining Kubernetes namespaces and labels
Whitelist "kube-system" namespace using NetworkPolicy
Kubernetes log - from the beginning
Kubernetes kubectl shows pods restarts as zero but pods age has changed
How can kube-apiserver be restarted? [closed]
Not able to login to Kubernetes dashboard using token with service account
How to access Logs of Pods in Kubernetes after its deletion
How do I upgrade a helm chart with a new values.yaml and keep the previous deployments data?
How to execute a 'command with arguments' on a container of 'multi-container pod'?
uwsgi master graceful shutdown
How does port publishing from a docker container to a kubernetes pod work?
Kubernetes: create service vs expose deployment
Kubernetes object size limitations
Kubernetes pod resolve external kafka hostname in coredns not as hostaliases inside pod

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!