Allow excluding node subnets from VPC CNI auto discovery via subnet tag #2984
Labels
Comments
|
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days |
|
Issue closed due to inactivity. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What would you like to be added:
Allow excluding node subnets from auto discovery when
ENABLE_SUBNET_DISCOVERY = "true"and node subnets tagged withkubernetes.io/role/cni=0. Exclusions should apply for pods that doesn't require host network (spec.hostNetwork=true).Why is this needed:
If EKS clusters are provisioned with smaller subnets to host node groups, scheduling pods in the same subnets will limit the number of IP addresses assigned to other AWS resources or additional nodes. At the same time, secondary CIDRs may be used for pod IP pools only.
Example: this would benefit a multi-account network architecture with isolation of resources meant to be shared with other accounts VPCs over transit gateway or peering connections, and pods in secondary CIDRs, connected to transit gateways via NAT Gateways.
The text was updated successfully, but these errors were encountered: