Skip to main content

Running out of Private IP in EKS

 


In particular, there are cases where the pending state persists despite not running out of
CPU or memory.

There is a case that it is due to lack of private ip.If the node group is shown as "Degraded"
in the EKS cluster configuration and you can see the following error in Health issues.

"Amazon Autoscaling was unable to launch instances because there are not enough free addresses
in the subnet associated with your AutoScaling group(s)."

And you can see that the number of "Available IP4 addresses" in the AWS VPC subnet used in the
node group is 0.

By designating the IP that the node group occupies, you can get some IPs back.


kubectl set env -n kube-system daemonset/aws-node MINIMUM_IP_TARGET=10 WARM_IP_TARGET=2
kubectl get daemonset -n kube-system aws-node -o json | jq -r '.spec.template.spec.containers[] |select ( .name == "aws-node" ).env'


You can see that the number of "Available IP4 addresses" in the AWS VPC subnet is increased.

Nevertheless, if IPs are not enough, consider two approaches.

1. Check the HA status and adjust appropriately to avoid the case where too many pods are
created due to the cpu and memory allocated to the application being too small.

kubectl get hpa -n test
NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE
test-nginx Deployment/test-nginx 10%/80%, 9%/80% 7 200 7 14d

---

apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: test-nginx
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: test-nginx
minReplicas: 7
maxReplicas: 200
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80 =>
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80 =>


---

apiVersion: apps/v1
kind: Deployment
metadata:
name: test-nginx
spec:
selector:
matchLabels:
app: test-nginx
replicas: 7
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 50%
maxUnavailable: 50%
template:
spec:
containers:
- name: nginx
imagePullPolicy: Always
resources:
requests:
memory: "200Mi" =>
cpu: "100m" =>
limits:
memory: "1Gi"
cpu: "500m"
nodeSelector:
team: test
environment: prod

2. If IPs are not enough even after tuning, add a node group to which another subnet is
assigned. (This below is a terraform snippet.)

test = {
desired_capacity = 5
max_capacity = 15
min_capacity = 4
subnets = [element(module.vpc.private_subnets, 0)]
disk_size = 30
k8s_labels = {
team = "test"
environment = "prod"
}
},

test2 = { =>
desired_capacity = 5
max_capacity = 15
min_capacity = 4
subnets = [element(module.vpc.private_subnets, 4)]
disk_size = 30
k8s_labels = {
team = "test"
environment = "prod"
}
},


Comments

Post a Comment

Popular posts from this blog

DevOps JD's required skills from LinkedIn

From some of DevOps JD on linkedIn, I realised that DeveOps should be the leader of the organization. https://docs.google.com/spreadsheets/d/1P520nH0pYcAdN0rJcnMQqsgu9cV9GdknztJ92J8l7-s/pubhtml DevOps' Required Skills From LinkedIn on 8/30/16: DevOps should be the leader of the company! Yahoo Netflix Samsung Salesforce Fortinet SUM OS admin UNIX systems Unix platforms Linux administrator Linux VMs Docker VMs VMware, OpenStack, Hyper-V Openstack, KVM, VMWare Version control version control systems Git, SVN Cloud Amazon AWS AWS AWS, Azure DB MySql Oracle, MySQL, NoSQL Mysql administration and strong command of SQL MySQL RabbitMQ MySql, MongoDB, Redis, Oracle, ProgreSQL N/W TCP/IP networking, DNS, HTTP NAS Understanding of network stack, network tuning, subnet/VLANs. HAProxy, DNS, IPTable Script Lang Shell, Perl, Python, Ruby, PHP bash Python, Bash/tcsh a scripting language: Perl, Python and Unix Shell preferred Python, Perl, Ruby Python, Ruby, Shell, PHP Web LAMP stack
Post a Comment
Read more

Ubuntu GUI with VNC on Xenserver

Xenserver 에서 Ubuntu GUI 를 쓰기 위해서는 VNC 가 답인 듯... Installing Ubuntu Gnome GUI on Ubuntu Server 12.10 with VNC Update Repositories # apt-get update Install gnome and vnc: # apt-get install gnome-core vnc4server Start VNC Server: # vncserver (You’ll then be prompted to create and verify a new VNC connect password) Kill the currently running VNC Session: # vncserver -kill :1 Edit VNC startup config file: # vim .vnc/xstartup Uncomment the following line: unset SESSION_MANAGER Add the following line: gnome-session --session=gnome-classic & Comment Out the following two lines: x-terminal-emulator -geometry 1280x1024+10+10 -ls -title "$VNCDESKTOP Desktop" & x-window-manager & End result should look like: #!/bin/sh # Uncomment the following two lines for normal desktop: unset SESSION_MANAGER # exec /etc/X11/xinit/xinitrc gnome-session --session=gnome-classic & [ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup [ -r $HOME/
Post a Comment
Read more

Install CoreOs on linode without VM

Install CoreOs on linode without VM 1. Add a Linode 2. Create a new Disk   CoreOS 3. Rescue > Reboot into Rescue Mode 4. Remote Access   Launch Lish Console 5. make an install script cat <<'EOF1' > install.sh # add needed package sudo apt-get update sudo apt-get install -y curl wget whois sudo apt-get install -y ca-certificates #sudo apt-get install gawk -y # get discovery url discoveryUrl=`curl https://discovery.etcd.io/new` # write cloud-config.yml cat <<EOF2 > cloud-config.yml #cloud-config users:   - name: core     groups:       - sudo       - docker coreos:   etcd:     name: node01     discovery: $discoveryUrl hostname: node01 EOF2 # get the coreos installation script #wget https://raw.github.com/coreos/init/master/bin/coreos-install wget https://raw.githubusercontent.com/coreos/init/master/bin/coreos-install # run installation chmod 755 coreos-install sudo ./coreos-install \       -d /dev/sda \       -
31 comments
Read more