Lyft CNI

The lyft cni-ipvlan-vpc-k8s plugin uses Amazon Elastic Network Interfaces (ENI) to assign AWS-managed IPs to Pods using the Linux kernel’s IPvlan driver in L2 mode.

Support for the Lyft CNI is deprecated in kOps 1.22 and will be removed in kOps 1.23.

Installing

Read the prerequisites before starting. In addition to that, you need to specify the VPC ID as spec.networkID in the cluster spec file.

To use the Lyft CNI, specify the following in the cluster spec.

  1.   networking:
  2.     lyftvpc: {}

in the cluster spec file or pass the --networking lyftvpc option on the command line to kOps:

  1. $ export ZONES=mylistofzones
  2. $ kops create cluster \
  3.   --zones $ZONES \
  4.   --master-zones $ZONES \
  5.   --master-size m4.large \
  6.   --node-size m4.large \
  7.   --networking lyftvpc \
  8.   --yes \
  9.   --name myclustername.mydns.io

Configuring

Specify subnet selector

You can specify which subnets to use for allocating Pod IPs by specifying

  1.   networking:
  2.     lyftvpc:
  3.       subnetTags:
  4.         KubernetesCluster: myclustername.mydns.io

In this example, new interfaces will be attached to subnets tagged with KubernetesCluster = myclustername.mydns.io.

Change the download location

By default the plugin is downloaded from Github at node startup. This location can be changed using environment variables

  1. export LYFT_VPC_DOWNLOAD_URL="https://example.com/cni-ipvlan-vpc-k8s-amd64-v0.6.0.tar.gz"
  2. export LYFT_VPC_DOWNLOAD_HASH="3aadcb32ffda53990153790203eb72898e55a985207aa5b4451357f9862286f0"

The hash can be MD5, SHA1 or SHA256.

Troubleshooting

In case of any issues the directory /var/log/aws-routed-eni contains the log files of the CNI plugin. This directory is located in all the nodes in the cluster.