Consume Additional Prefixes

To demonstrate VPC CNI behavior of adding additional prefixes to our worker nodes, we'll deploy pause pods to utilize more IP addresses than are currently assigned. We're utilizing a large number of these pods to simulate the addition of application pods in to the cluster either through deployments or scaling operations.

~/environment/eks-workshop/modules/networking/prefix/deployment-pause.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pause-pods-prefix
  namespace: other
spec:
  replicas: 150
  selector:
    matchLabels:
      run: pause-pods-prefix
  template:
    metadata:
      labels:
        run: pause-pods-prefix
    spec:
      containers:
        - name: reserve-resources
          image: registry.k8s.io/pause

Creates 150 identical pods

Set the image to registry.k8s.io/pause which provides a lightweight container that consumes minimal resources

Apply the pause pod deployment and wait for it to be ready. It may take some time to spin up the 150 pods:

~$kubectl apply -k ~/environment/eks-workshop/modules/networking/prefix

deployment.apps/pause-pods-prefix created

~$kubectl wait --for=condition=available --timeout=60s deployment/pause-pods-prefix -n other

Check the pause pods are in a running state:

~$kubectl get deployment -n other

NAME                READY     UP-TO-DATE   AVAILABLE   AGE

pause-pods-prefix   150/150   150          150         101s

Once the pods are running successfully, we should be able to see the additional prefixes added to the worker nodes.

~$aws ec2 describe-instances --filters "Name=tag-key,Values=eks:cluster-name" "Name=tag-value,Values=${EKS_CLUSTER_NAME}" \

--query 'Reservations[*].Instances[].{InstanceId: InstanceId, Prefixes: NetworkInterfaces[].Ipv4Prefixes[]}'

This demonstrates how the VPC CNI dynamically provisions and attaches /28 prefixes to the ENI(s) as more pods are scheduled on a given node.