Skip to content

Commit

Permalink
eksctl: add note about failing netpol enforcement
Browse files Browse the repository at this point in the history
  • Loading branch information
@consideRatio
consideRatio committed Sep 10, 2024
1 parent 27f5ab2 commit c7d530e
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 0 deletions.
3 changes: 3 additions & 0 deletions eksctl/nmfs-openscapes.jsonnet
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,10 +91,13 @@ local daskNodes = [];
[
{
name: "vpc-cni",
# FIXME: network policy enforcement doesn't work, what's wrong
# isn't clear.
# configurationValues ref: https://github.com/aws/amazon-vpc-cni-k8s/blob/HEAD/charts/aws-vpc-cni/values.yaml
configurationValues: |||
enableNetworkPolicy: "true"
|||,
attachPolicyARNs: ["arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"],
},
{ name: "coredns" },
{ name: "kube-proxy" },
Expand Down
3 changes: 3 additions & 0 deletions eksctl/template.jsonnet
View file
Original file line number Diff line number Diff line change
Expand Up @@ -89,10 +89,13 @@ local daskNodes = [];
[
{
name: "vpc-cni",
# FIXME: network policy enforcement doesn't work, what's wrong
# isn't clear.
# configurationValues ref: https://github.com/aws/amazon-vpc-cni-k8s/blob/HEAD/charts/aws-vpc-cni/values.yaml
configurationValues: |||
enableNetworkPolicy: "true"
|||,
attachPolicyARNs: ["arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy"],
},
{ name: "coredns" },
{ name: "kube-proxy" },
Expand Down

0 comments on commit c7d530e

Please sign in to comment.