Amazon-vpc-cni-k8s: Question: is amazon-vpc-cni-k8s stable enough to use in production?

Created on 13 Jul 2018  路  12Comments  路  Source: aws/amazon-vpc-cni-k8s

Is amazon-vpc-cni-k8s ready/stable enough for production or should I go with calico?

question

Most helpful comment

I'm not sure you can use a different CNI but am also wondering this myself given how abhorrent this CNI seems to be. The fact that there is absolutely no ability to configure flags on the control plane will likely make this impossible and is a huge shortcoming of EKS. IMO AWS should backtrack on their GA of EKS because it is not ready to be used.

All 12 comments

I'm not sure you can use a different CNI but am also wondering this myself given how abhorrent this CNI seems to be. The fact that there is absolutely no ability to configure flags on the control plane will likely make this impossible and is a huge shortcoming of EKS. IMO AWS should backtrack on their GA of EKS because it is not ready to be used.

My issue is I need a cluster that is in 3 AZ's and no NAT, if routing tables did not have a 50 route limit things would be simpler. Always interesting how constraints interact

Your best bet is to use GKE.

not possible

You should probably go with Calico, I've been playing around with EKS for a few days now and it is by far the most dysfunctional cluster I've seen. We're reverting back to kops and calico...

Thanks was looking at it, issue is it needs NAT across network segments which will be an issue

@GlennMR we would like to help and debug the issues you are encountering. Please describe the specific problems you are faced with.

@ms4720, with release 1.1, we added a feature which allows users to disable NAT for Pods. https://aws.amazon.com/blogs/opensource/vpc-cni-plugin-v1-1-available/ provides an overview on how this feature works.

Certainly a lot of people are getting the failed to setup network error from the CNI. I still see this error now and again with the v1.1.0 release although I haven't been able to reproduce it reliably. I have my doubts about this CNI being ready for production in it's current state.

@liwenwu-amazon when is v1.2.0 due and what changes are in this release? I saw in "AWS Roadmap Items of Interest" email it is due sometime soon.

@max-rocket-internet We expect the 1.2 within a couple of weeks. We've been tagging issues with the 1.2 milestone on this repo in order to provide visibility into the roadmap.

I hope the 1.2 version fixes the issue with dns in kops when using debian-stretch images and others.

Question answered.

Was this page helpful?
0 / 5 - 0 ratings