Release v1.7.3 Release · aws/amazon-vpc-cni-k8s

This is a patch release to address issue #1212 which affects clusters that use the AWS EKS Per Pod Security Group feature.

The only reason to use this version over v1.7.2 is to be able to turn off tcp_early_demux to unblock host TCP communication to pods on the same node using Per Pod SG, such as liveness/readiness checks. Using this version and setting DISABLE_TCP_EARLY_DEMUX to true in the initContainer config will slightly increase the latency for node local TCP connections.

This fix does NOT turn off tcp_early_demux by default since it is only needed when you need local TCP connectivity to pods using the security groups for pods on the same node.

Changes since v1.7.2

Bug - Add support to toggle TCP early demux (#1212, @SaranBalaji90)

If you want to apply this config to one of your clusters:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.3/config/v1.7/aws-k8s-cni.yaml

Verify the update:

kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2

amazon-k8s-cni-init:v1.7.3
amazon-k8s-cni:v1.7.3

To use version v1.7.3 of the cni-metrics-helper in a cluster:

kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.7.3/config/v1.7/cni-metrics-helper.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v1.7.3 Release