Skip to content

Set MACAddressPolicy=none for AWS VPC CNI on AL2023#17933

Merged
k8s-ci-robot merged 1 commit intokubernetes:masterfrom
rifelpet:vpc-cni-al2023-2
Feb 8, 2026
Merged

Set MACAddressPolicy=none for AWS VPC CNI on AL2023#17933
k8s-ci-robot merged 1 commit intokubernetes:masterfrom
rifelpet:vpc-cni-al2023-2

Conversation

@rifelpet
Copy link
Copy Markdown
Member

@rifelpet rifelpet commented Feb 7, 2026

This configuration has been failing cluster validation:

https://prow.k8s.io/view/gs/kubernetes-ci-logs/logs/e2e-kops-grid-amazonvpc-al2023-k35/2019554270835118080

non-hostnetwork pods are losing their ability to reach the k8s api service ip:

https://storage.googleapis.com/kubernetes-ci-logs/logs/e2e-kops-grid-amazonvpc-al2023-k35/2019554270835118080/artifacts/cluster-info/kube-system/ebs-csi-node-k4d9w/ebs-plugin.previous.log

E0205 23:58:26.469795       1 metadata.go:81] "Retrieving Kubernetes metadata failed" err="error getting Node i-05a3089380c826a18: Get \"https://100.64.0.1:443/api/v1/nodes/i-05a3089380c826a18\": dial tcp 100.64.0.1:443: i/o timeout"
E0205 23:58:26.469840       1 main.go:175] "Failed to initialize metadata when it is required" err="all specified --metadata-sources '[imds kubernetes]' are unavailable"

after they initially succeed. This is because systemd-networkd is overwriting the VPC CNI's routes. More context here. We originally had this file set for AL2023 but I removed it in #17867 thinking it wasn't needed. After some local testing I confirmed that both are needed.

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Feb 7, 2026
@k8s-ci-robot k8s-ci-robot requested review from hakman and zetaab February 7, 2026 22:10
@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 8, 2026
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Feb 8, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hakman

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 8, 2026
@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented Feb 8, 2026

@rifelpet: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-kops-e2e-k8s-gce-cilium 70806fc link unknown /test pull-kops-e2e-k8s-gce-cilium

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@rifelpet
Copy link
Copy Markdown
Member Author

rifelpet commented Feb 8, 2026

/retest

@k8s-ci-robot k8s-ci-robot merged commit 4bfe8a5 into kubernetes:master Feb 8, 2026
25 of 26 checks passed
@k8s-ci-robot k8s-ci-robot added this to the v1.36 milestone Feb 8, 2026
@rifelpet rifelpet mentioned this pull request Feb 8, 2026
Merged
k8s-ci-robot added a commit that referenced this pull request Feb 8, 2026
@k8s-ci-robot
Merge pull request #17935 from rifelpet/automated-cherry-pick-of-#17867-
f6c69bb 
#17882-#17933-origin-release-1.34

Automated cherry pick of #17867: Use a different systemd-networkd configuration for AL2023
#17882: Disable cloud-init network hotplug on Ubuntu 24.04 for Cilium and Ama…
#17933: Set MACAddressPolicy=none for AWS VPC CNI on AL2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hakman hakman hakman approved these changes

@zetaab zetaab Awaiting requested review from zetaab

Assignees

@hakman hakman

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. area/nodeup cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Milestone

v1.36

Development

Successfully merging this pull request may close these issues.

3 participants

@rifelpet @k8s-ci-robot @hakman