Published by jaydeokar 30 days ago
Full Changelog: https://github.com/aws/aws-network-policy-agent/compare/v1.1.2...v1.1.3
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.4/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.4/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.4/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.4/config/master/aws-k8s-cni-cn.yaml
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.18.4/charts/aws-vpc-cni/README.md#installing-the-chart
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.18.4
amazon-k8s-cni:v1.18.4
amazon/aws-network-policy-agent:v1.1.3
None
.
in it's name to be reconciled by network policy (@zachdorame )kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.2/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.2/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.2/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.2/config/master/aws-k8s-cni-cn.yaml
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.18.2/charts/aws-vpc-cni/README.md#installing-the-chart
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.18.2
amazon-k8s-cni:v1.18.2
amazon/aws-network-policy-agent:v1.1.2
Published by jchen6585 6 months ago
None
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.1/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.1/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.1/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.18.1/config/master/aws-k8s-cni-cn.yaml
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.18.1/charts/aws-vpc-cni/README.md#installing-the-chart
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.18.1
amazon-k8s-cni:v1.18.1
amazon/aws-network-policy-agent:v1.1.1
Published by jaydeokar 7 months ago
Network Policy agent now supports a strict mode for network policy enforcement.
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.17.1/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.17.1/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.17.1/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.17.1/config/master/aws-k8s-cni-cn.yaml
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.17.1/charts/aws-vpc-cni/README.md#installing-the-chart
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.17.1
amazon-k8s-cni:v1.17.1
amazon/aws-network-policy-agent:v1.1.0
Published by jayanthvn 8 months ago
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.16.3/config/master/aws-k8s-cni-cn.yaml
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.16.3/charts/aws-vpc-cni/README.md#installing-the-chart
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.16.3
amazon-k8s-cni:v1.16.3
amazon/aws-network-policy-agent:v1.0.8
Published by jaydeokar 10 months ago
aws-eks-na-cli
where it fails to get loaded-ebpfdata (@jayanthvn )kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.5/config/master/aws-k8s-cni-cn.yaml
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.5/charts/aws-vpc-cni/README.md#installing-the-chart
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.5
amazon-k8s-cni:v1.15.5
amazon/aws-network-policy-agent:v1.0.7
Published by jayanthvn 11 months ago
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.4/config/master/aws-k8s-cni-cn.yaml
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.4/charts/aws-vpc-cni/README.md#installing-the-chart
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.4
amazon-k8s-cni:v1.15.4
amazon/aws-network-policy-agent:v1.0.6
Published by jayanthvn 12 months ago
As part of this release, we have increased the number of supported unique ports and protocol combination from 8 in IPv4 and 4 in IPv6 to 24 for both IPv4 and IPv6.
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.3/config/master/aws-k8s-cni-cn.yaml
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.3/charts/aws-vpc-cni/README.md#installing-the-chart
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.3
amazon-k8s-cni:v1.15.3
amazon/aws-network-policy-agent:v1.0.5
Thanks to all our contributors! 😊
Published by jayanthvn about 1 year ago
enable-policy-event-logs
, has been added: https://github.com/aws/aws-network-policy-agent#enable-policy-event-logs. This flag is set to "false" by default i.e, if you need access logs then it has to be turned on (set to "true").kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni.yaml
Note that the following regions use different manifests:
us-gov-east-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni-us-gov-east-1.yaml
us-gov-west-1:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni-us-gov-west-1.yaml
cn:
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/v1.15.1/config/master/aws-k8s-cni-cn.yaml
Follow the installation instructions in https://github.com/aws/amazon-vpc-cni-k8s/blob/v1.15.1/charts/aws-vpc-cni/README.md#installing-the-chart
$ kubectl describe daemonset aws-node -n kube-system | grep Image | cut -d "/" -f 2-3
amazon-k8s-cni-init:v1.15.1
amazon-k8s-cni:v1.15.1
amazon/aws-network-policy-agent:v1.0.4
Thanks to all our contributors! 😊
Published by jayanthvn about 1 year ago
aws-eks-nodeagent
container to address the race condition issue in SDK while generating access logshealthProbeBindAddr
& metricsBindAddr
) to make the metrics port configurable for aws-eks-nodeagent
. By default it now binds to port 8162
and 8163
Please refer to Amazon VPC CNI release notes for upgrade steps.
Published by achevuru about 1 year ago
Initial release of Amazon EKS Network Policy Agent. Network Policy Agent is a daemonset that is responsible for enforcing configured network policies on the cluster. Network policy support is a feature of the Amazon VPC CNI.
Network Policy Controller resolves the configured network policies and publishes the resolved endpoints via Custom CRD (PolicyEndpoints) resource. Network Policy agent derives the endpoints from PolicyEndpoint resources and enforces them via eBPF probes attached to pod's host Veth interface.
Starting with Amazon VPC CNI v1.14.0, Network Policy agent will be automatically installed. Review the instructions in the EKS User Guide.
Published by achevuru about 1 year ago
Alpha version of AWS Network Policy Agent