Amazon EKS requires legacy iptables
Issue
- Amazon EKS requires legacy iptables which is not available on RHEL 8 anymore
- Using AWS Elastic Kubernetes Service (EKS) with
amazon-vpc-cni-k8swhich requires theiptableskernel module - iptables are not working as expected with AWS EKS
vpc-cni - We can not add
ip_tablesiptable_natiptable_manglemodules as required by AWS EKSvpc-cni - amazon-vpc-cni-k8s GitHub Issue #1847 - IPAMD fails to start
- amazon-vpc-cni-k8s GitHub Issue #2373 - AWS CNI failed to add chain rule for each CIDR in VPC with nf_tables mode
Environment
- Red Hat Enterprise Linux 8 and later
- Amazon Elastic Kubernetes Service (EKS)
amazon-vpc-cni-k8snetwork plugin- Legacy iptables firewall
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
