Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update CNI plugin versions #3581

Merged
merged 1 commit into from
Feb 21, 2023
Merged

Update CNI plugin versions #3581

merged 1 commit into from
Feb 21, 2023

Conversation

yinyic
Copy link
Contributor

@yinyic yinyic commented Feb 20, 2023

Summary

Update submodules for CNI plugins to get the latest changes in.
Both CNI plugins have been updated to block container IMDS access over IPv6 when BlockIMDS is set (and ECS Agent sets it, if ECS_AWSVPC_BLOCK_IMDS env is set) .

Implementation details

Update both amazon-ecs-cni-plugins and amazon-vpc-cni-plugins to latest

Testing

New tests cover the changes: no

Tested new Agent image and verified that container IMDS traffic over IPv6 is blocked.

Description for the changelog

Update CNI plugin versions

Licensing

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@yinyic yinyic requested a review from a team as a code owner February 20, 2023 17:44
fierlion
fierlion approved these changes Feb 21, 2023
View reviewed changes
Copy link
Member

@fierlion fierlion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

aws/amazon-ecs-cni-plugins#110 <- I see that this is the main change pulled in. I know we rolled back the vpc-plugins but we didn't have a clear reason for that. Approving

@yinyic yinyic merged commit 7d2b6da into aws:dev Feb 21, 2023
@chienhanlin chienhanlin mentioned this pull request Feb 24, 2023
Closed
@YashdalfTheGray YashdalfTheGray mentioned this pull request Feb 25, 2023
Merged
@chienhanlin chienhanlin mentioned this pull request Mar 2, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fierlion fierlion fierlion approved these changes

@mythri-garaga mythri-garaga mythri-garaga approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@yinyic @fierlion @mythri-garaga @amazon-ecs-bot