-
Notifications
You must be signed in to change notification settings - Fork 726
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow setting of EC2 Security group connection tracking configurable idle timeouts in AWS VPC CNI #2677
Comments
For whomever works on this, ENI options are specified on create here: https://github.com/aws/amazon-vpc-cni-k8s/blob/master/pkg/awsutils/awsutils.go#L786 The data-structure chain from
|
I would like to try and implement this, any guidance is highly appreciated as this is my first issue |
@bawejahritik thank you for the offer! We are currently discussing internally when to pick this up, as we want to limit the number of new environment variables that we introduce until we have a chance to clean existing ones up. |
Thank you for your response, is there anything else I can work on which is a good first issue? Would love to contribute |
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days |
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 14 days |
@jdn5126 Any news regarding AWS internal decision? |
@youwalther65 I no longer work for AWS, so I cannot answer this |
cc: @orsenthil |
No news yet. this is desirable feature that we will bring it up for prioritization. |
What would you like to be added:
AWS just released EC2 Security group connection tracking adds support for configurable idle timeouts.
Modifying these parameters requires EC2 API calls. It would be great if AWS VPC CNI can automatically implement custom configuration of these idle timeouts for newly provisioned ENI, it manages.
Why is this needed:
Avoid conntrack (connection tracking) issues leading to paket loss etc.
The text was updated successfully, but these errors were encountered: