Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clean up aws-cni-support.sh and update the documentation. #320

Merged
merged 3 commits into from
Mar 6, 2019
Merged

Clean up aws-cni-support.sh and update the documentation. #320

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b022b27
Clean up aws-cni-support.sh and update the documentation.
Feb 11, 2019
eaa9c42
Merge branch 'master' into support-script-fixes
mogren Mar 5, 2019
27295dc
Update aws-cni-support.sh
mogren Mar 5, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/cni-proposal.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -189,7 +189,7 @@ curl http://169.254.169.254/latest/meta-data/network/interfaces/macs/0a:da:9d:51
Whenever L-IPAM daemon restarts (e.g. for upgrade reason), it also queries local Kubelet introspection service to get current running Pods information such as Pod Name, Pod Namespace and Pod IP address.

```
curl --stderr /dev/null http://localhost:10255/pods
kubectl get --raw=/api/v1/pods
```
With the information from these 2 sources, L-IPAM can build a warm-pool that contains all available secondary IP addresses on the instance.

Expand Down
66 changes: 38 additions & 28 deletions scripts/aws-cni-support.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
# Copyright 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"). You may
Expand All @@ -17,57 +17,67 @@
# Set language to C to make sorting consistent among different environments.
export LANG=C

set -e
set -euo pipefail
LOG_DIR="/var/log/aws-routed-eni"
mkdir -p ${LOG_DIR}

# collecting L-IPAMD introspection data
curl http://localhost:61678/v1/enis > ${LOG_DIR}/eni.output
curl http://localhost:61678/v1/pods > ${LOG_DIR}/pod.output
curl http://localhost:61678/v1/networkutils-env-settings > ${LOG_DIR}/networkutils-env.output
curl http://localhost:61678/v1/ipamd-env-settings > ${LOG_DIR}/ipamd-env.output
curl http://localhost:61678/v1/eni-configs > ${LOG_DIR}/eni-configs.output

# metrics TODO not able to use LOG_DIR
curl http://localhost:61678/metrics 2>&1 > /var/log/aws-routed-eni/metrics.output

# collecting kubelet introspection data
curl http://localhost:10255/pods > ${LOG_DIR}/kubelet.output
curl http://localhost:61678/v1/enis > ${LOG_DIR}/eni.out
curl http://localhost:61678/v1/pods > ${LOG_DIR}/pod.out
curl http://localhost:61678/v1/networkutils-env-settings > ${LOG_DIR}/networkutils-env.out
curl http://localhost:61678/v1/ipamd-env-settings > ${LOG_DIR}/ipamd-env.out
curl http://localhost:61678/v1/eni-configs > ${LOG_DIR}/eni-configs.out

# metrics
curl http://localhost:61678/metrics 2>&1 > ${LOG_DIR}/metrics.out

# Collecting kubelet introspection data
if [[ -n "${KUBECONFIG}" ]]; then
command -v kubectl > /dev/null && kubectl get --kubeconfig=${KUBECONFIG} --raw=/api/v1/pods > ${LOG_DIR}/kubelet.out
elif [[ -f /etc/systemd/system/kubelet.service ]]; then
KUBECONFIG=`grep kubeconfig /etc/systemd/system/kubelet.service | awk '{print $2}'`
command -v kubectl > /dev/null && kubectl get --kubeconfig=${KUBECONFIG} --raw=/api/v1/pods > ${LOG_DIR}/kubelet.out
elif [[ -f /etc/eksctl/kubeconfig.yaml ]]; then
command -v kubectl > /dev/null && kubectl get --kubeconfig=/etc/eksctl/kubeconfig.yaml --raw=/api/v1/pods > ${LOG_DIR}/kubelet.out
else
echo "======== Unable to find KUBECONFIG, IGNORING POD DATA ========="
fi

# ifconfig
ifconfig > ${LOG_DIR}/ifconig.output
ifconfig > ${LOG_DIR}/ifconfig.out

# ip rule show
ip rule show > ${LOG_DIR}/iprule.output
ip rule show > ${LOG_DIR}/iprule.out

# iptables-save
iptables-save > $LOG_DIR/iptables-save.out
iptables-save > ${LOG_DIR}/iptables-save.out

# iptables -nvL
iptables -nvL > $LOG_DIR/iptables.out
iptables -nvL > ${LOG_DIR}/iptables.out

# iptables -nvL -t nat
iptables -nvL -t nat > $LOG_DIR/iptables-nat.out
iptables -nvL -t nat > ${LOG_DIR}/iptables-nat.out

# iptables -nvL -t mangle
iptables -nvL -t mangle > $LOG_DIR/iptables-mangle.out
iptables -nvL -t mangle > ${LOG_DIR}/iptables-mangle.out

# dump cni config
mkdir -p $LOG_DIR/cni
cp /etc/cni/net.d/* $LOG_DIR/cni
mkdir -p ${LOG_DIR}/cni
cp /etc/cni/net.d/* ${LOG_DIR}/cni

# collect kubelet log
cp /var/log/messages $LOG_DIR/
cp /var/log/messages ${LOG_DIR}/

# dump out route table
ROUTE_OUTPUT="route.output"
echo "=============================================" >> ${LOG_DIR}/${ROUTE_OUTPUT}
echo "ip route show table all" >> $LOG_DIR/$ROUTE_OUTPUT
ip route show table all >> $LOG_DIR/$ROUTE_OUTPUT
ROUTE_OUTPUT=${LOG_DIR}/"route.out"
echo "=============================================" >> ${ROUTE_OUTPUT}
echo "ip route show table all" >> ${ROUTE_OUTPUT}
ip route show table all >> ${ROUTE_OUTPUT}

# dump relevant sysctls
echo "================== sysctls ==================" > ${LOG_DIR}/sysctls.out
for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
echo "$f = $(cat $f)" >> ${LOG_DIR}/sysctls.out
echo "$f = $(cat ${f})" >> ${LOG_DIR}/sysctls.out
done

tar -cvzf $LOG_DIR/aws-cni-support.tar.gz ${LOG_DIR}/
tar -cvzf ${LOG_DIR}/aws-cni-support.tar.gz ${LOG_DIR}/