increase nodeadm network resilience

* increase retries and total retry window for imds client * set nodeadm config step to wait for `network-online`
awslabs · Mar 1, 2024 · f6b4f87 · f6b4f87
1 parent cfab22a
commit f6b4f87
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/nodeadm/internal/configprovider/userdata.go b/nodeadm/internal/configprovider/userdata.go
@@ -9,7 +9,9 @@ import (
 	"mime/multipart"
 	"net/mail"
 	"strings"
+	"time"
 
+	"github.com/aws/aws-sdk-go-v2/aws/retry"
 	"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
 	"github.com/awslabs/amazon-eks-ami/nodeadm/api"
 	internalapi "github.com/awslabs/amazon-eks-ami/nodeadm/internal/api"
@@ -29,7 +31,12 @@ type userDataConfigProvider struct {
 
 func NewUserDataConfigProvider() ConfigProvider {
 	return &userDataConfigProvider{
-		imdsClient: imds.New(imds.Options{}),
+		imdsClient: imds.New(imds.Options{
+			Retryer: retry.NewStandard(func(so *retry.StandardOptions) {
+				so.MaxAttempts = 15
+				so.MaxBackoff = 1 * time.Second
+			}),
+		}),
 	}
 }
 

diff --git a/templates/al2023/runtime/rootfs/etc/systemd/system/nodeadm-config.service b/templates/al2023/runtime/rootfs/etc/systemd/system/nodeadm-config.service
@@ -4,6 +4,11 @@ Documentation=https://github.com/awslabs/amazon-eks-ami
 # run before cloud-init, then user can still execute their
 # own workflows from ec2 userdata cloud-init scripts
 Before=cloud-init.service
+# wait on network availability before trying to pull configuration
+# because it requires communication with ec2 IMDS
+# see: https://systemd.io/NETWORK_ONLINE/
+After=network-online.target
+Wants=network-online.target
 
 [Service]
 Type=oneshot