From dae464ea9a631fd98cc07b21c46ef49a58b25bed Mon Sep 17 00:00:00 2001 From: Claes Mogren Date: Mon, 11 Feb 2019 13:54:02 -0800 Subject: [PATCH] Clean up aws-cni-support.sh and update the documentation. * Standardized on .out for output * Create log directory if it doesn't exist * Stop referencing `localhost:10255` * Consistent parameter substitution Fixes #285 and #311 (cherry picked from commit ddbb0658b8881b83638f53ddde6fe80c489c4097) --- docs/cni-proposal.md | 2 +- scripts/aws-cni-support.sh | 66 ++++++++++++++++++++++---------------- 2 files changed, 39 insertions(+), 29 deletions(-) diff --git a/docs/cni-proposal.md b/docs/cni-proposal.md index 3c4277e8c0f..9573d9ee646 100644 --- a/docs/cni-proposal.md +++ b/docs/cni-proposal.md @@ -189,7 +189,7 @@ curl http://169.254.169.254/latest/meta-data/network/interfaces/macs/0a:da:9d:51 Whenever L-IPAM daemon restarts (e.g. for upgrade reason), it also queries local Kubelet introspection service to get current running Pods information such as Pod Name, Pod Namespace and Pod IP address. ``` -curl --stderr /dev/null http://localhost:10255/pods +kubectl get --raw=/api/v1/pods ``` With the information from these 2 sources, L-IPAM can build a warm-pool that contains all available secondary IP addresses on the instance. diff --git a/scripts/aws-cni-support.sh b/scripts/aws-cni-support.sh index b62a05ff3b2..fa6630acf4b 100755 --- a/scripts/aws-cni-support.sh +++ b/scripts/aws-cni-support.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash # Copyright 2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"). You may @@ -17,57 +17,67 @@ # Set language to C to make sorting consistent among different environments. export LANG=C -set -e +set -euo pipefail LOG_DIR="/var/log/aws-routed-eni" +mkdir -p ${LOG_DIR} # collecting L-IPAMD introspection data -curl http://localhost:61678/v1/enis > ${LOG_DIR}/eni.output -curl http://localhost:61678/v1/pods > ${LOG_DIR}/pod.output -curl http://localhost:61678/v1/networkutils-env-settings > ${LOG_DIR}/networkutils-env.output -curl http://localhost:61678/v1/ipamd-env-settings > ${LOG_DIR}/ipamd-env.output -curl http://localhost:61678/v1/eni-configs > ${LOG_DIR}/eni-configs.output - -# metrics TODO not able to use LOG_DIR -curl http://localhost:61678/metrics 2>&1 > /var/log/aws-routed-eni/metrics.output - -# collecting kubelet introspection data -curl http://localhost:10255/pods > ${LOG_DIR}/kubelet.output +curl http://localhost:61678/v1/enis > ${LOG_DIR}/eni.out +curl http://localhost:61678/v1/pods > ${LOG_DIR}/pod.out +curl http://localhost:61678/v1/networkutils-env-settings > ${LOG_DIR}/networkutils-env.out +curl http://localhost:61678/v1/ipamd-env-settings > ${LOG_DIR}/ipamd-env.out +curl http://localhost:61678/v1/eni-configs > ${LOG_DIR}/eni-configs.out + +# metrics +curl http://localhost:61678/metrics 2>&1 > ${LOG_DIR}/metrics.out + +# Collecting kubelet introspection data +if [[ -v "KUBECONFIG" ]]; then + command -v kubectl > /dev/null && kubectl get --kubeconfig=${KUBECONFIG} --raw=/api/v1/pods > ${LOG_DIR}/kubelet.out +elif [[ -f /etc/systemd/system/kubelet.service ]]; then + KUBECONFIG=`grep kubeconfig /etc/systemd/system/kubelet.service | awk '{print $2}'` + command -v kubectl > /dev/null && kubectl get --kubeconfig=${KUBECONFIG} --raw=/api/v1/pods > ${LOG_DIR}/kubelet.out +elif [[ -f /etc/eksctl/kubeconfig.yaml ]]; then + command -v kubectl > /dev/null && kubectl get --kubeconfig=/etc/eksctl/kubeconfig.yaml --raw=/api/v1/pods > ${LOG_DIR}/kubelet.out +else + echo "======== Unable to find KUBECONFIG, IGNORING POD DATA =========" +fi # ifconfig -ifconfig > ${LOG_DIR}/ifconig.output +ifconfig > ${LOG_DIR}/ifconfig.out # ip rule show -ip rule show > ${LOG_DIR}/iprule.output +ip rule show > ${LOG_DIR}/iprule.out # iptables-save -iptables-save > $LOG_DIR/iptables-save.out +iptables-save > ${LOG_DIR}/iptables-save.out # iptables -nvL -iptables -nvL > $LOG_DIR/iptables.out +iptables -nvL > ${LOG_DIR}/iptables.out # iptables -nvL -t nat -iptables -nvL -t nat > $LOG_DIR/iptables-nat.out +iptables -nvL -t nat > ${LOG_DIR}/iptables-nat.out # iptables -nvL -t mangle -iptables -nvL -t mangle > $LOG_DIR/iptables-mangle.out +iptables -nvL -t mangle > ${LOG_DIR}/iptables-mangle.out # dump cni config -mkdir -p $LOG_DIR/cni -cp /etc/cni/net.d/* $LOG_DIR/cni +mkdir -p ${LOG_DIR}/cni +cp /etc/cni/net.d/* ${LOG_DIR}/cni # collect kubelet log -cp /var/log/messages $LOG_DIR/ +cp /var/log/messages ${LOG_DIR}/ # dump out route table -ROUTE_OUTPUT="route.output" -echo "=============================================" >> ${LOG_DIR}/${ROUTE_OUTPUT} -echo "ip route show table all" >> $LOG_DIR/$ROUTE_OUTPUT -ip route show table all >> $LOG_DIR/$ROUTE_OUTPUT +ROUTE_OUTPUT=${LOG_DIR}/"route.out" +echo "=============================================" >> ${ROUTE_OUTPUT} +echo "ip route show table all" >> ${ROUTE_OUTPUT} +ip route show table all >> ${ROUTE_OUTPUT} # dump relevant sysctls echo "================== sysctls ==================" > ${LOG_DIR}/sysctls.out for f in /proc/sys/net/ipv4/conf/{all,default,eth0}/rp_filter; do - echo "$f = $(cat $f)" >> ${LOG_DIR}/sysctls.out + echo "$f = $(cat ${f})" >> ${LOG_DIR}/sysctls.out done -tar -cvzf $LOG_DIR/aws-cni-support.tar.gz ${LOG_DIR}/ +tar -cvzf ${LOG_DIR}/aws-cni-support.tar.gz ${LOG_DIR}/