Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hostPort is ignored within VPC CNI plugin #3079

Closed
nabeelpaytrix opened this issue Oct 18, 2024 · 3 comments
Closed

hostPort is ignored within VPC CNI plugin #3079

nabeelpaytrix opened this issue Oct 18, 2024 · 3 comments
Labels
bug

Comments

@nabeelpaytrix
Copy link

What happened:
I am using the Datadog Agent helm chart and I wish to configure it to expose a hostPort on each of the pods from the Datadog DaemonSet.
The port number is 8126, therefore I expect each node in my cluster to be listening on this port.

The port config within the DaemonSet is:

containers:
 - name: trace-agent
    ports:
    - containerPort: 8126
      hostPort: 8126
      name: traceport
      protocol: TCP

The Pods do indeed have this port listening within them, running netstat -tln within the pod shows the following:

Proto Recv-Q Send-Q Local Address           Foreign Address         State 
tcp6       0      0 :::8126                 :::*                    LISTEN

However the host is not exposing this same port, running netstat -tln within the Host does not show 8126 is listening.

What you expected to happen:
Both Pods and Host should be exposing this port.

How to reproduce it (as minimally and precisely as possible):

Enable a version v1.18.3-eksbuild.2 VPC CNI plugin within an version v1.29 AWS EKS cluster.

deploy the following nginx-pod.yml

apiVersion: v1
kind: Pod
metadata:
  name: nginx-hostport
  namespace: default
  labels:
    app: nginx
spec:
  containers:
  - name: nginx
    image: nginx
    ports:
    - containerPort: 8126
      hostPort: 8126
      protocol: TCP
    command: ["/bin/sh", "-c"]
    args:
    - |
      echo 'server {
              listen 8126;
              location / {
                  return 200 "Hello from Nginx running on port 8126!\n";
              }
            }' > /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'
  restartPolicy: Always

Observe that the host is not listening on port 8126, but the pod is.

Anything else we need to know?:

The aws-node DaemonSet pods do not display any errors related to the hostPort.

Environment:

  • Kubernetes version (use kubectl version): 1.29
  • CNI Version: v1.18.3-eksbuild.2
  • OS (e.g: cat /etc/os-release): Amazon Linux 2
  • Kernel (e.g. uname -a): Linux ip-x-x-x-x.eu-west-2.compute.internal 5.10.217-205.860.amzn2.x86_64 #1 SMP Tue May 21 16:52:24 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
@nabeelpaytrix nabeelpaytrix mentioned this issue Oct 18, 2024
Closed
@nabeelpaytrix
Copy link
Author

bump

@nabeelpaytrix
Copy link
Author

I upgraded the VPC CNI plugin (to v1.18.6-eksbuild.1) to a supported version for my Kubernetes version (1.29) and it appears to have resolved the issue: https://docs.aws.amazon.com/eks/latest/userguide/managing-vpc-cni.html

@github-actions GitHub Actions
Copy link

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nabeelpaytrix