Collect more info about Amazon VPC CNI

When troubleshooting with Amazon VPC CNI, it is very depends on how Envs pass into container, if we could get Envs that would be helpful. ``` Environment: ADDITIONAL_ENI_TAGS: {} AWS_VPC_CNI_NODE_PORT_SUPPORT: true AWS_VPC_ENI_MTU: 9001 AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG: false AWS_VPC_K8S_CNI_EXTERNALSNAT: false AWS_VPC_K8S_CNI_LOGLEVEL: DEBUG AWS_VPC_K8S_CNI_LOG_FILE: /host/var/log/aws-routed-eni/ipamd.log AWS_VPC_K8S_CNI_RANDOMIZESNAT: prng AWS_VPC_K8S_CNI_VETHPREFIX: eni AWS_VPC_K8S_PLUGIN_LOG_FILE: /var/log/aws-routed-eni/plugin.log AWS_VPC_K8S_PLUGIN_LOG_LEVEL: DEBUG DISABLE_INTROSPECTION: false DISABLE_METRICS: false DISABLE_NETWORK_RESOURCE_PROVISIONING: false ENABLE_IPv4: true ENABLE_IPv6: false ENABLE_POD_ENI: false ENABLE_PREFIX_DELEGATION: false WARM_ENI_TARGET: 1 WARM_PREFIX_TARGET: 1 MY_NODE_NAME: (v1:spec.nodeName) ``` besides from these, with detailed info output, we can also tell if aws-node is running with a Service Account, and if IRSA is properly conofigured, which should benifits a lot for troubleshooting.
awslabs · Apr 2, 2023 · a279801 · a279801
1 parent d664255
commit a279801
Showing 1 changed file with 31 additions and 1 deletion.
diff --git a/log-collector-script/linux/eks-log-collector.sh b/log-collector-script/linux/eks-log-collector.sh
@@ -20,7 +20,7 @@ export LANG="C"
 export LC_ALL="C"
 
 # Global options
-readonly PROGRAM_VERSION="0.7.4"
+readonly PROGRAM_VERSION="0.7.5"
 readonly PROGRAM_SOURCE="https://github.com/awslabs/amazon-eks-ami/blob/master/log-collector-script/"
 readonly PROGRAM_NAME="$(basename "$0" .sh)"
 readonly PROGRAM_DIR="/opt/log-collector"
@@ -275,6 +275,7 @@ collect() {
   get_sysctls_info
   get_networking_info
   get_cni_config
+  get_cni_configuration_variables
   get_docker_logs
   get_sandboxImage_info
   get_cpu_throttled_processes
@@ -539,6 +540,35 @@ get_cni_config() {
   ok
 }
 
+get_cni_configuration_variables() {
+  # To get cni configuration variables, gather from the main container "amazon-k8s-cni"
+  # - https://github.com/aws/amazon-vpc-cni-k8s#cni-configuration-variables
+  try "collect CNI Configuration Variables from Docker"
+
+  # "docker container list" will only show "RUNNING" containers.
+  # "docker container inspect" will generate plain text output.
+  if [[ "$(pgrep -o dockerd)" -ne 0 ]]; then
+    timeout 75 docker container list | awk '/amazon-k8s-cni/{print$NF}' | xargs -n 1 docker container inspect > "${COLLECT_DIR}"/cni/cni-configuration-variables-dockerd.txt 2>&1 || echo -e "\tTimed out, ignoring \"cni configuration variables output \" "
+  else
+    warning "The Docker daemon is not running."
+  fi
+
+  try "collect CNI Configuration Variables from Containerd"
+
+  # "ctr container list" will list down all containers, including stopped ones.
+  # "ctr container info" will generate JSON format output.
+  if ! command -v ctr > /dev/null 2>&1; then
+    warning "ctr not installed"
+  else
+    # "ctr --namespace k8s.io container list" will return two containers
+    # - amazon-k8s-cni:v1.xx.yy
+    # - amazon-k8s-cni-init:v1.xx.yy
+    timeout 75 ctr --namespace k8s.io container list | awk '/amazon-k8s-cni:v/{print$1}' | xargs -n 1 ctr --namespace k8s.io container info > "${COLLECT_DIR}"/cni/cni-configuration-variables-containerd.json 2>&1 || echo -e "\tTimed out, ignoring \"cni configuration variables output \" "
+  fi
+
+  ok
+}
+
 get_pkgtype() {
   if [[ "$(command -v rpm)" ]]; then
     PACKAGE_TYPE=rpm