Is there an easy way to select Only Trunk-Compatible Instance Types in a Karpenter NodePool #2608
Unanswered
3issa13480
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello,
I’m currently configuring Karpenter with Security Groups for Pods enabled. In this setup, only instance types that support ENI trunking can host pods using secondary security groups.
However, I haven’t found an easy way to make Karpenter automatically select only trunk-compatible instance types in a NodePool. At the moment, it seems the only option is to manually maintain an allow-list of compatible instance types, but this approach is hard to scale and error-prone.
Is there a native mechanism (e.g., constraint, label, or instance capability selector) to have Karpenter automatically filter instance types based on their trunking compatibility?
For context:
I’m aware that the amazon-vpc-resource-controller-k8s defines trunking capability per instance type (see pkg/aws/vpc/limits.go ).
My goal is to reuse this logic (or similar metadata) so that Karpenter can dynamically exclude non-trunk-compatible instance types when provisioning nodes for workloads that rely on security groups for pods.
Could you please confirm whether this feature exists or if there’s a planned enhancement to expose trunking support as a filterable capability in Karpenter?
Thank you very much for your time and clarification.
3issa Al Msirdi
Beta Was this translation helpful? Give feedback.
All reactions