I'm having some issues trying to switch from vpc-cni and kube-proxy to using Cilium CNI with kubeproxyreplacement set to true in my EKS setup through Terraform. I attempted to remove both the proxy and the CNI, but I keep getting timeouts from the EKS API. By the way, I'm working with Cilium version 1.17.x. Any advice?
3 Answers
Yes, I’m using Cilium with kube-proxy replacement without any problem. If you share your Helm values, I can help you troubleshoot. Also, can you clarify what steps you're taking to remove kube-proxy? It would help to understand your process better.
If you're using Terraform, try setting the environment variable TG_LOG to debug. This should give you more detailed info about what’s going wrong with your setup.
You might want to look into CNI chaining. While it doesn't address your exact question, it could be beneficial. This way, you can leverage both vpc-cni's features like security groups and Cilium's benefits like network policies and monitoring. Check out the Cilium docs for more info!
Sure, I'll give that a try!
It's not an issue with creation using Terraform; it’s more about configuring Cilium and EKS.