From c0c8a08c936294d0a9f5ad70fa6e32b2e2bb5a09 Mon Sep 17 00:00:00 2001 From: Yash Thakkar Date: Fri, 1 Aug 2025 19:35:39 -0700 Subject: [PATCH 1/4] removing security group limit of 5 from crd (#583) --- .../v1beta1/securitygrouppolicy_types.go | 1 - .../bases/vpcresources.k8s.aws_cninodes.yaml | 2 +- ...sources.k8s.aws_securitygrouppolicies.yaml | 3 +-- config/rbac/role.yaml | 25 +++++++------------ hack/toolchain.sh | 2 +- 5 files changed, 12 insertions(+), 21 deletions(-) diff --git a/apis/vpcresources/v1beta1/securitygrouppolicy_types.go b/apis/vpcresources/v1beta1/securitygrouppolicy_types.go index b929dcf5..8d97e45b 100644 --- a/apis/vpcresources/v1beta1/securitygrouppolicy_types.go +++ b/apis/vpcresources/v1beta1/securitygrouppolicy_types.go @@ -30,7 +30,6 @@ type SecurityGroupPolicySpec struct { type GroupIds struct { // Groups is the list of EC2 Security Groups Ids that need to be applied to the ENI of a Pod. // +kubebuilder:validation:MinItems=1 - // +kubebuilder:validation:MaxItems=5 Groups []string `json:"groupIds,omitempty"` } diff --git a/config/crd/bases/vpcresources.k8s.aws_cninodes.yaml b/config/crd/bases/vpcresources.k8s.aws_cninodes.yaml index 6e152e15..a0e34c91 100644 --- a/config/crd/bases/vpcresources.k8s.aws_cninodes.yaml +++ b/config/crd/bases/vpcresources.k8s.aws_cninodes.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.18.0 name: cninodes.vpcresources.k8s.aws spec: group: vpcresources.k8s.aws diff --git a/config/crd/bases/vpcresources.k8s.aws_securitygrouppolicies.yaml b/config/crd/bases/vpcresources.k8s.aws_securitygrouppolicies.yaml index 31ce7edc..a037bddc 100644 --- a/config/crd/bases/vpcresources.k8s.aws_securitygrouppolicies.yaml +++ b/config/crd/bases/vpcresources.k8s.aws_securitygrouppolicies.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.18.0 name: securitygrouppolicies.vpcresources.k8s.aws spec: group: vpcresources.k8s.aws @@ -105,7 +105,6 @@ spec: need to be applied to the ENI of a Pod. items: type: string - maxItems: 5 minItems: 1 type: array type: object diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 1b4cc980..81406841 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -12,19 +12,11 @@ rules: - create - patch - update -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - patch - - watch - apiGroups: - "" resources: - nodes + - serviceaccounts verbs: - get - list @@ -39,10 +31,11 @@ rules: - apiGroups: - "" resources: - - serviceaccounts + - pods verbs: - get - list + - patch - watch - apiGroups: - crd.k8s.amazonaws.com @@ -80,21 +73,21 @@ metadata: namespace: kube-system rules: - apiGroups: - - apps + - "" resourceNames: - - vpc-resource-controller + - amazon-vpc-cni resources: - - deployments + - configmaps verbs: - get - list - watch - apiGroups: - - "" + - apps resourceNames: - - amazon-vpc-cni + - vpc-resource-controller resources: - - configmaps + - deployments verbs: - get - list diff --git a/hack/toolchain.sh b/hack/toolchain.sh index 1b8be6a3..41d706ca 100755 --- a/hack/toolchain.sh +++ b/hack/toolchain.sh @@ -11,7 +11,7 @@ main() { tools() { go install sigs.k8s.io/controller-runtime/tools/setup-envtest@v0.0.0-20230216140739-c98506dc3b8e - go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.14.0 + go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.18.0 go install github.com/google/ko@latest if ! echo "$PATH" | grep -q "${GOPATH:-undefined}/bin\|$HOME/go/bin"; then From e6f6aef7573911d62434e12a56180ff227b19e0b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 Aug 2025 00:30:18 +0000 Subject: [PATCH 2/4] Bump github.com/aws/smithy-go from 1.22.4 to 1.22.5 Bumps [github.com/aws/smithy-go](https://github.com/aws/smithy-go) from 1.22.4 to 1.22.5. - [Release notes](https://github.com/aws/smithy-go/releases) - [Changelog](https://github.com/aws/smithy-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/smithy-go/compare/v1.22.4...v1.22.5) --- updated-dependencies: - dependency-name: github.com/aws/smithy-go dependency-version: 1.22.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 7333cf05..2b7704cf 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/autoscaling v1.52.1 github.com/aws/aws-sdk-go-v2/service/ec2 v1.207.1 github.com/aws/aws-sdk-go-v2/service/sts v1.34.0 - github.com/aws/smithy-go v1.22.4 + github.com/aws/smithy-go v1.22.5 github.com/go-logr/logr v1.4.2 github.com/go-logr/zapr v1.3.0 github.com/golang/mock v1.6.0 diff --git a/go.sum b/go.sum index daddab18..8fda7065 100644 --- a/go.sum +++ b/go.sum @@ -32,8 +32,8 @@ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.3 h1:BpOxT3yhLwSJ77qIY3DoHAQj github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.3/go.mod h1:vq/GQR1gOFLquZMSrxUK/cpvKCNVYibNyJ1m7JrU88E= github.com/aws/aws-sdk-go-v2/service/sts v1.34.0 h1:NFOJ/NXEGV4Rq//71Hs1jC/NvPs1ezajK+yQmkwnPV0= github.com/aws/aws-sdk-go-v2/service/sts v1.34.0/go.mod h1:7ph2tGpfQvwzgistp2+zga9f+bCjlQJPkPUmMgDSD7w= -github.com/aws/smithy-go v1.22.4 h1:uqXzVZNuNexwc/xrh6Tb56u89WDlJY6HS+KC0S4QSjw= -github.com/aws/smithy-go v1.22.4/go.mod h1:t1ufH5HMublsJYulve2RKmHDC15xu1f26kHCp/HgceI= +github.com/aws/smithy-go v1.22.5 h1:P9ATCXPMb2mPjYBgueqJNCA5S9UfktsW0tTxi+a7eqw= +github.com/aws/smithy-go v1.22.5/go.mod h1:t1ufH5HMublsJYulve2RKmHDC15xu1f26kHCp/HgceI= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= From 8e9d914a143ce123c1fe0378f21ccf44a85f5214 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 Aug 2025 00:21:49 +0000 Subject: [PATCH 3/4] Bump gomodules.xyz/jsonpatch/v2 from 2.4.0 to 2.5.0 Bumps [gomodules.xyz/jsonpatch/v2](https://github.com/gomodules/jsonpatch) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/gomodules/jsonpatch/releases) - [Changelog](https://github.com/gomodules/jsonpatch/blob/release-2.0/CHANGELOG.md) - [Commits](https://github.com/gomodules/jsonpatch/compare/v2.4.0...v2.5.0) --- updated-dependencies: - dependency-name: gomodules.xyz/jsonpatch/v2 dependency-version: 2.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 2b7704cf..d55eaac3 100644 --- a/go.mod +++ b/go.mod @@ -29,7 +29,7 @@ require ( go.uber.org/zap v1.27.0 golang.org/x/sync v0.13.0 golang.org/x/time v0.11.0 - gomodules.xyz/jsonpatch/v2 v2.4.0 + gomodules.xyz/jsonpatch/v2 v2.5.0 k8s.io/api v0.33.0 k8s.io/apimachinery v0.33.0 k8s.io/client-go v0.33.0 diff --git a/go.sum b/go.sum index 8fda7065..44035d8c 100644 --- a/go.sum +++ b/go.sum @@ -215,8 +215,8 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= -gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= +gomodules.xyz/jsonpatch/v2 v2.5.0 h1:JELs8RLM12qJGXU4u/TO3V25KW8GreMKl9pdkk14RM0= +gomodules.xyz/jsonpatch/v2 v2.5.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From 5d3622c4ee3a44ab1471d21701765e18f44a33bf Mon Sep 17 00:00:00 2001 From: Yash Thakkar Date: Mon, 4 Aug 2025 11:27:58 -0700 Subject: [PATCH 4/4] updating supported instance (#588) --- pkg/aws/vpc/limits.go | 77 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 76 insertions(+), 1 deletion(-) diff --git a/pkg/aws/vpc/limits.go b/pkg/aws/vpc/limits.go index 51ed4afc..f7e38a56 100644 --- a/pkg/aws/vpc/limits.go +++ b/pkg/aws/vpc/limits.go @@ -17,7 +17,7 @@ // so we can get this information at runtime. // Code generated by go generate; DO NOT EDIT. -// This file was generated at 2025-07-24T22:10:56Z +// This file was generated at 2025-08-04T00:43:48Z // WARNING: please add @ellistarn, @bwagner5, or @jonathan-innis from aws/karpenter to reviewers // if you are updating this file since Karpenter is depending on this file to calculate max pods. @@ -4310,6 +4310,66 @@ var Limits = map[string]*VPCLimits{ Hypervisor: "nitro", IsBareMetal: false, }, + "g6f.2xlarge": { + Interface: 4, + IPv4PerInterface: 15, + IsTrunkingCompatible: true, + BranchInterface: 38, + DefaultNetworkCardIndex: 0, + NetworkCards: []NetworkCard{ + { + MaximumNetworkInterfaces: 4, + NetworkCardIndex: 0, + }, + }, + Hypervisor: "nitro", + IsBareMetal: false, + }, + "g6f.4xlarge": { + Interface: 8, + IPv4PerInterface: 30, + IsTrunkingCompatible: true, + BranchInterface: 54, + DefaultNetworkCardIndex: 0, + NetworkCards: []NetworkCard{ + { + MaximumNetworkInterfaces: 8, + NetworkCardIndex: 0, + }, + }, + Hypervisor: "nitro", + IsBareMetal: false, + }, + "g6f.large": { + Interface: 2, + IPv4PerInterface: 10, + IsTrunkingCompatible: true, + BranchInterface: 10, + DefaultNetworkCardIndex: 0, + NetworkCards: []NetworkCard{ + { + MaximumNetworkInterfaces: 2, + NetworkCardIndex: 0, + }, + }, + Hypervisor: "nitro", + IsBareMetal: false, + }, + "g6f.xlarge": { + Interface: 4, + IPv4PerInterface: 15, + IsTrunkingCompatible: true, + BranchInterface: 18, + DefaultNetworkCardIndex: 0, + NetworkCards: []NetworkCard{ + { + MaximumNetworkInterfaces: 4, + NetworkCardIndex: 0, + }, + }, + Hypervisor: "nitro", + IsBareMetal: false, + }, "gr6.4xlarge": { Interface: 8, IPv4PerInterface: 30, @@ -4340,6 +4400,21 @@ var Limits = map[string]*VPCLimits{ Hypervisor: "nitro", IsBareMetal: false, }, + "gr6f.4xlarge": { + Interface: 8, + IPv4PerInterface: 30, + IsTrunkingCompatible: true, + BranchInterface: 54, + DefaultNetworkCardIndex: 0, + NetworkCards: []NetworkCard{ + { + MaximumNetworkInterfaces: 8, + NetworkCardIndex: 0, + }, + }, + Hypervisor: "nitro", + IsBareMetal: false, + }, "h1.16xlarge": { Interface: 8, IPv4PerInterface: 50,