Dynamic ENI Management
The AWS Multi-ENI Controller automatically creates and attaches ENIs to nodes based on node labels. When a node matches the selector in a NodeENI resource, the controller creates an ENI in the specified subnet with the specified security groups and attaches it to the node at the specified device index.
This dynamic approach eliminates the need for complex infrastructure templates or manual ENI management, making it easier to deploy and manage multi-interface workloads on AWS.
Multi-Subnet Support
The controller can attach ENIs from different subnets to the same or different nodes. This is particularly useful for workloads that need to communicate with different VPCs or network segments.
Example configuration with multiple subnets:
apiVersion: networking.k8s.aws/v1alpha1
kind: NodeENI
metadata:
name: multi-subnet-nodeeni
spec:
nodeSelector:
ng: multi-eni
subnetNames:
- multus-test-subnet-1
- multus-test-subnet-2
securityGroupNames:
- multus-test-sg
deviceIndex: 2
mtu: 9001
deleteOnTermination: true
MTU Configuration
The controller supports configuring custom MTU values for ENIs, which is useful for enabling jumbo frames (9001 bytes) or other specialized network configurations.
This feature allows you to optimize network performance for specific workloads without having to modify the underlying infrastructure or use custom AMIs.
Proper Cleanup with Finalizers
The AWS Multi-ENI Controller uses Kubernetes finalizers to ensure ENIs are properly detached and deleted when they're no longer needed. This prevents orphaned ENIs in your AWS account and ensures clean resource management.
The controller also automatically detects and cleans up manually detached ENIs, preventing resource leakage and unnecessary AWS costs.
Consistent Device Indices
The controller maintains consistent device indices across all nodes, ensuring that network interfaces are always attached at the same device index. This is crucial for applications that rely on specific interface ordering.
When ENIs are detached and reattached, the controller preserves the device indices to ensure network interface order remains consistent, as applications may stop working if the order changes.
Subnet and Security Group Flexibility
The AWS Multi-ENI Controller supports both subnet IDs and subnet names (via AWS tags), as well as both security group IDs and security group names. This flexibility makes it easier to manage ENIs across different environments and AWS accounts.
Configurable Concurrency
The controller includes configuration options to optimize performance in larger deployments. You can control how many NodeENI resources can be reconciled in parallel and how many ENIs can be cleaned up in parallel.