Skip to content

Commit

Permalink
Update readme
Browse files Browse the repository at this point in the history
  • Loading branch information
Claes Mogren authored and mogren committed Sep 17, 2020
1 parent 638c3ca commit 594d4e4
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -423,6 +423,19 @@ Default: `false`
To enable security groups for pods you need to have at least an EKS 1.17 eks.3 cluster. Setting `ENABLE_POD_ENI` to `true`
will add the `vpc.amazonaws.com/has-trunk-attached` label to the node if it is possible to attach an additional ENI.

---

`DISABLE_TCP_EARLY_DEMUX` (Since v1.7.3)

Type: Boolean as a String

Default: `false`

If `ENABLE_POD_ENI` is set to `true`, in order for the kubelet on the node to talk to pods using the per pod security group feature,
`DISABLE_TCP_EARLY_DEMUX` should be set to `true`. This will increase the local TCP connection latency slightly, that is why it is not
on by default. Details on why this is needed can be found in this [#1212 comment](https://github.com/aws/amazon-vpc-cni-k8s/pull/1212#issuecomment-693540666).


### ENI tags related to Allocation

This plugin interacts with the following tags on ENIs:
Expand Down

0 comments on commit 594d4e4

Please sign in to comment.