From 78df61b18d58242e641410ed627e8d6f773f5a6a Mon Sep 17 00:00:00 2001
From: Jeffrey Nelson <jdnelson@amazon.com>
Date: Fri, 29 Sep 2023 10:21:27 -0500
Subject: [PATCH] do not patch CNINode for custom networking unless podENI is
 enabled (#2591)

---
 pkg/ipamd/ipamd.go | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/pkg/ipamd/ipamd.go b/pkg/ipamd/ipamd.go
index 8883cf7718..5e832ad2d4 100644
--- a/pkg/ipamd/ipamd.go
+++ b/pkg/ipamd/ipamd.go
@@ -560,14 +560,16 @@ func (c *IPAMContext) nodeInit() error {
 
 		eniConfigName, err := eniconfig.GetNodeSpecificENIConfigName(node)
 		if err == nil && eniConfigName != "default" {
-			// Add the feature name to CNINode of this node
-			err := c.AddFeatureToCNINode(ctx, rcv1alpha1.CustomNetworking, eniConfigName)
-			if err != nil {
-				log.Errorf("Failed to add feature custom networking into CNINode", err)
-				podENIErrInc("nodeInit")
-				return err
+			// If Security Groups for Pods is enabled, the VPC Resource Controller must also know that Custom Networking is enabled
+			if c.enablePodENI {
+				err := c.AddFeatureToCNINode(ctx, rcv1alpha1.CustomNetworking, eniConfigName)
+				if err != nil {
+					log.Errorf("Failed to add feature custom networking into CNINode", err)
+					podENIErrInc("nodeInit")
+					return err
+				}
+				log.Infof("Enabled feature %s in CNINode for node %s if not existing", rcv1alpha1.CustomNetworking, c.myNodeName)
 			}
-			log.Infof("Enabled feature %s in CNINode for node %s if not existing", rcv1alpha1.CustomNetworking, c.myNodeName)
 		} else {
 			log.Errorf("No ENIConfig could be found for this node", err)
 		}