Cilium operator doesn't release excess IPv4 CIDR block in AWS ENI when prefix delegation is enabled #32209
Description
Is there an existing issue for this?
- I have searched the existing issues
What happened?
In cilium operator, --aws-enable-prefix-delegation and --aws-release-excess-ips are enabled.
/28 IPv4 CIDR blocks are assigned to AWS ENI, it can assign multiple IPv4 blocks based on required IPs/pod numbers in the node. However, when pod number reduces in the node, excess IPv4 CIDR blocks are not released.
From source code, https://github.com/cilium/cilium/blame/198b79470687f7e9a7786e768be0c9ec032cf5f8/pkg/aws/ec2/ec2.go#L734 function UnassignENIPrefixes is never used.
I think #18463 added support for AWS ENI prefix delegation, but it didn't consider release excess IPv4 prefix.
Cilium Version
v1.12.3
Kernel Version
Linux 5.15.0-1022-aws 20.04.1-Ubuntu
Kubernetes Version
v1.23.5
Regression
No response
Sysdump
No response
Relevant log output
No response
Anything else?
No response
Cilium Users Document
- Are you a user of Cilium? Please add yourself to the Users doc
Code of Conduct
- I agree to follow this project's Code of Conduct