Get support
Troubleshooting
AWS troubleshooting

AWS troubleshooting

ℹ️
If you need the account id for our AMI please contact support@edera.dev

AWS debugging utilities

Get EKS node AMI & Edera version 

edera_aws_node_version() {
  NODES=( $(kubectl get nodes --no-headers | awk '{print $1}') )
  echo "Fetching AWS image data..."
  IMAGE_DATA=$(aws ec2 describe-images --owners <account_id>  --query 'Images | sort_by(@, &CreationDate) | reverse(@) | [*].[ImageId, Name, State, CreationDate]'     --output table)

  for NODE in "${NODES[@]}"; do
    NODE_AMI=$(kubectl get node "$NODE" -o json | jq -r '.metadata.labels["eks.amazonaws.com/nodegroup-image"]')
    EDERA_PROTECT_VERSION=$(echo "$IMAGE_DATA" | grep "$NODE_AMI" | awk '{print $3}')
    echo "Node: $NODE | AMI: $NODE_AMI | Edera: $EDERA_PROTECT_VERSION"
  done
}

List AMIs 

aws ec2 describe-images --filters Name=name,Values="*edera*" --query 'Images[*].[ImageId,Name,CreationDate]' --output table

Runtime not detected

Check for the RuntimeClass

  1. Check that the RuntimeClass exists:

    kubectl get runtimeclass

  2. Ensure pod spec includes:

    spec:
  runtimeClassName: edera

If kubelet isn’t detecting the Edera runtime, you may be missing the required CRI socket configuration.

Set the container-runtime-endpoint

ℹ️
The below should be used for debugging purposes only.

  1. Edit the kubelet config on the node:

    sudo vi /etc/systemd/system/kubelet.service.d/10-kubelet-args.conf

  2. Add to the KUBELET_ARGS line:

    --container-runtime-endpoint=unix:///var/lib/edera/protect/cri.socket

  3. Apply changes:

    sudo systemctl daemon-reexec
sudo systemctl daemon-reload
sudo systemctl restart kubelet

  4. Confirm runtime is in use:

    ps aux | grep kubelet | grep edera 
kubectl get nodes -o wide
Last updated on