Preventing EKS Node Lease Leakage for Smoother Cluster Operation

2 minute read

Content level: Advanced

EKS Node Lease Leakage

In the ever-evolving realm of Kubernetes, managing resources can pose unforeseen challenges. Lately, a perplexing issue has garnered global attention among Kubernetes user - the unexplained surge in node lease objects within the 'kube-node-lease' namespace.

If you've ever scratched your head over this, read on, because we've delved into the heart of the problem and found solutions that can benefit Kubernetes users worldwide.

Understanding the Landscape:

Following are the key components involved:

Leases Component: In Kubernetes, leases are used for critical functions like node heartbeats and leader election. They play a crucial role in keeping the cluster in sync and functioning smoothly.
Garbage Collector: Kubernetes employs a Garbage Collector to clean up cluster resources, ensuring efficient resource usage and maintaining cluster health.
Owner References: Dependent objects have an “ownerReferences” field that establishes relationships with their parent objects. This field is pivotal for garbage collection and object adoption.

Problem Statement:

Customers running EKS cluster notices a constant increase in node lease objects. What's peculiar is that these leaked leases lack an “ OwnerReference”. This behavior is not by design but rather a result of a Kubernetes bug.

Reproduce the issue:

Create an EKS cluster with worker nodes
Delete the worker node object (while keeping kubelet and node running), watch as the Garbage Collector removes the lease object.

But here's the catch, kubernetes backend logic will create a new lease object without an OwnerRef. This cycle results in a spike in lease objects visible in monitoring tools (CloudWatch/DataDog/NewRelic/others)

Mitigating the Problem:

Now that we've unveiled the mystery, let's explore solutions:

Manual Cleanup: For those not using Karpenter, a manual cleanup approach involves removing leaked leases using the following command:

kubectl get lease -n kube-node-lease -o json | jq -r '.items | map(select(.metadata.ownerReferences == null ) | .metadata.name) | .[]' | xargs -n 10kubectl delete lease -n kube-node-lease

Karpenter Integration: EKS with Karpenter now includes a controller to handle node lease garbage collection, providing a solution until the upstream bug is resolved.

References:

https://github.com/kubernetes/kubernetes/issues/109777
https://github.com/aws/karpenter/issues/4363
Karpenter controller to fix node leakage issue: https://github.com/aws/karpenter-core/pull/471

Co-Author :

Topics

Containers Compute

Relevant content

Kubernetes à la Parisienne: AWS at KubeCon EU 2024 recap
EXPERT
chrpotr
published a month ago
Building the Ideal Kubernetes Development Environment for Your Organization’s Developers
EXPERT
Mina Gobrial - OptimeCloud
published a month ago
Amazon EKS and Kubernetes sessions at AWS re:Invent 2023
EXPERT
chrpotr
published 5 months ago
Operations performed during a mandatory EKS Cluster version update
Accepted Answer
dennis_l
asked a year ago
Adding Nodes in EKS getting >>nodecreationfailure eks - Nodes instances failed to join the kubernetes cluster
Accepted Answer
AWS-User-8127861
asked 2 years ago
EKS cluster and Self-Managed Nodes
Ravi
asked 5 months ago
How do I resolve managed node group errors in an Amazon EKS cluster?
AWS OFFICIALUpdated 3 months ago
How can I troubleshoot managed node group update issues for Amazon EKS?
AWS OFFICIALUpdated a year ago
How can I automate the configuration of HTTP proxy for Amazon EKS containerd nodes?
AWS OFFICIALUpdated a month ago
How do I troubleshoot eksctl issues with Amazon EKS clusters and node groups?
AWS OFFICIALUpdated a year ago