How to Change Port Range in EFS CSI Driver Add-on

Overview

When using the EFS CSI Driver Add-on in EKS, there may be cases where you need to change the port range from 20049 - 21049 to a larger value. This article explains the method and principles of changing this through the EFS CSI Driver Add-on.

How It Works

When the EFS CSI Driver Add-on is deployed, a daemonset pod efs-csi-node-12345 is deployed on each node.
As this pod runs, it modifies /etc/amazon/efs/efs-utils.conf on the EC2 instance.
Even if users manually modify /etc/amazon/efs/efs-utils.conf through Userdata or CLI on the instance, the settings will revert to their original state when the node reboots or the efs-csi-node pod restarts.

How to Change Port Range

Only upper limit of the port range can be set using the environment variable PortRangeUpperBound in the efs-csi-node pod.

Configuration Steps

Edit the daemonset configuration with the following command:

$ kubectl set env daemonset efs-csi-node -n kube-system -c efs-plugin PORT_RANGE_UPPER_BOUND=22049 # Modify desired value

How to Check

$ kubectl describe daemonset efs-csi-node -n kube-system | grep -A 10 "Environment:"
    Environment:
      CSI_ENDPOINT:            unix:/csi/csi.sock
      CSI_NODE_NAME:            (v1:spec.nodeName)
      PORT_RANGE_UPPER_BOUND:  22049
    Mounts:
      /csi from plugin-dir (rw)
      /etc/amazon/efs-legacy from efs-utils-config-legacy (rw)
      /var/amazon/efs from efs-utils-config (rw)
      /var/lib/kubelet from kubelet-dir (rw)
      /var/run/efs from efs-state-dir (rw)
...

# Inside Worker Node
$ cat /etc/amazon/efs/efs-utils.conf | grep port_range_upper_bound
port_range_upper_bound = 22049

Important Notes

• After the configuration change, the efs-csi-node daemonset pods will restart, and the EFS port upper limit will be changed on all nodes.
• You cannot set the port range lower than the default value of 21049.
  If the PORT_RANGE_UPPER_BOUND value is less than 21049, it will automatically be set to 21049 Reference code: Github Link