# Describe node for detailskubectl describe node <node-name># Check kubelet logsssh admin@<node-ip>journalctl -u kubelet# Common causes:# - CNI not running# - Memory pressure# - Disk pressure# - kube-proxy issues
Node Stuck in NotReady
# Check System pod logskubectl logs -n kube-system -l k8s-app=aws-node --tail=50kubectl logs -n kube-system -l k8s-app=kube-proxy --tail=50# Restart CNI if neededkubectl delete pod -n kube-system -l k8s-app=aws-node
Pod Issues
Pod Stuck in Pending
# Describe podkubectl describe pod <pod-name># Check if:# - Resources insufficient# - Node selector/taints not matching# - PVC not bound# - Pending due to CNI
Pod Stuck in ImagePullBackOff
# Check image namekubectl describe pod <pod-name> | grep -A5 Events# Verify:# - Image exists# - Image tag correct# - Registry credentials valid# - Network connectivity to registry
# Verify service account annotationkubectl get sa <sa-name> -o yaml# Check token file exists in podkubectl exec -it <pod> -- ls -la /var/run/secrets/eks.amazonaws.com/# Verify OIDC provideraws iam list-open-id-connect-providers# Test role assumptionaws sts assume-role-with-web-identity \ --role-arn arn:aws:iam::123456789:role/my-role \ --web-identity-token file:///var/run/secrets/eks.amazonaws.com/serviceaccount/token
Addon Issues
VPC CNI Not Creating Pods
# Check ENI allocationkubectl exec -n kube-system aws-node-xxxx -- aws ec2 describe-network-interfaces# Check max pods for instance typekubectl exec -n kube-system aws-node-xxxx -- cat /etc/eks/max-pods.txt# Check prefix delegationkubectl set env daemonset/aws-node -n kube-system AWS_VPC_K8S_CNI_PREFIX_DELEGATION=true