CRE-2025-0061

Karpenter Stability Issues on EKS During Leader ElectionMedium

Impact: 7/10

Mitigation: 4/10

CRE-2025-0061View on GitHub

KarpenterKEDAAWSEKS

Description

- EKS may be able to handle steady, predictable scale, but struggles during large‑scale auto scaling events when many workloads and nodes are spinning up or down simultaneously.\n- This instability affects components that implement leader election using the Kubernetes API, such as:\n - aws‑load‑balancer‑controller\n - karpenter\n - keda‑operator\n - ebs‑csi‑controller\n - efs‑csi‑controller\n

Mitigation

- Use Kubernetes API Priority and Fairness (FlowSchema and PriorityLevelConfiguration) to prioritize leader election traffic during high load.\n- Assign `workload‑high` priority to requests from critical components like the Karpenter controller.\n- Monitor etcd size and schedule regular defragmentation to reduce unplanned contention.\n

References

• https://github.com/aws/karpenter-provider-aws/issues/4168
• https://aws.amazon.com/blogs/containers/explore-etcd-defragmentation-in-amazon-eks/
• https://aws.amazon.com/blogs/containers/managing-etcd-database-size-on-amazon-eks-clusters/