{"id":2304,"date":"2026-01-22T05:28:25","date_gmt":"2026-01-22T05:28:25","guid":{"rendered":"https:\/\/imesh.ai\/blog\/?p=2304"},"modified":"2026-01-22T05:39:21","modified_gmt":"2026-01-22T05:39:21","slug":"cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam","status":"publish","type":"post","link":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/","title":{"rendered":"Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"2304\" class=\"elementor elementor-2304\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-e1f5737 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"e1f5737\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-834f918\" data-id=\"834f918\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-b1689a1 elementor-widget elementor-widget-text-editor\" data-id=\"b1689a1\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><span data-contrast=\"auto\">As <a href=\"https:\/\/kubernetes.io\/\">Kubernetes<\/a> clusters on\u00a0Amazon EKS\u00a0grow in scale, the default\u00a0<a href=\"https:\/\/docs.aws.amazon.com\/eks\/latest\/best-practices\/vpc-cni.html\">AWS VPC CNI<\/a>\u2014which relies on <a href=\"https:\/\/docs.aws.amazon.com\/AWSEC2\/latest\/UserGuide\/using-eni.html\">EC2 ENI<\/a> and IP address limits\u2014often becomes a constraint for modern, high-density workloads. These limitations push platform teams to look for more scalable and flexible networking models.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">To overcome this, many organizations are adopting Cilium as the primary CNI on AWS EKS with\u00a0ClusterPool\u00a0IPAM and overlay networking. By fully replacing the default CNI, Cilium removes dependency on ENI-based pod IP allocation, enables predictable IP management at the cluster level, and supports faster, more reliable scaling.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">In this blog, we discuss installing Cilium as the primary CNI using\u00a0ClusterPool\u00a0IPAM on EKS and explain why this setup is widely adopted by enterprises building scalable, future-ready Kubernetes platforms on AWS.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\n<h2><span class=\"TextRun SCXW130748764 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW130748764 BCX8\" data-ccp-parastyle=\"heading 2\">Video on Cilium Standalone on AWS EKS with ENI IPAM and Native Routing<\/span><\/span><span class=\"EOP SCXW130748764 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><\/h2>\n<p><span class=\"TextRun SCXW239363479 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW239363479 BCX8\">In case you want to refer to the video, then here is\u00a0<\/span><span class=\"NormalTextRun SCXW239363479 BCX8\">my<\/span><span class=\"NormalTextRun SCXW239363479 BCX8\">\u00a0<\/span><\/span><span class=\"TextRun SCXW239363479 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW239363479 BCX8\">vi<\/span><span class=\"NormalTextRun SCXW239363479 BCX8\">deo\u00a0<\/span><\/span><span class=\"TextRun SCXW239363479 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW239363479 BCX8\">(disclaimer: I have used AI-voice over to avoid MTI from my accent)<\/span><\/span><span class=\"EOP SCXW239363479 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:160,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><iframe title=\"Cilium ClusterPool IPAM on AWS EKS | Complete Installation &amp; Demo\" width=\"1130\" height=\"636\" src=\"https:\/\/www.youtube.com\/embed\/Xl-J4I7U3nc?start=9&feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/p>\n<h2><span class=\"TextRun SCXW224295742 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW224295742 BCX8\" data-ccp-parastyle=\"heading 2\">Why use Cilium in EKS\u00a0<\/span><span class=\"NormalTextRun SCXW224295742 BCX8\" data-ccp-parastyle=\"heading 2\">ClusterPool<\/span><span class=\"NormalTextRun SCXW224295742 BCX8\" data-ccp-parastyle=\"heading 2\">\u00a0IPAM<\/span><\/span><span class=\"EOP SCXW224295742 BCX8\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<h3><span class=\"TextRun SCXW81424671 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW81424671 BCX8\" data-ccp-parastyle=\"heading 3\">Limitation of ENI Datapath and IPAM<\/span><\/span><span class=\"EOP SCXW81424671 BCX8\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"none\">Before we begin to check the ENI limitations,\u00a0let&#8217;s\u00a0first discuss how a Pod gets an IP in ENI mode.\u00a0When we create a pod schedule request, the Kube-let calls the CRI, and then the CRI calls the CNI to request an IP. Then, the Operator makes an API call to retrieve a batch of IPs\u2014usually 12 to 15 at a time this\u00a0is\u00a0to populate the IP pool fields in the CRD. The Agent then reads CRD and provides an IP back to the Kube-let, allowing the Pod to be scheduled.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"none\">As you can see in the\u00a0diagram (refer FIG. A), the node uses the Primary IP of the ENI, which becomes eth0 and is used as\u00a0a cilium host. Meanwhile, the Pods grab those available Secondary IPs.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559685&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/04.png\"><img fetchpriority=\"high\" decoding=\"async\" class=\"aligncenter wp-image-2307 size-large\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/04-1024x588.png\" alt=\"Cilium ClusterPool IPAM workflow on AWS EKS showing pod scheduling, kube-let, containerd, and pod IP allocation from primary ENI.\" width=\"1024\" height=\"588\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/04-1024x588.png 1024w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/04-300x172.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/04-768x441.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/04-400x230.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/04-800x460.png 800w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/04-1160x666.png 1160w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/04.png 1196w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/p>\n<p>\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0FIG.A: <span data-teams=\"true\">how we get ip using eni ipam<\/span><\/p>\n<p><span data-contrast=\"none\">But what happens when we run out of Secondary IPs on the primary\u00a0eni?<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"none\">One thing is happening here: when the Cilium Operator asks for a new batch of IPs, if we\u00a0don&#8217;t\u00a0have enough available slots for secondary IPs on the primary ENI, EC2<\/span><b><span data-contrast=\"none\">\u00a0<\/span><\/b><span data-contrast=\"none\">automatically attaches a new ENI. So, in ENI mode, these\u00a0additional\u00a0Pod IPs come directly from the Secondary IPs of this newly attached ENI. Once that new ENI is attached and the IPs are available, the pending Pod is created.\u00a0<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"none\">However, in a real cluster, you\u00a0generally won&#8217;t\u00a0see a Pod stuck in a &#8216;Pending&#8217; state while this happens. Because the Operator requests a\u00a0batch of IPs\u00a0ahead of\u00a0time. So,\u00a0this ENI attachment triggers\u00a0before\u00a0we completely run out of addresses. These newly attached IPs are kept as\u00a0<\/span><b><span data-contrast=\"none\">&#8216;<\/span><\/b><span data-contrast=\"none\">warm IPs&#8217;. So, this process happens in the background, ensuring that an IP is already available by the time the Pod needs to be created.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/05.png\"><img decoding=\"async\" class=\"aligncenter wp-image-2308 size-large\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/05-1024x636.png\" alt=\"Cilium ClusterPool IPAM on AWS EKS with additional ENI attached, showing expansion of available pod IPs and new pods.\" width=\"1024\" height=\"636\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/05-1024x636.png 1024w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/05-300x186.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/05-768x477.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/05-400x248.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/05-800x497.png 800w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/05-1160x720.png 1160w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/05.png 1202w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/p>\n<p><span class=\"TextRun SCXW114969494 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW114969494 BCX8\">\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 FIG.B: <span data-teams=\"true\">how we get ip using eni ipam by attaching additional eni<\/span><\/span><\/span><\/p>\n<p><span class=\"TextRun SCXW184216458 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW184216458 BCX8\">However, this scaling\u00a0<\/span><span class=\"NormalTextRun SCXW184216458 BCX8\">isn&#8217;t<\/span><span class=\"NormalTextRun SCXW184216458 BCX8\">\u00a0infinite. Now, as you can see in the diagram<\/span><span class=\"NormalTextRun SCXW184216458 BCX8\">\u00a0(refer FIG.C)<\/span><span class=\"NormalTextRun SCXW184216458 BCX8\">, we have attached another ENI to get more IPs, but we have now reached our\u00a0<\/span><\/span><span class=\"TextRun SCXW184216458 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW184216458 BCX8\">max limit<\/span><\/span><span class=\"TextRun SCXW184216458 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW184216458 BCX8\">. Every instance has a limit on how many ENIs can be attached. Since we have hit that cap, we physically cannot attach any more interfaces, and therefore, we cannot create any new pods<\/span><span class=\"NormalTextRun SCXW184216458 BCX8\">.<\/span><\/span><span class=\"EOP SCXW184216458 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335551550&quot;:1,&quot;335551620&quot;:1,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/06.png\"><img decoding=\"async\" class=\"aligncenter wp-image-2309 size-large\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/06-1024x633.png\" alt=\"AWS EKS worker node scaling with multiple ENIs using Cilium ClusterPool IPAM and increasing pod capacity.\" width=\"1024\" height=\"633\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/06-1024x633.png 1024w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/06-300x185.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/06-768x475.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/06-400x247.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/06-800x494.png 800w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/06-1160x717.png 1160w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/06.png 1207w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/p>\n<p><span class=\"TextRun SCXW198046652 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW198046652 BCX8\">\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 FIG.C: <span class=\"TextRun SCXW114969494 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW114969494 BCX8\"><span data-teams=\"true\">how we get ip using eni ipam by attaching multiple enis<\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span class=\"NormalTextRun SCXW194976836 BCX8\">So, we can say that the CNI manages Secondary IPs for Pod IPs, and Cilium in ENI mode uses these Secondary IPs. And that is exactly what causes our limitations in ENI\u00a0<\/span><span class=\"NormalTextRun SCXW194976836 BCX8\">mode. The<\/span><span class=\"NormalTextRun SCXW194976836 BCX8\">\u00a0problem is that every EC2 instance type has a limit on how many ENIs and IPs it can use. For example, if we take a t<\/span><span class=\"NormalTextRun ContextualSpellingAndGrammarErrorV2Themed SCXW194976836 BCX8\">3.small<\/span><span class=\"NormalTextRun SCXW194976836 BCX8\">\u00a0instance, it allows 3 ENIs, but each ENI only supports 4 IP slots\u2014primary and 3 secondary\u2014so we can have only 9 application pods. So, in the end, we can say that because of these ENI limits, the Pod count is directly limited by the physical capacity of the EC2 instance<\/span><span class=\"NormalTextRun SCXW194976836 BCX8\">.<\/span><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/07.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2310 size-large\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/07-1024x480.png\" alt=\"AWS EKS and Cilium ClusterPool IPAM explaining ENI limits per instance and how pod IP slots are calculated.\" width=\"1024\" height=\"480\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/07-1024x480.png 1024w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/07-300x140.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/07-768x360.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/07-1536x719.png 1536w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/07-400x187.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/07-800x375.png 800w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/07-1160x543.png 1160w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/07.png 1593w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/p>\n<p><span class=\"TextRun SCXW198046652 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW198046652 BCX8\">\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0FIG.D: <span class=\"TextRun SCXW114969494 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW114969494 BCX8\"><span data-teams=\"true\">how many enis can be attached\u00a0<\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span class=\"NormalTextRun SCXW225903228 BCX8\">Now<\/span><span class=\"NormalTextRun SCXW225903228 BCX8\">, how do we fix this? And how do we use more IPs? This is where our\u00a0<\/span><span class=\"NormalTextRun SCXW225903228 BCX8\">ClusterPool<\/span><span class=\"NormalTextRun SCXW225903228 BCX8\">\u00a0comes in.<\/span><\/p>\n<h3><span class=\"TextRun SCXW258071750 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW258071750 BCX8\" data-ccp-parastyle=\"heading 3\">Use of\u00a0<\/span><span class=\"NormalTextRun SCXW258071750 BCX8\" data-ccp-parastyle=\"heading 3\">ClusterPool<\/span><span class=\"NormalTextRun SCXW258071750 BCX8\" data-ccp-parastyle=\"heading 3\">\u00a0IPAM<\/span><\/span><span class=\"EOP SCXW258071750 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><\/h3>\n<p><span data-contrast=\"none\">As we\u00a0have\u00a0discussed in our routing videos, the Cilium Operator will populate the\u00a0Cilium Node\u00a0CRD with IPs from the\u00a0podCIDR\u00a0flags. So, we can simply pass CIDRs to the pods, solving the allocation problem.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"none\">But now, the problem\u00a0is how\u00a0can we\u00a0route\u00a0them. In\u00a0AWS, we have routing tables for the ENI IPs, and we\u00a0use\u00a0native routing mode. But here, AWS\u00a0doesn&#8217;t\u00a0know about our new Pod IPs. So, how will we route our traffic?<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><span data-contrast=\"none\">This is where the tunnel comes into the picture. We just\u00a0created\u00a0a node-to-node tunnel. So, for\u00a0ClusterPool\u00a0to work, we\u00a0don&#8217;t\u00a0need complex networking\u2014just a tunnel and the IPs we are passing.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"none\">Now,\u00a0you can see the config map fields:<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"12\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"none\">clusterPoolIPv4PodCIDRList<\/span><span data-contrast=\"none\">\u00a0is set to a custom CIDR of\u00a0<\/span><span data-contrast=\"none\">10.200.0.0\/16<\/span><span data-contrast=\"none\">. This\u00a0represents\u00a0the\u00a0entire\u00a0cluster,\u00a0Pod CIDR.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:220,&quot;335559739&quot;:220,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"12\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"none\">clusterPoolIPv4MaskSize<\/span><span data-contrast=\"none\">\u00a0is set to\u00a0<\/span><span data-contrast=\"none\">24<\/span><span data-contrast=\"none\">, which is the mask size assigned for each Node.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:220,&quot;335559739&quot;:220,&quot;335559740&quot;:278}\">\u00a0<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"none\">And when you take a look at the screenshot below, you can see, my Node IP is on a completely different CIDR (<\/span><span data-contrast=\"none\">192.168.x.x<\/span><span data-contrast=\"none\">) which comes from the AWS ENI.\u00a0But for the Pods, we have a different CIDR entirely\u2014you can see all the\u00a0pods are\u00a0running with\u00a0<\/span><span data-contrast=\"none\">10.200.x.x<\/span><span data-contrast=\"none\">\u00a0addresses.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/Screenshot-2026-01-21-202613.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2311 size-large\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/Screenshot-2026-01-21-202613-1024x140.png\" alt=\"kubectl get pods output showing Cilium connectivity test pods with ClusterPool IPAM pod IPs on Amazon EKS\" width=\"1024\" height=\"140\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/Screenshot-2026-01-21-202613-1024x140.png 1024w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/Screenshot-2026-01-21-202613-300x41.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/Screenshot-2026-01-21-202613-768x105.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/Screenshot-2026-01-21-202613-400x55.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/Screenshot-2026-01-21-202613-800x110.png 800w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/Screenshot-2026-01-21-202613-1160x159.png 1160w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/Screenshot-2026-01-21-202613.png 1181w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/p>\n<p><span class=\"TextRun SCXW6067068 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW6067068 BCX8\">Below<\/span><span class=\"NormalTextRun SCXW6067068 BCX8\">\u00a0(refer FIG.E)<\/span><span class=\"NormalTextRun SCXW6067068 BCX8\">, you can see that while the node&#8217;s\u00a0<\/span><\/span><span class=\"TextRun SCXW6067068 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW6067068 BCX8\">eth0<\/span><\/span><span class=\"TextRun SCXW6067068 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW6067068 BCX8\">\u00a0IP still comes from the ENI&#8217;s Primary IP, for Pod IPs we no longer call the EC2 API<\/span><span class=\"NormalTextRun SCXW6067068 BCX8\">. Instead<\/span><span class=\"NormalTextRun SCXW6067068 BCX8\">, the Operator reads the Pod CIDR range from the Config Map and assigns those IPs directly to the pods.<\/span><\/span><span class=\"EOP SCXW6067068 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240,&quot;335559740&quot;:278}\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/09.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2312 size-large\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/09-1024x624.png\" alt=\"Cilium ClusterPool IPAM assigning pod IPs from pod CIDR using Config Map and Cilium node CRD on AWS EKS.\" width=\"1024\" height=\"624\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/09-1024x624.png 1024w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/09-300x183.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/09-768x468.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/09-400x244.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/09-800x487.png 800w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/09-1160x706.png 1160w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/09.png 1207w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/p>\n<p><span class=\"TextRun SCXW74408466 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW74408466 BCX8\">\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 FIG.E:<\/span><\/span><span class=\"EOP SCXW74408466 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\">\u00a0<\/span><span data-teams=\"true\">how we assign ip using clusterpool<\/span><\/p>\n<p><span class=\"TextRun SCXW166751663 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW166751663 BCX8\">And that concludes our &#8216;Why\u00a0<\/span><span class=\"NormalTextRun SCXW166751663 BCX8\">ClusterPool<\/span><span class=\"NormalTextRun SCXW166751663 BCX8\">&#8216; part. Now,\u00a0<\/span><span class=\"NormalTextRun SCXW166751663 BCX8\">let&#8217;s<\/span><span class=\"NormalTextRun SCXW166751663 BCX8\"> move to the next section and discuss the r<\/span><span class=\"NormalTextRun SCXW166751663 BCX8\">equirement<\/span><\/span><span class=\"TextRun SCXW166751663 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW166751663 BCX8\">s<\/span><span class=\"NormalTextRun SCXW166751663 BCX8\">.<\/span><\/span><\/p>\n<h2><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"TextRun SCXW87988311 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW87988311 BCX8\" data-ccp-parastyle=\"heading 2\">Prerequisites and requirements<\/span><span class=\"NormalTextRun SCXW87988311 BCX8\" data-ccp-parastyle=\"heading 2\">\u00a0for\u00a0<\/span><span class=\"NormalTextRun SCXW87988311 BCX8\" data-ccp-parastyle=\"heading 2\">ClusterPool<\/span><\/span><span class=\"EOP SCXW87988311 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:160,&quot;335559739&quot;:80,&quot;335559740&quot;:278}\">\u00a0<\/span><\/span><\/h2>\n<h3><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"TextRun SCXW213391691 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW213391691 BCX8\" data-ccp-parastyle=\"heading 3\">1.General requirements<\/span><\/span><span class=\"EOP SCXW213391691 BCX8\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559685&quot;:0,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/span><\/h3>\n<p><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"TextRun SCXW14322419 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW14322419 BCX8\">Ensure correct kernel version,\u00a0<\/span><span class=\"NormalTextRun SCXW14322419 BCX8\">required<\/span><span class=\"NormalTextRun SCXW14322419 BCX8\">\u00a0IAM roles, supported instance types and proper VPC\/Subnet configuration.<\/span><\/span><span class=\"EOP SCXW14322419 BCX8\" data-ccp-props=\"{}\">\u00a0<\/span><\/span><\/p>\n<h3><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"TextRun SCXW187093960 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW187093960 BCX8\" data-ccp-parastyle=\"heading 2\">2.<\/span><\/span><span class=\"TextRun SCXW187093960 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW187093960 BCX8\" data-ccp-parastyle=\"heading 2\">\u00a0Disable Default AWS Add-ons<\/span><\/span><span class=\"EOP SCXW187093960 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:276}\">\u00a0<\/span><\/span><\/h3>\n<p><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"TextRun SCXW41435654 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW41435654 BCX8\">Disable AWS-node (AWS VPC CNI) and any other CNIs to avoid conflicts with Cilium.<\/span><\/span><\/span><\/p>\n<h3><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"EOP SCXW41435654 BCX8\" data-ccp-props=\"{}\"><span class=\"TextRun SCXW79429747 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW79429747 BCX8\" data-ccp-charstyle=\"Heading 3 Char\">3.<\/span><span class=\"NormalTextRun SCXW79429747 BCX8\">\u00a0Enable Private Networking<\/span><\/span><span class=\"EOP SCXW79429747 BCX8\" data-ccp-props=\"{&quot;335559685&quot;:0}\">\u00a0<\/span><\/span><\/span><\/h3>\n<p><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"EOP SCXW41435654 BCX8\" data-ccp-props=\"{}\"><span class=\"TextRun SCXW89520126 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW89520126 BCX8\">Add\u00a0<\/span><\/span><span class=\"TextRun SCXW89520126 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW89520126 BCX8\">private Networking: true<\/span><\/span><span class=\"TextRun SCXW89520126 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW89520126 BCX8\">\u00a0in the node group configuration.<\/span><\/span><span class=\"EOP SCXW89520126 BCX8\" data-ccp-props=\"{}\">\u00a0<\/span><\/span><\/span><\/p>\n<h3><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"EOP SCXW41435654 BCX8\" data-ccp-props=\"{}\"><span class=\"TextRun SCXW98129 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW98129 BCX8\" data-ccp-charstyle=\"Heading 3 Char\">4.<\/span><span class=\"NormalTextRun SCXW98129 BCX8\" data-ccp-charstyle=\"Heading 3 Char\">\u00a0<\/span><span class=\"NormalTextRun SCXW98129 BCX8\">Add Cilium Startup Taint<\/span><\/span><span class=\"EOP SCXW98129 BCX8\" data-ccp-props=\"{&quot;335559685&quot;:0}\">\u00a0<\/span><\/span><\/span><\/h3>\n<p><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"EOP SCXW41435654 BCX8\" data-ccp-props=\"{}\"><span class=\"TextRun SCXW216519113 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW216519113 BCX8\">Use the taint\u00a0<\/span><\/span><span class=\"TextRun SCXW216519113 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW216519113 BCX8\">node.cilium.io\/agent-not-ready=<\/span><span class=\"NormalTextRun SCXW216519113 BCX8\">true:NoExecute<\/span><\/span><span class=\"TextRun SCXW216519113 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW216519113 BCX8\">\u00a0so application Pods only start after Cilium is ready.<\/span><\/span><span class=\"EOP SCXW216519113 BCX8\" data-ccp-props=\"{}\">\u00a0<\/span><\/span><\/span><\/p>\n<p><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"EOP SCXW41435654 BCX8\" data-ccp-props=\"{}\"><span class=\"TextRun SCXW9580609 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW9580609 BCX8\">Next, let us move to the step-by-step installation.<\/span><\/span><span class=\"LineBreakBlob BlobObject DragDrop SCXW9580609 BCX8\"><span class=\"SCXW9580609 BCX8\">\u00a0<\/span><\/span><\/span><\/span><\/p>\n<h2><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"EOP SCXW41435654 BCX8\" data-ccp-props=\"{}\"><span class=\"LineBreakBlob BlobObject DragDrop SCXW9580609 BCX8\"><span class=\"TextRun SCXW73843295 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW73843295 BCX8\">Step-by-step installation of Cilium on AWS EKS using\u00a0<\/span><span class=\"NormalTextRun SCXW73843295 BCX8\">ClusterPool<\/span><span class=\"NormalTextRun SCXW73843295 BCX8\">\u00a0IPAM<\/span><\/span><span class=\"EOP SCXW73843295 BCX8\" data-ccp-props=\"{&quot;335559685&quot;:0}\">\u00a0<\/span><\/span><\/span><\/span><\/h2>\n<h3><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"EOP SCXW41435654 BCX8\" data-ccp-props=\"{}\"><span class=\"LineBreakBlob BlobObject DragDrop SCXW9580609 BCX8\"><span class=\"SCXW9580609 BCX8\"><span class=\"TextRun SCXW226795394 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW226795394 BCX8\" data-ccp-parastyle=\"heading 3\">1.<\/span><span class=\"NormalTextRun SCXW226795394 BCX8\" data-ccp-parastyle=\"heading 3\">Create the cluster<\/span><\/span><span class=\"EOP SCXW226795394 BCX8\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/span><\/span><\/span><\/span><\/h3>\n<h4><span class=\"TextRun SCXW5135785 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW5135785 BCX8\" data-ccp-parastyle=\"heading 4\">Apply\u00a0<\/span><span class=\"NormalTextRun SCXW5135785 BCX8\" data-ccp-parastyle=\"heading 4\">cluster configuration<\/span><\/span><span class=\"EOP SCXW5135785 BCX8\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:80,&quot;335559739&quot;:40}\">\u00a0<\/span><\/h4>\n<p><span class=\"NormalTextRun SCXW205737934 BCX8\">Create the EKS control plane using an\u00a0<\/span><span class=\"NormalTextRun SCXW205737934 BCX8\">eksctl<\/span><span class=\"NormalTextRun SCXW205737934 BCX8\">\u00a0cluster configuration file. In this configuration, default AWS add-ons are disabled to avoid conflicts with Cilium<\/span><span class=\"NormalTextRun SCXW205737934 BCX8\">.\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/cluster-config.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2314 size-full\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/cluster-config.png\" alt=\"eksctl cluster configuration yaml disabling default addons and enabling coreDNS and kube-proxy for Cilium on Amazon EKS\" width=\"397\" height=\"340\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/cluster-config.png 397w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/cluster-config-300x257.png 300w\" sizes=\"(max-width: 397px) 100vw, 397px\" \/><\/a><\/p>\n<p><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"EOP SCXW41435654 BCX8\" data-ccp-props=\"{}\"><span class=\"LineBreakBlob BlobObject DragDrop SCXW9580609 BCX8\"><span class=\"SCXW9580609 BCX8\"><span class=\"TextRun SCXW168351757 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW168351757 BCX8\">Create the cluster using the configuration file:<\/span><\/span><span class=\"EOP SCXW168351757 BCX8\" data-ccp-props=\"{}\">\u00a0<\/span><\/span><\/span><\/span><\/span><\/p>\n<p><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"EOP SCXW41435654 BCX8\" data-ccp-props=\"{}\"><span class=\"LineBreakBlob BlobObject DragDrop SCXW9580609 BCX8\"><span class=\"SCXW9580609 BCX8\"><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/crt-cluster.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2315 size-full\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/crt-cluster.png\" alt=\"eksctl create cluster command using cluster-config.yaml to provision Amazon EKS cluster\" width=\"905\" height=\"51\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/crt-cluster.png 905w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/crt-cluster-300x17.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/crt-cluster-768x43.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/crt-cluster-400x23.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/crt-cluster-800x45.png 800w\" sizes=\"(max-width: 905px) 100vw, 905px\" \/><\/a>\u00a0<\/span><br class=\"SCXW9580609 BCX8\" \/><\/span><span class=\"TextRun SCXW244871894 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW244871894 BCX8\">If you need to tear down the cluster:<\/span><\/span><span class=\"EOP SCXW244871894 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335551550&quot;:0,&quot;335551620&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/span><\/span><\/p>\n<h4><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><span class=\"EOP SCXW41435654 BCX8\" data-ccp-props=\"{}\"><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/del-cluster.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2316 size-full\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/del-cluster.png\" alt=\"eksctl delete cluster command using cluster-config.yaml to remove Amazon EKS cluster\" width=\"950\" height=\"68\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/del-cluster.png 950w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/del-cluster-300x21.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/del-cluster-768x55.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/del-cluster-400x29.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/del-cluster-800x57.png 800w\" sizes=\"(max-width: 950px) 100vw, 950px\" \/><\/a>\u00a0<\/span><\/span><span class=\"TextRun SCXW109480527 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW109480527 BCX8\" data-ccp-parastyle=\"heading 4\">Apply node group configuration<\/span><\/span><\/h4>\n<p><span class=\"EOP SCXW109480527 BCX8\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:80,&quot;335559739&quot;:40}\"><span class=\"TextRun SCXW53394258 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW53394258 BCX8\">Next, configure the managed node group with settings\u00a0<\/span><span class=\"NormalTextRun SCXW53394258 BCX8\">required<\/span><span class=\"NormalTextRun SCXW53394258 BCX8\"> for Cilium, including private networking and start-up taints.<\/span><\/span><span class=\"EOP SCXW53394258 BCX8\" data-ccp-props=\"{}\">\u00a0<\/span>\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/config-2.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2317 size-full\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/config-2.png\" alt=\"eksctl managed node group configuration yaml with private networking IAM policies and Cilium agent taint on EKS\" width=\"482\" height=\"323\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/config-2.png 482w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/config-2-300x200.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/config-2-400x268.png 400w\" sizes=\"(max-width: 482px) 100vw, 482px\" \/><\/a><\/p>\n<h3><span class=\"TextRun SCXW138018379 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW138018379 BCX8\" data-ccp-parastyle=\"heading 3\">2.<\/span><span class=\"NormalTextRun SCXW138018379 BCX8\" data-ccp-parastyle=\"heading 3\">\u00a0Apply Helm charts<\/span><\/span><span class=\"EOP SCXW138018379 BCX8\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h3>\n<p><span class=\"TextRun SCXW203523975 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW203523975 BCX8\">Once the EKS cluster and node groups are ready, install Cilium as the\u00a0<\/span><\/span><span class=\"TextRun SCXW203523975 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW203523975 BCX8\">primary CNI<\/span><\/span><span class=\"TextRun SCXW203523975 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW203523975 BCX8\">\u00a0using Helm. In this setup,\u00a0<\/span><span class=\"NormalTextRun SCXW203523975 BCX8\">ClusterPool<\/span><span class=\"NormalTextRun SCXW203523975 BCX8\">\u00a0IPAM is used to\u00a0<\/span><span class=\"NormalTextRun SCXW203523975 BCX8\">allocate<\/span><span class=\"NormalTextRun SCXW203523975 BCX8\">\u00a0Pod IPs from a dedicated CIDR range instead of relying on AWS ENIs.<\/span><\/span><\/p>\n<p><span class=\"TextRun SCXW138386546 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW138386546 BCX8\">Install Cilium using Helm<\/span><\/span><span class=\"EOP SCXW138386546 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335551550&quot;:0,&quot;335551620&quot;:0,&quot;335559685&quot;:720,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\n<p><span class=\"EOP SCXW203523975 BCX8\" data-ccp-props=\"{}\"><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/install_Cilium.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2318 size-full\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/install_Cilium.png\" alt=\"helm install command for Cilium on Amazon EKS using ClusterPool IPAM with custom pod CIDR and mask size\" width=\"945\" height=\"214\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/install_Cilium.png 945w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/install_Cilium-300x68.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/install_Cilium-768x174.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/install_Cilium-400x91.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/install_Cilium-800x181.png 800w\" sizes=\"(max-width: 945px) 100vw, 945px\" \/><\/a><\/span><\/p>\n<p>To configure multiple CIDR ranges:<\/p>\n<p><span class=\"EOP SCXW166751663 BCX8\" data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;201341983&quot;:0,&quot;335559738&quot;:0,&quot;335559739&quot;:0,&quot;335559740&quot;:278}\"><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/set-ipam.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2319 size-full\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/set-ipam.png\" alt=\"Cilium ClusterPool IPAM configuration setting multiple IPv4 pod CIDR ranges using helm values\" width=\"927\" height=\"82\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/set-ipam.png 927w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/set-ipam-300x27.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/set-ipam-768x68.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/set-ipam-400x35.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/set-ipam-800x71.png 800w\" sizes=\"(max-width: 927px) 100vw, 927px\" \/><\/a><\/span><\/p>\n<h3><span class=\"TextRun SCXW175934768 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW175934768 BCX8\" data-ccp-parastyle=\"heading 3\">Perform connectivity tests<\/span><\/span><span class=\"EOP SCXW175934768 BCX8\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559685&quot;:0,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h3>\n<p><span class=\"NormalTextRun SCXW121236376 BCX8\">After installing Cilium,\u00a0<\/span><span class=\"NormalTextRun SCXW121236376 BCX8\">validate<\/span><span class=\"NormalTextRun SCXW121236376 BCX8\">\u00a0the networking setup using Cilium\u2019s built-in connectivity test suite<\/span><span class=\"NormalTextRun SCXW121236376 BCX8\">.<\/span><span class=\"NormalTextRun SCXW121236376 BCX8\">\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/connectivity_Cilium.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-2320 size-full\" src=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/connectivity_Cilium.png\" alt=\"cilium connectivity test command validating pod to pod networking in cilium-system namespace on EKS\" width=\"974\" height=\"72\" srcset=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/connectivity_Cilium.png 974w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/connectivity_Cilium-300x22.png 300w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/connectivity_Cilium-768x57.png 768w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/connectivity_Cilium-400x30.png 400w, https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/connectivity_Cilium-800x59.png 800w\" sizes=\"(max-width: 974px) 100vw, 974px\" \/><\/a><\/p>\n<p><span class=\"TextRun SCXW262467828 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW262467828 BCX8\">A successful test confirms that\u00a0<\/span><span class=\"NormalTextRun SCXW262467828 BCX8\">Cilium with\u00a0<\/span><span class=\"NormalTextRun SCXW262467828 BCX8\">ClusterPool<\/span><span class=\"NormalTextRun SCXW262467828 BCX8\">\u00a0IPAM and overlay networking<\/span><span class=\"NormalTextRun SCXW262467828 BCX8\">\u00a0is functioning correctly across the cluster<\/span><\/span><span class=\"TextRun SCXW262467828 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"auto\"><span class=\"NormalTextRun SCXW262467828 BCX8\">.<\/span><\/span><\/p>\n<h2><span class=\"TextRun SCXW161037384 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW161037384 BCX8\" data-ccp-parastyle=\"heading 2\">Final Thoughts<\/span><\/span><span class=\"EOP SCXW161037384 BCX8\" data-ccp-props=\"{&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:160,&quot;335559739&quot;:80}\">\u00a0<\/span><\/h2>\n<p><span data-contrast=\"auto\">Using Cilium with\u00a0ClusterPool\u00a0IPAM on AWS EKS is a powerful alternative to the default ENI-based networking model. It removes AWS IP scaling constraints, simplifies cluster growth, and unlocks advanced capabilities such as\u00a0eBPF-based networking,\u00a0observability,\u00a0and\u00a0security.\u00a0For\u00a0teams running large or fast-growing Kubernetes clusters, this architecture provides a future-proof, scalable foundation without sacrificing performance or reliability.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335551550&quot;:0,&quot;335551620&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\n<p><span data-contrast=\"auto\">If\u00a0you\u2019re\u00a0planning to adopt Cilium in production or need expert guidance,\u00a0reach\u00a0out to\u00a0our\u00a0<\/span><a href=\"https:\/\/imesh.ai\/enterprise-cilium-CNI-support.html\"><span data-contrast=\"none\">Cilium experts<\/span><\/a><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335551550&quot;:0,&quot;335551620&quot;:0,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">\u00a0<\/span><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>As Kubernetes clusters on\u00a0Amazon EKS\u00a0grow in scale, the default\u00a0AWS VPC CNI\u2014which relies<span class=\"excerpt-more\"><\/span><\/p>\n","protected":false},"author":12,"featured_media":2305,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[123],"tags":[],"class_list":["post-2304","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cilium"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0 - IMESH<\/title>\n<meta name=\"description\" content=\"Learn how Cilium with ClusterPool IPAM on EKS overcomes AWS VPC CNI ENI limits and enables scalable Kubernetes networking\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0 - IMESH\" \/>\n<meta property=\"og:description\" content=\"Learn how Cilium with ClusterPool IPAM on EKS overcomes AWS VPC CNI ENI limits and enables scalable Kubernetes networking\" \/>\n<meta property=\"og:url\" content=\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/\" \/>\n<meta property=\"og:site_name\" content=\"IMESH\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-22T05:28:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-22T05:39:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1536\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Soubhagya Das\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Soubhagya Das\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/\"},\"author\":{\"name\":\"Soubhagya Das\",\"@id\":\"https:\/\/imesh.ai\/blog\/#\/schema\/person\/f24ff7de8ff9b6190b8d0822ae2501aa\"},\"headline\":\"Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0\",\"datePublished\":\"2026-01-22T05:28:25+00:00\",\"dateModified\":\"2026-01-22T05:39:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/\"},\"wordCount\":1342,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/imesh.ai\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png\",\"articleSection\":[\"Cilium\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/\",\"url\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/\",\"name\":\"Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0 - IMESH\",\"isPartOf\":{\"@id\":\"https:\/\/imesh.ai\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png\",\"datePublished\":\"2026-01-22T05:28:25+00:00\",\"dateModified\":\"2026-01-22T05:39:21+00:00\",\"description\":\"Learn how Cilium with ClusterPool IPAM on EKS overcomes AWS VPC CNI ENI limits and enables scalable Kubernetes networking\",\"breadcrumb\":{\"@id\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#primaryimage\",\"url\":\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png\",\"contentUrl\":\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png\",\"width\":1536,\"height\":1024},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/imesh.ai\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/imesh.ai\/blog\/#website\",\"url\":\"https:\/\/imesh.ai\/blog\/\",\"name\":\"IMESH Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/imesh.ai\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/imesh.ai\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/imesh.ai\/blog\/#organization\",\"name\":\"IMESH\",\"url\":\"https:\/\/imesh.ai\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/imesh.ai\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2023\/03\/IMESH-LOGO-scaled.jpg\",\"contentUrl\":\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2023\/03\/IMESH-LOGO-scaled.jpg\",\"width\":2560,\"height\":1665,\"caption\":\"IMESH\"},\"image\":{\"@id\":\"https:\/\/imesh.ai\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/imeshai\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/imesh.ai\/blog\/#\/schema\/person\/f24ff7de8ff9b6190b8d0822ae2501aa\",\"name\":\"Soubhagya Das\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/imesh.ai\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2023\/03\/IMESH-LOGO-150x150.jpg\",\"contentUrl\":\"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2023\/03\/IMESH-LOGO-150x150.jpg\",\"caption\":\"Soubhagya Das\"},\"sameAs\":[\"http:\/\/imesh.ai\"],\"url\":\"https:\/\/imesh.ai\/blog\/author\/soubhagyaranjan-das\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0 - IMESH","description":"Learn how Cilium with ClusterPool IPAM on EKS overcomes AWS VPC CNI ENI limits and enables scalable Kubernetes networking","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/","og_locale":"en_US","og_type":"article","og_title":"Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0 - IMESH","og_description":"Learn how Cilium with ClusterPool IPAM on EKS overcomes AWS VPC CNI ENI limits and enables scalable Kubernetes networking","og_url":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/","og_site_name":"IMESH","article_published_time":"2026-01-22T05:28:25+00:00","article_modified_time":"2026-01-22T05:39:21+00:00","og_image":[{"width":1536,"height":1024,"url":"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png","type":"image\/png"}],"author":"Soubhagya Das","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Soubhagya Das","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#article","isPartOf":{"@id":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/"},"author":{"name":"Soubhagya Das","@id":"https:\/\/imesh.ai\/blog\/#\/schema\/person\/f24ff7de8ff9b6190b8d0822ae2501aa"},"headline":"Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0","datePublished":"2026-01-22T05:28:25+00:00","dateModified":"2026-01-22T05:39:21+00:00","mainEntityOfPage":{"@id":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/"},"wordCount":1342,"commentCount":0,"publisher":{"@id":"https:\/\/imesh.ai\/blog\/#organization"},"image":{"@id":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#primaryimage"},"thumbnailUrl":"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png","articleSection":["Cilium"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/","url":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/","name":"Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0 - IMESH","isPartOf":{"@id":"https:\/\/imesh.ai\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#primaryimage"},"image":{"@id":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#primaryimage"},"thumbnailUrl":"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png","datePublished":"2026-01-22T05:28:25+00:00","dateModified":"2026-01-22T05:39:21+00:00","description":"Learn how Cilium with ClusterPool IPAM on EKS overcomes AWS VPC CNI ENI limits and enables scalable Kubernetes networking","breadcrumb":{"@id":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#primaryimage","url":"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png","contentUrl":"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png","width":1536,"height":1024},{"@type":"BreadcrumbList","@id":"https:\/\/imesh.ai\/blog\/cilium-installation-on-aws-eks-as-primary-cni-clusterpool-ipam\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/imesh.ai\/blog\/"},{"@type":"ListItem","position":2,"name":"Cilium installation on AWS EKS as Primary CNI |\u00a0ClusterPool\u00a0IPAM\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/imesh.ai\/blog\/#website","url":"https:\/\/imesh.ai\/blog\/","name":"IMESH Blog","description":"","publisher":{"@id":"https:\/\/imesh.ai\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/imesh.ai\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/imesh.ai\/blog\/#organization","name":"IMESH","url":"https:\/\/imesh.ai\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/imesh.ai\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2023\/03\/IMESH-LOGO-scaled.jpg","contentUrl":"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2023\/03\/IMESH-LOGO-scaled.jpg","width":2560,"height":1665,"caption":"IMESH"},"image":{"@id":"https:\/\/imesh.ai\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/imeshai"]},{"@type":"Person","@id":"https:\/\/imesh.ai\/blog\/#\/schema\/person\/f24ff7de8ff9b6190b8d0822ae2501aa","name":"Soubhagya Das","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/imesh.ai\/blog\/#\/schema\/person\/image\/","url":"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2023\/03\/IMESH-LOGO-150x150.jpg","contentUrl":"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2023\/03\/IMESH-LOGO-150x150.jpg","caption":"Soubhagya Das"},"sameAs":["http:\/\/imesh.ai"],"url":"https:\/\/imesh.ai\/blog\/author\/soubhagyaranjan-das\/"}]}},"jetpack_featured_media_url":"https:\/\/imesh.ai\/blog\/wp-content\/uploads\/2026\/01\/new-img.png","_links":{"self":[{"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/posts\/2304","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/comments?post=2304"}],"version-history":[{"count":11,"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/posts\/2304\/revisions"}],"predecessor-version":[{"id":2330,"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/posts\/2304\/revisions\/2330"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/media\/2305"}],"wp:attachment":[{"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/media?parent=2304"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/categories?post=2304"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/imesh.ai\/blog\/wp-json\/wp\/v2\/tags?post=2304"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}