search

kubernetes / kops

Kubernetes Operations (kOps) - Production Grade k8s Installation, Upgrades and Management
https://kops.sigs.k8s.io/
Apache License 2.0
15.9k stars 4.65k forks source link

Support for DualStack IPv4/Ipv6 #16767

Open qwerp opened 1 month ago

qwerp commented 1 month ago

is there a way we can enable DualStack Support on "Kubernetes" part. (not on settingup cloud component on AWS).

for instance,

I have successfully configured a DualStack Setup for the physical nodes.

(this is a one control plane 2x node setup)

> kubectl get nodes -o=custom-columns="NAME:.metadata.name,ADDRESSES:.status.addresses[?(@.type=='InternalIP')].address,PODCIDRS:.spec.podCIDRs[*]"

NAME ADDRESSES PODCIDRS i-05b36e8afa33fd240 2406:da1a:d4d:b805::e5e7,172.24.108.176 2406:da1a:d4d:b805:bacb::/80 i-07dd78d533265ec1c 2406:da1a:d4d:b803::fd1d,172.24.42.237 2406:da1a:d4d:b803:823b::/80 i-0828d9ace7f498ca9 2406:da1a:d4d:b804::16cc,172.24.78.179 2406:da1a:d4d:b804:714c::/80

as you can see we have physical dual ip on the host, however will need to configure multip podcidrs to fully enable dualstack on kubernetes.

https://kubernetes.io/docs/concepts/services-networking/dual-stack/

it will need to set --service-cluster-ip-range=, --cluster-cidr=, --node-cidr-mask-size-ipv4|--node-cidr-mask-size-ipv6

which are currently not supported. clusterCIDR: description: ClusterCIDR is CIDR Range for Pods in cluster. type: string

          serviceClusterIPRange:
            description: ServiceClusterIPRange is the CIDR, from the internal
              network, where we allocate IPs for services
            type: string

currently only support a single "entry"

also, there is no support for --node-cidr-mask-size-ipv4|--node-cidr-mask-size-ipv6

or is there a alternate way to enable this? Thanks.

hakman commented 1 month ago

Hi @qwerp, there is no way to enable DualStack with kOps. There is also no plan to support it in the future.

qwerp commented 1 month ago

Can i kindly ask for some recommendation on how would be the best way to run a "dual stack" API Service using Kops?

Any recommendation?

Thanks

justinsb commented 2 weeks ago

Our working theory in kOps is that dual-stack gives the all the downsides of IPv4, so it's less useful to then use IPv6.

However, we know that (for example) the pure IPv6 clusters aren't as reachable from IPv4 clients (but I think there are some workarounds using AWS load balancers). But I think we have support for reaching IPv4-only internet services from IPv6-only Pods.

What is your use-case - what are you trying to achieve here?