docs: add dual-stack iptables api model

Azure · Jan 22, 2021 · 70162cd · 70162cd
1 parent 362c62f
commit 70162cd
Show file tree

Hide file tree

Showing 3 changed files with 84 additions and 26 deletions.
diff --git a/examples/dualstack/README.md b/examples/dualstack/README.md
@@ -1,31 +1,27 @@
-# AKS Engine - Dual Stack clusters
+# AKS Engine - Dual-stack clusters
 
 ## Overview
 
-AKS Engine enables you to create dual stack (IPv4 *and* IPv6) Kubernetes clusters on Microsoft Azure.
+AKS Engine enables you to create dual-stack (IPv4 *and* IPv6) Kubernetes clusters on Microsoft Azure.
 
-- Dual stack support is available for Kubernetes version 1.16.0 and later
-- Dual stack services support was added in 1.20.0 (recommended kubernetes version)
+- Dual-stack support is available for Kubernetes version 1.16.0 and later
+- Dual-stack services support was added in 1.20.0 (recommended kubernetes version)
 
 > Official docs are available here - https://kubernetes.io/docs/concepts/services-networking/dual-stack/
 
-In order to create IPv6 enabled Azure virtual networks and use standard loadbalancer with IPv6 you must first configure your subscription [as follows](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-ipv4-ipv6-dual-stack-cli#prerequisites).
-
-This example shows you how to configure a dual stack cluster:
+This example shows you how to configure a dual-stack cluster:
 
 1. **kubernetes.json** - deploying and using [Kubernetes](kubernetes.json).
 
-**Note** 
-
-The default node CIDR mask size for IPv6 is /64 and the default clusters subnet is `fc00::/48`. In 1.17+ node CIDR mask size can be configured by 
+The default node CIDR mask size for IPv6 is /64 and the default clusters subnet is `fc00::/48`. In 1.17+ node CIDR mask size can be configured by:
 
-```
+```yaml
         "controllerManagerConfig" : {
                 "--node-cidr-mask-size-ipv6": <value>
         }
 ```
 
-**The difference between node CIDR mask size and cluster subnet mask size can't be > 16**
+> The difference between node CIDR mask size and cluster subnet mask size can't be > 16**
 
 Things to try out after the cluster is deployed -
 
@@ -106,22 +102,22 @@ spec:
   type: LoadBalancer
 ```
 
-```
-azureuser@k8s-master-13083844-0:~$ kubectl get svc
+```bash
+$ kubectl get svc
 NAME          TYPE           CLUSTER-IP       EXTERNAL-IP          PORT(S)        AGE
 kubernetes    ClusterIP      10.0.0.1         <none>               443/TCP        58m
 nginx-ipv6    LoadBalancer   fd00::6283       2603:1030:805:3::3   80:31140/TCP   32s
 ```
 
 ## Limitations
 
-- Dual stack clusters are supported only with kubenet and azurecni.
-  - Dual stack cluster with azurecni are only supported with `bridge` network mode.
-- Dual stack clusters are supported only with Linux.
-- Dual stack clusters with Windows is not supported at this time because it requires
-  - Kubernetes version 1.19+ and 
-  - [backport to 2004 to support dualstack containers](https://github.com/Azure/aks-engine/issues/3568).
-- Dual stack clusters are supported with 
-  - ipvs kube-proxy mode (Kubernetes version 1.16+)
-  - iptables kube-proxy mode (Kubernetes version 1.18+).
-- API model enables Azure Standard LB for dual stack clusters. Azure Basic LBs have a limitation of only 1 IPv6 frontend configurations while Standard LB supports up to 600 IPv6 frontend configurations.
+- Dual-stack clusters are supported only with kubenet and azurecni.
+  - Dual-stack cluster with azurecni are only supported with `bridge` network mode.
+- Dual-stack clusters are supported only with Linux.
+- Dual-stack clusters with Windows is not supported at this time because it requires
+  - Kubernetes version 1.19+ and
+  - [backport to 2004 to support dual-stack containers](https://github.com/Azure/aks-engine/issues/3568).
+- Dual-stack clusters are supported with
+  - `ipvs` kube-proxy mode (Kubernetes version 1.16+)
+  - `iptables` kube-proxy mode (Kubernetes version 1.18+).
+- API model enables Azure Standard LB for dual-stack clusters. Azure Basic LBs have a limitation of only 1 IPv6 frontend configurations while Standard LB supports up to 600 IPv6 frontend configurations.
diff --git a/examples/dualstack/kubernetes-iptables.json b/examples/dualstack/kubernetes-iptables.json
@@ -0,0 +1,58 @@
+{
+    "apiVersion": "vlabs",
+    "properties": {
+        "featureFlags": {
+            "enableIPv6DualStack": true
+        },
+        "orchestratorProfile": {
+            "orchestratorType": "Kubernetes",
+            "orchestratorRelease": "1.20",
+            "kubernetesConfig": {
+                "clusterSubnet": "10.244.0.0/16,fc00::/48",
+                "serviceCidr": "10.0.0.0/16,fd00::/108",
+                "dnsServiceIP": "10.0.0.10",
+                "kubeProxyMode": "iptables",
+                "networkPlugin": "kubenet",
+                "apiServerConfig": {
+                    "--feature-gates": "IPv6DualStack=true"
+                },
+                "kubeletConfig": {
+                    "--feature-gates": "IPv6DualStack=true",
+                    "--max-pods": "110"
+                },
+                "controllerManagerConfig": {
+                    "--feature-gates": "IPv6DualStack=true"
+                }
+            }
+        },
+        "masterProfile": {
+            "count": 1,
+            "dnsPrefix": "",
+            "vmSize": "Standard_D2_v2",
+            "distro": "ubuntu"
+        },
+        "agentPoolProfiles": [
+            {
+                "name": "linuxpool1",
+                "count": 2,
+                "vmSize": "Standard_D2_v2",
+                "distro": "ubuntu"
+            }
+        ],
+        "linuxProfile": {
+            "adminUsername": "azureuser",
+            "ssh": {
+                "publicKeys": [
+                    {
+                        "keyData": ""
+                    }
+                ]
+            }
+        },
+        "servicePrincipalProfile": {
+            "clientId": "",
+            "secret": ""
+        }
+    }
+}
+
diff --git a/examples/dualstack/kubernetes.json b/examples/dualstack/kubernetes.json
@@ -16,7 +16,9 @@
                     "--feature-gates": "IPv6DualStack=true"
                 },
                 "kubeletConfig": {
-                    "--feature-gates": "IPv6DualStack=true"
+                    "--feature-gates": "IPv6DualStack=true",
+                    "--hairpin-mode": "hairpin-veth",
+                    "--max-pods": "110"
                 },
                 "controllerManagerConfig": {
                     "--feature-gates": "IPv6DualStack=true"
@@ -26,13 +28,15 @@
         "masterProfile": {
             "count": 1,
             "dnsPrefix": "",
-            "vmSize": "Standard_D2_v2"
+            "vmSize": "Standard_D2_v2",
+            "distro": "ubuntu"
         },
         "agentPoolProfiles": [
             {
                 "name": "linuxpool1",
                 "count": 2,
                 "vmSize": "Standard_D2_v2",
+                "distro": "ubuntu",
                 "availabilityProfile": "AvailabilitySet"
             }
         ],