diff --git a/examples/dualstack/README.md b/examples/dualstack/README.md index 2d98c7ca69..2798f6d024 100644 --- a/examples/dualstack/README.md +++ b/examples/dualstack/README.md @@ -1,31 +1,27 @@ -# AKS Engine - Dual Stack clusters +# AKS Engine - Dual-stack clusters ## Overview -AKS Engine enables you to create dual stack (IPv4 *and* IPv6) Kubernetes clusters on Microsoft Azure. +AKS Engine enables you to create dual-stack (IPv4 *and* IPv6) Kubernetes clusters on Microsoft Azure. -- Dual stack support is available for Kubernetes version 1.16.0 and later -- Dual stack services support was added in 1.20.0 (recommended kubernetes version) +- Dual-stack support is available for Kubernetes version 1.16.0 and later +- Dual-stack services support was added in 1.20.0 (recommended kubernetes version) > Official docs are available here - https://kubernetes.io/docs/concepts/services-networking/dual-stack/ -In order to create IPv6 enabled Azure virtual networks and use standard loadbalancer with IPv6 you must first configure your subscription [as follows](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-ipv4-ipv6-dual-stack-cli#prerequisites). - -This example shows you how to configure a dual stack cluster: +This example shows you how to configure a dual-stack cluster: 1. **kubernetes.json** - deploying and using [Kubernetes](kubernetes.json). -**Note** - -The default node CIDR mask size for IPv6 is /64 and the default clusters subnet is `fc00::/48`. In 1.17+ node CIDR mask size can be configured by +The default node CIDR mask size for IPv6 is /64 and the default clusters subnet is `fc00::/48`. In 1.17+ node CIDR mask size can be configured by: -``` +```yaml "controllerManagerConfig" : { "--node-cidr-mask-size-ipv6": } ``` -**The difference between node CIDR mask size and cluster subnet mask size can't be > 16** +> The difference between node CIDR mask size and cluster subnet mask size can't be > 16** Things to try out after the cluster is deployed - @@ -106,8 +102,8 @@ spec: type: LoadBalancer ``` -``` -azureuser@k8s-master-13083844-0:~$ kubectl get svc +```bash +$ kubectl get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE kubernetes ClusterIP 10.0.0.1 443/TCP 58m nginx-ipv6 LoadBalancer fd00::6283 2603:1030:805:3::3 80:31140/TCP 32s @@ -115,13 +111,13 @@ nginx-ipv6 LoadBalancer fd00::6283 2603:1030:805:3::3 80:31140/TCP ## Limitations -- Dual stack clusters are supported only with kubenet and azurecni. - - Dual stack cluster with azurecni are only supported with `bridge` network mode. -- Dual stack clusters are supported only with Linux. -- Dual stack clusters with Windows is not supported at this time because it requires - - Kubernetes version 1.19+ and - - [backport to 2004 to support dualstack containers](https://github.com/Azure/aks-engine/issues/3568). -- Dual stack clusters are supported with - - ipvs kube-proxy mode (Kubernetes version 1.16+) - - iptables kube-proxy mode (Kubernetes version 1.18+). -- API model enables Azure Standard LB for dual stack clusters. Azure Basic LBs have a limitation of only 1 IPv6 frontend configurations while Standard LB supports up to 600 IPv6 frontend configurations. +- Dual-stack clusters are supported only with kubenet and azurecni. + - Dual-stack cluster with azurecni are only supported with `bridge` network mode. +- Dual-stack clusters are supported only with Linux. +- Dual-stack clusters with Windows is not supported at this time because it requires + - Kubernetes version 1.19+ and + - [backport to 2004 to support dual-stack containers](https://github.com/Azure/aks-engine/issues/3568). +- Dual-stack clusters are supported with + - `ipvs` kube-proxy mode (Kubernetes version 1.16+) + - `iptables` kube-proxy mode (Kubernetes version 1.18+). +- API model enables Azure Standard LB for dual-stack clusters. Azure Basic LBs have a limitation of only 1 IPv6 frontend configurations while Standard LB supports up to 600 IPv6 frontend configurations. diff --git a/examples/dualstack/kubernetes-iptables.json b/examples/dualstack/kubernetes-iptables.json new file mode 100644 index 0000000000..ec7a0682f3 --- /dev/null +++ b/examples/dualstack/kubernetes-iptables.json @@ -0,0 +1,58 @@ +{ + "apiVersion": "vlabs", + "properties": { + "featureFlags": { + "enableIPv6DualStack": true + }, + "orchestratorProfile": { + "orchestratorType": "Kubernetes", + "orchestratorRelease": "1.20", + "kubernetesConfig": { + "clusterSubnet": "10.244.0.0/16,fc00::/48", + "serviceCidr": "10.0.0.0/16,fd00::/108", + "dnsServiceIP": "10.0.0.10", + "kubeProxyMode": "iptables", + "networkPlugin": "kubenet", + "apiServerConfig": { + "--feature-gates": "IPv6DualStack=true" + }, + "kubeletConfig": { + "--feature-gates": "IPv6DualStack=true", + "--max-pods": "110" + }, + "controllerManagerConfig": { + "--feature-gates": "IPv6DualStack=true" + } + } + }, + "masterProfile": { + "count": 1, + "dnsPrefix": "", + "vmSize": "Standard_D2_v2", + "distro": "ubuntu" + }, + "agentPoolProfiles": [ + { + "name": "linuxpool1", + "count": 2, + "vmSize": "Standard_D2_v2", + "distro": "ubuntu" + } + ], + "linuxProfile": { + "adminUsername": "azureuser", + "ssh": { + "publicKeys": [ + { + "keyData": "" + } + ] + } + }, + "servicePrincipalProfile": { + "clientId": "", + "secret": "" + } + } +} + diff --git a/examples/dualstack/kubernetes.json b/examples/dualstack/kubernetes.json index 85ce6c415f..a13e1e7d9e 100644 --- a/examples/dualstack/kubernetes.json +++ b/examples/dualstack/kubernetes.json @@ -16,7 +16,9 @@ "--feature-gates": "IPv6DualStack=true" }, "kubeletConfig": { - "--feature-gates": "IPv6DualStack=true" + "--feature-gates": "IPv6DualStack=true", + "--hairpin-mode": "hairpin-veth", + "--max-pods": "110" }, "controllerManagerConfig": { "--feature-gates": "IPv6DualStack=true" @@ -26,13 +28,15 @@ "masterProfile": { "count": 1, "dnsPrefix": "", - "vmSize": "Standard_D2_v2" + "vmSize": "Standard_D2_v2", + "distro": "ubuntu" }, "agentPoolProfiles": [ { "name": "linuxpool1", "count": 2, "vmSize": "Standard_D2_v2", + "distro": "ubuntu", "availabilityProfile": "AvailabilitySet" } ],