diff --git a/pkg/apis/eksctl.io/v1alpha5/validation.go b/pkg/apis/eksctl.io/v1alpha5/validation.go index de9e90893d..55fd50ab47 100644 --- a/pkg/apis/eksctl.io/v1alpha5/validation.go +++ b/pkg/apis/eksctl.io/v1alpha5/validation.go @@ -187,6 +187,10 @@ func (c *ClusterConfig) ValidateVPCConfig() error { if c.KubernetesNetworkConfig != nil && c.KubernetesNetworkConfig.ServiceIPv4CIDR != "" { return fmt.Errorf("service ipv4 cidr is not supported with IPv6") } + + if IsEnabled(c.VPC.AutoAllocateIPv6) { + return fmt.Errorf("auto allocate ipv6 is not supported with IPv6") + } } } diff --git a/pkg/apis/eksctl.io/v1alpha5/validation_test.go b/pkg/apis/eksctl.io/v1alpha5/validation_test.go index 1525939d4a..b3c240af66 100644 --- a/pkg/apis/eksctl.io/v1alpha5/validation_test.go +++ b/pkg/apis/eksctl.io/v1alpha5/validation_test.go @@ -563,26 +563,6 @@ var _ = Describe("ClusterConfig validation", func() { Expect(err).ToNot(HaveOccurred()) }) }) - When("ipFamily is set ot IPv6 but version is not or too low", func() { - It("returns an error", func() { - ipv6 := string(api.IPV6Family) - cfg.VPC.IPFamily = &ipv6 - cfg.Addons = append(cfg.Addons, - &api.Addon{Name: api.KubeProxyAddon}, - &api.Addon{Name: api.CoreDNSAddon}, - &api.Addon{Name: api.VPCCNIAddon}, - ) - cfg.IAM = &api.ClusterIAM{ - WithOIDC: api.Enabled(), - } - cfg.Metadata.Version = "" - err = cfg.ValidateVPCConfig() - Expect(err).To(MatchError(ContainSubstring("failed to convert cluster version to semver: unable to parse first version"))) - cfg.Metadata.Version = api.Version1_12 - err = cfg.ValidateVPCConfig() - Expect(err).To(MatchError(ContainSubstring("cluster version must be >= 1.21"))) - }) - }) When("ipFamily is set ot IPv6 but version is not or too low", func() { It("returns an error", func() { ipv6 := string(api.IPV6Family) @@ -693,6 +673,25 @@ var _ = Describe("ClusterConfig validation", func() { Expect(err).To(MatchError(ContainSubstring("service ipv4 cidr is not supported with IPv6"))) }) }) + When("ipFamily is set to IPv6 and AutoAllocateIPv6 is set", func() { + It("it returns an error", func() { + ipv6 := string(api.IPV6Family) + cfg.VPC.IPFamily = &ipv6 + cfg.VPC.AutoAllocateIPv6 = api.Enabled() + cfg.Metadata.Version = api.Version1_22 + cfg.IAM = &api.ClusterIAM{ + WithOIDC: api.Enabled(), + } + cfg.Addons = append(cfg.Addons, + &api.Addon{Name: api.KubeProxyAddon}, + &api.Addon{Name: api.CoreDNSAddon}, + &api.Addon{Name: api.VPCCNIAddon}, + ) + cfg.VPC.NAT = nil + err = cfg.ValidateVPCConfig() + Expect(err).To(MatchError(ContainSubstring("auto allocate ipv6 is not supported with IPv6"))) + }) + }) }) Context("CIDRs", func() { diff --git a/userdocs/src/usage/vpc-networking.md b/userdocs/src/usage/vpc-networking.md index c24f1abf5f..35794077e4 100644 --- a/userdocs/src/usage/vpc-networking.md +++ b/userdocs/src/usage/vpc-networking.md @@ -57,6 +57,7 @@ This is an in config file setting only. When IPv6 is set, the following restrict - managed addons are defined as shows above - version must be => 1.21 - `vpc.NAT` and `serviceIPv4CIDR` fields are created by eksctl for ipv6 clusters and thus, are not supported configuration options +- AutoAllocateIPv6 is not supported together with IPv6 The default value is `IPv4`.