Expose Ip-Family for IPV6 (#1089) (#1098)

### Proposed changes This PR exposes the `ipFamily` argument to enable creating EKS clusters that support ipv6 networking. Modified from #888 and rebased on top of latest changes in master. An additional cluster with ipv6 is also created to test that cluster creation works as expected. ### Related issues (optional) Closes: #698 Closes: #684 --------- Co-authored-by: David Roth <david.roth@fusonic.net> Co-authored-by: Mikhail Shilkov <github@mikhail.io> Co-authored-by: Kyle Pitzen <kpitzen@pulumi.com>
pulumi · Mar 29, 2024 · e55b0c2 · e55b0c2
1 parent 449635c
commit e55b0c2
Show file tree

Hide file tree

Showing 11 changed files with 219 additions and 44 deletions.
diff --git a/examples/cluster-go/go.mod b/examples/cluster-go/go.mod
@@ -3,8 +3,9 @@ module github.com/pulumi/pulumi-eks/examples/cluster-go
 go 1.21
 
 require (
+	github.com/pulumi/pulumi-awsx/sdk/v2 v2.6.0
 	github.com/pulumi/pulumi-eks/sdk/v2 v2.0.0
-	github.com/pulumi/pulumi/sdk/v3 v3.91.1
+	github.com/pulumi/pulumi/sdk/v3 v3.93.0
 )
 
 require (
@@ -56,7 +57,8 @@ require (
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pkg/term v1.1.0 // indirect
 	github.com/pulumi/esc v0.5.6 // indirect
-	github.com/pulumi/pulumi-aws/sdk/v6 v6.5.0 // indirect
+	github.com/pulumi/pulumi-aws/sdk/v6 v6.9.0 // indirect
+	github.com/pulumi/pulumi-docker/sdk/v4 v4.4.3 // indirect
 	github.com/pulumi/pulumi-kubernetes/sdk/v4 v4.4.0 // indirect
 	github.com/rivo/uniseg v0.4.4 // indirect
 	github.com/rogpeppe/go-internal v1.11.0 // indirect
@@ -66,7 +68,6 @@ require (
 	github.com/skeema/knownhosts v1.2.1 // indirect
 	github.com/spf13/cobra v1.7.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/stretchr/objx v0.2.0 // indirect
 	github.com/texttheater/golang-levenshtein v1.0.1 // indirect
 	github.com/tweekmonster/luser v0.0.0-20161003172636-3fa38070dbd7 // indirect
 	github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect
@@ -83,7 +84,7 @@ require (
 	golang.org/x/term v0.16.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/tools v0.14.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20230706204954-ccb25ca9f130 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20230731190214-cbb8c96f2d6d // indirect
 	google.golang.org/grpc v1.57.1 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect

diff --git a/examples/cluster-go/go.sum b/examples/cluster-go/go.sum
@@ -144,14 +144,18 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/pulumi/esc v0.5.6 h1:4WV3X7OEVcChIwbSG+JxhZDdmq/q7lFPaSjHRYlPwmI=
 github.com/pulumi/esc v0.5.6/go.mod h1:wpwNfVS5fV7Kd51j4dJ6FWYlKfxdqyppgp0gtkzqH04=
-github.com/pulumi/pulumi-aws/sdk/v6 v6.5.0 h1:ouyCTAVyK7oeWPbAhWOd6mZQTIt3/56/Zc3OsLnvYLA=
-github.com/pulumi/pulumi-aws/sdk/v6 v6.5.0/go.mod h1:UeOesX8l9ntIiiKXdQue8/rQDAvSf7Spd5qf15qngcY=
+github.com/pulumi/pulumi-aws/sdk/v6 v6.9.0 h1:lXAuHTQpahA/AOE7MstBsoQi4E6by1nKII1WRO3oq+w=
+github.com/pulumi/pulumi-aws/sdk/v6 v6.9.0/go.mod h1:j9uDjldfM/PmtXTpmRtHdsmsay3bW4pVYb4cI6OdAvw=
+github.com/pulumi/pulumi-awsx/sdk/v2 v2.6.0 h1:7zFrdh++eXUKy0/JoEWKfP8M4NGkXXfehZCjruvqRd8=
+github.com/pulumi/pulumi-awsx/sdk/v2 v2.6.0/go.mod h1:CtpHJJVO9sgvuE9NK7x0s9A6lLUNnuEQ5YR3CSuLUL4=
+github.com/pulumi/pulumi-docker/sdk/v4 v4.4.3 h1:gQC2As+wE8QflbLCG90jLaKwIpqW3yl1y327Jj6ovbI=
+github.com/pulumi/pulumi-docker/sdk/v4 v4.4.3/go.mod h1:i19ZhFjFQrngtXYLHp3kjZNRmnEnq/DUdXK6/CBk77o=
 github.com/pulumi/pulumi-eks/sdk/v2 v2.0.0 h1:GW9iXeqQ1vUSxGzBKsUxGmJhisWGKLyzfNScFH1YL84=
 github.com/pulumi/pulumi-eks/sdk/v2 v2.0.0/go.mod h1:R78goYV0suAcOfMuGpY4/pBONCO6r0eiFUmi4KLXZz0=
 github.com/pulumi/pulumi-kubernetes/sdk/v4 v4.4.0 h1:3KABRBQJXIgvp7YfMoEcGUyAAtqGYROosOg+oRSNi3I=
 github.com/pulumi/pulumi-kubernetes/sdk/v4 v4.4.0/go.mod h1:oufYFmFad22ALcYN1AW6pE41qpz4YsyCWNPevg1j9c4=
-github.com/pulumi/pulumi/sdk/v3 v3.91.1 h1:6I9GMmHv23X+G6hoduU1XE6hBWSNtB+zcb1MX17YvlA=
-github.com/pulumi/pulumi/sdk/v3 v3.91.1/go.mod h1:zYaQQibB2pYKy/uG4c4YkX7lQIBpZ0KsuMaq/3HsIBQ=
+github.com/pulumi/pulumi/sdk/v3 v3.93.0 h1:5InTUxulGuPMXQbnrruIbOEJylRkRWfoDyQIj6dtsYA=
+github.com/pulumi/pulumi/sdk/v3 v3.93.0/go.mod h1:zeqyIODqbb6GrEyhFV6aJET/xBSXSnF7Bw/EjbYZUnU=
 github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
 github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
 github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis=
@@ -173,8 +177,8 @@ github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRM
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48=
-github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
+github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
@@ -290,8 +294,8 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20230706204954-ccb25ca9f130 h1:2FZP5XuJY9zQyGM5N0rtovnoXjiMUEIUMvw0m9wlpLc=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20230706204954-ccb25ca9f130/go.mod h1:8mL13HKkDa+IuJ8yruA3ci0q+0vsUz4m//+ottjwS5o=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20230731190214-cbb8c96f2d6d h1:pgIUhmqwKOUlnKna4r6amKdUngdL8DrkpFeV8+VBElY=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20230731190214-cbb8c96f2d6d/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM=
 google.golang.org/grpc v1.57.1 h1:upNTNqv0ES+2ZOOqACwVtS3Il8M12/+Hz41RCPzAjQg=
 google.golang.org/grpc v1.57.1/go.mod h1:Sd+9RMTACXwmub0zcNY2c4arhtrbBYD1AUHI/dt16Mo=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
@@ -312,7 +316,7 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 lukechampine.com/frand v1.4.2 h1:RzFIpOvkMXuPMBb9maa4ND4wjBn71E1Jpf8BzJHMaVw=
 lukechampine.com/frand v1.4.2/go.mod h1:4S/TM2ZgrKejMcKMbeLjISpJMO+/eZ1zu3vYX9dtj3s=
-pgregory.net/rapid v0.5.5 h1:jkgx1TjbQPD/feRoK+S/mXw9e1uj6WilpHrXJowi6oA=
-pgregory.net/rapid v0.5.5/go.mod h1:PY5XlDGj0+V1FCq0o192FdRhpKHGTRIWBgqjDBTrq04=
+pgregory.net/rapid v0.6.1 h1:4eyrDxyht86tT4Ztm+kvlyNBLIk071gR+ZQdhphc9dQ=
+pgregory.net/rapid v0.6.1/go.mod h1:PY5XlDGj0+V1FCq0o192FdRhpKHGTRIWBgqjDBTrq04=
 sourcegraph.com/sourcegraph/appdash v0.0.0-20211028080628-e2786a622600 h1:hfyJ5ku9yFtLVOiSxa3IN+dx5eBQT9mPmKFypAmg8XM=
 sourcegraph.com/sourcegraph/appdash v0.0.0-20211028080628-e2786a622600/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU=
diff --git a/examples/cluster-go/main.go b/examples/cluster-go/main.go
@@ -1,6 +1,10 @@
 package main
 
 import (
+	"fmt"
+	"strings"
+
+	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
 	"github.com/pulumi/pulumi-eks/sdk/v2/go/eks"
 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 )
@@ -28,6 +32,8 @@ func main() {
 			return err
 		}
 
+		// Create a cluster that avoids conflicts between default settings and mutually exclusive arguments
+		// https://github.com/pulumi/pulumi-eks/pull/813
 		cluster3, err := eks.NewCluster(ctx, "example-cluster-3", &eks.ClusterArgs{
 			NodeGroupOptions: &eks.ClusterNodeGroupOptionsArgs{
 				DesiredCapacity: pulumi.IntPtr(2),
@@ -39,10 +45,76 @@ func main() {
 			return err
 		}
 
-		// Export the kubeconfig for clusters
+		//////////////////////////////////////////////////
+		///     Create an ipv6 enabled EKS cluster     ///
+		//////////////////////////////////////////////////
+
+		// 1. Create a VPC with IPv6 CIDR block.
+		vpc, err := ec2.NewVpc(ctx, "ipv6-vpc", &ec2.VpcArgs{
+			AssignGeneratedIpv6CidrBlock: pulumi.Bool(true),
+			EnableDnsSupport:             pulumi.Bool(true),
+			EnableDnsHostnames:           pulumi.Bool(true),
+			CidrBlock:                    pulumi.String("10.100.0.0/16"),
+		})
+		if err != nil {
+			return err
+		}
+
+		// 2. Create two subnets with IPv6 CIDR block in two different availability zones.
+		//    EKS requires at least two subnets in different availability zones.
+		var subnetIDs []pulumi.StringInput
+		for idx, az := range []string{"us-west-2a", "us-west-2b"} {
+			subnet, err := ec2.NewSubnet(ctx, fmt.Sprintf("ipv6-subnet-%d", idx), &ec2.SubnetArgs{
+				VpcId:                       vpc.ID().ToStringOutput(),
+				AssignIpv6AddressOnCreation: pulumi.Bool(true),
+				AvailabilityZone:            pulumi.String(az),
+				CidrBlock:                   pulumi.String(fmt.Sprintf("10.100.%d.0/24", len(subnetIDs))),
+				Ipv6CidrBlock:               calculateIPV6CidrBlock(vpc.Ipv6CidrBlock, idx),
+			})
+			if err != nil {
+				return err
+			}
+
+			subnetIDs = append(subnetIDs, subnet.ID().ToStringOutput())
+		}
+
+		// 3. Create an EKS cluster with IPv6 networking enabled.
+		cluster4, err := eks.NewCluster(ctx, "example-cluster-4", &eks.ClusterArgs{
+			IpFamily:         pulumi.StringPtr("ipv6"),
+			VpcId:            vpc.ID().ToStringOutput(),
+			SubnetIds:        pulumi.StringArray(subnetIDs),
+			UseDefaultVpcCni: func() *bool { t := true; return &t }(),
+			NodeGroupOptions: &eks.ClusterNodeGroupOptionsArgs{
+				DesiredCapacity: pulumi.IntPtr(2),
+				MinSize:         pulumi.IntPtr(2),
+				MaxSize:         pulumi.IntPtr(2),
+			},
+		})
+		if err != nil {
+			return err
+		}
+
+		//////////////////////////////////////////
+		///     Export cluster kubeconfigs     ///
+		//////////////////////////////////////////
+
 		ctx.Export("kubeconfig1", cluster1.Kubeconfig)
 		ctx.Export("kubeconfig2", cluster2.Kubeconfig)
 		ctx.Export("kubeconfig3", cluster3.Kubeconfig)
+		ctx.Export("kubeconfig4", cluster4.Kubeconfig)
 		return nil
 	})
 }
+
+// calculateIPV6CidrBlock is a very simple function to calculate the ipv6 subnet cidr block for testing purpose.
+// Usage for real workloads should implement a more robust function.
+// Example: If the VPC ipv6 cidr block is 2600:1f13:e6:c000::/56, then the subnet ipv6 cidr block will be:
+// 2600:1f13:e6:c005::/64, 2600:1f13:e6:c006::/64, 2600:1f13:e6:c007::/64, ...
+func calculateIPV6CidrBlock(ipv6CidrBlock pulumi.StringOutput, subnetID int) pulumi.StringInput {
+	return ipv6CidrBlock.ApplyT(func(cidr string) (string, error) {
+		cidrStripped := strings.TrimSuffix(cidr, "::/56")
+		cidrStripped = cidrStripped[:len(cidrStripped)-1]
+		return fmt.Sprintf("%s%d::/64", cidrStripped, subnetID+5), nil
+
+	}).(pulumi.StringOutput)
+}
diff --git a/examples/examples_go_test.go b/examples/examples_go_test.go
@@ -70,7 +70,7 @@ func getGoBaseOptions(t *testing.T) integration.ProgramTestOptions {
 			"aws:region": region,
 		},
 		Dependencies: []string{
-			"github.com/pulumi/pulumi-eks/sdk",
+			"github.com/pulumi/pulumi-eks/sdk/v2",
 		},
 		Verbose: true,
 	})

diff --git a/nodejs/eks/cluster.ts b/nodejs/eks/cluster.ts
@@ -562,11 +562,14 @@ export function createCore(
     let kubernetesNetworkConfig:
         | pulumi.Output<aws.types.input.eks.ClusterKubernetesNetworkConfig>
         | undefined;
-    if (args.kubernetesServiceIpAddressRange) {
-        kubernetesNetworkConfig = pulumi
-            .output(args.kubernetesServiceIpAddressRange)
-            .apply((serviceIpv4Cidr) => ({ serviceIpv4Cidr }));
-    }
+        if (args.kubernetesServiceIpAddressRange || args.ipFamily ) {
+            kubernetesNetworkConfig = pulumi.all([args.kubernetesServiceIpAddressRange, args.ipFamily]).apply(
+                ([serviceIpv4Cidr, ipFamily = "ipv4"]) => ({ 
+                    serviceIpv4Cidr: ipFamily === "ipv4" ? serviceIpv4Cidr : undefined, // only applicable for IPv4 IP family 
+                    ipFamily: ipFamily 
+                }),
+            );
+        }
 
     // Create the EKS cluster
     const eksCluster = new aws.eks.Cluster(
@@ -1542,6 +1545,13 @@ export interface ClusterOptions {
      * - Between /24 and /12.
      */
     kubernetesServiceIpAddressRange?: pulumi.Input<string>;
+
+    /**
+     * The IP family used to assign Kubernetes pod and service addresses. Valid values are ipv4 (default) and ipv6.
+     * You can only specify an IP family when you create a cluster, changing this value will force
+     * a new cluster to be created.
+     */
+    ipFamily?: pulumi.Input<string>;
 }
 
 /**

diff --git a/provider/cmd/pulumi-gen-eks/main.go b/provider/cmd/pulumi-gen-eks/main.go
@@ -597,12 +597,18 @@ func generateSchema() schema.PackageSpec {
 							"See for more details:\n" +
 							"- https://aws.amazon.com/about-aws/whats-new/2020/03/amazon-eks-adds-envelope-encryption-for-secrets-with-aws-kms/",
 					},
+					"ipFamily": {
+						TypeSpec: schema.TypeSpec{Type: "string"},
+						Description: "The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`.\n" +
+							"You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.",
+						ReplaceOnChanges: true,
+					},
 					"kubernetesServiceIpAddressRange": {
 						TypeSpec: schema.TypeSpec{Type: "string"},
 						Description: "The CIDR block to assign Kubernetes service IP addresses from. If you don't\n" +
 							"specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or\n" +
-							"172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap\n" +
-							"with resources in other networks that are peered or connected to your VPC. You can only specify\n" +
+							"172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block\n" +
+							"that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify\n" +
 							"a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created.\n\n" +
 							"The block must meet the following requirements:\n" +
 							"- Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0.0/12, or 192.168.0.0/16.\n" +

diff --git a/provider/cmd/pulumi-resource-eks/schema.json b/provider/cmd/pulumi-resource-eks/schema.json
@@ -757,9 +757,14 @@
                     "type": "string",
                     "description": "The instance type to use for the cluster's nodes. Defaults to \"t2.medium\"."
                 },
+                "ipFamily": {
+                    "type": "string",
+                    "description": "The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`.\nYou can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.",
+                    "replaceOnChanges": true
+                },
                 "kubernetesServiceIpAddressRange": {
                     "type": "string",
-                    "description": "The CIDR block to assign Kubernetes service IP addresses from. If you don't\nspecify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or\n172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap\nwith resources in other networks that are peered or connected to your VPC. You can only specify\na custom CIDR block when you create a cluster, changing this value will force a new cluster to be created.\n\nThe block must meet the following requirements:\n- Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0.0/12, or 192.168.0.0/16.\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between /24 and /12."
+                    "description": "The CIDR block to assign Kubernetes service IP addresses from. If you don't\nspecify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or\n172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block\nthat does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify\na custom CIDR block when you create a cluster, changing this value will force a new cluster to be created.\n\nThe block must meet the following requirements:\n- Within one of the following private IP address blocks: 10.0.0.0/8, 172.16.0.0.0/12, or 192.168.0.0/16.\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between /24 and /12."
                 },
                 "maxSize": {
                     "type": "integer",

diff --git a/sdk/dotnet/Cluster.cs b/sdk/dotnet/Cluster.cs
@@ -281,11 +281,18 @@ public InputList<Pulumi.Aws.Iam.Role> InstanceRoles
         [Input("instanceType")]
         public Input<string>? InstanceType { get; set; }
 
+        /// <summary>
+        /// The IP family used to assign Kubernetes pod and service addresses. Valid values are `ipv4` (default) and `ipv6`.
+        /// You can only specify an IP family when you create a cluster, changing this value will force a new cluster to be created.
+        /// </summary>
+        [Input("ipFamily")]
+        public Input<string>? IpFamily { get; set; }
+
         /// <summary>
         /// The CIDR block to assign Kubernetes service IP addresses from. If you don't
         /// specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or
-        /// 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap
-        /// with resources in other networks that are peered or connected to your VPC. You can only specify
+        /// 172.20.0.0/16 CIDR blocks. This setting only applies to IPv4 clusters. We recommend that you specify a block
+        /// that does not overlap with resources in other networks that are peered or connected to your VPC. You can only specify
         /// a custom CIDR block when you create a cluster, changing this value will force a new cluster to be created.
         /// 
         /// The block must meet the following requirements:

diff --git a/sdk/go/eks/cluster.go b/sdk/go/eks/cluster.go