Avi Kubernetes Operator Guide 1.11

AKO 1.13 1.12 1.11 1.10

Support for IPv6 in
AKO

AKO
 provides end-to-end support for IPv6 for Layer 7. This topic provides detailed explanation on the use cases, supportability, and configuration for IPv6.

Use Cases

AKO
 supports IPv6 as well as dual stack. The different use cases with details about dual stack support are as listed below:
Use Case
Dual Stack Support
Description
Frontend VIP
Supported
User can choose tohave either v6 only or dual VIPs (v4 and v6) for the virtual services.
IPv6 VIP for LoadBalancer type service is not supported (L4Policy set does not support IPv6 on
NSX Advanced Load Balancer
).
Backend (Pod IPs)
v4/v6
AKO
 will add either v4 or v6 addresses to the pools based on
AKO
 configuration (value of ipFamily field).
AKO
 does not support a mixture of v4 and v6 addresses.
Kubernetes Nodes
v4/v6
AKO
 configures routes to the pod IPs through Node IP.
AKO
 chooses either a v4 or a v6 IP based on the ipFamily attribute in
AKO
 config.
For NodePort mode,
AKO
 will choose either v4 or v6 IPs of Nodes based on the ipFamily attribute in
AKO
 config.
Avi Controller IP
v4 only
AKO
 supports only v4 IPs to communicate to the Avi Controller management interface.
Kubernetes API Server
v4 only
AKO
 supports only IPv4 to communicate to the Kubernetes API server.
v6 is not supported.

Supportability Matrix

Case
Support
Cloud
vCenter
CNI
Calico, Antrea
Kubernetes
Supported
OpenShift
Not Supported
NodeportLocal
Not Supported

Configuring Frontend Support for IPv6

Under
NetworkSettings.vipNetworklist
 in values.yaml, specify
v6cidr
 for networks.
NetworkSettings:
...
  vipNetworkList: [] # Network information of the VIP network. Multiple networks allowed only for AWS Cloud.
  # vipNetworkList:
  #  - networkName: net1
  #    cidr: 100.1.1.0/24
  #    v6cidr: 2002::1234:abcd:ffff:c0a8:101/64
...
v6cidr
 is an optional field and can be specified independent of cidr. When
v6cidr
 is specified,
AKO
 will enable auto allocation for IPv6 IPs for VIP.
AKO
 allows VIPs to have both v4 and v6 IPs.

Configuring Backend Support for IPv6

The
ipFamily
 field,
ipFamily (values: V4, V6; default: V4)
, in values.yaml determines whether
AKO
 will choose IPv6 or IPv4 IPs for pool servers. To change ipFamily,
AKO
 must reboot.
When the ipFamily is v6,
AKO
 looks for an IPv6 address for nodes to add to static routes.For Calico CNI,
AKO
 will read node IP from internal IP or node annotation projectcalico.org/IPv6Address.
For Antrea CNI,
AKO
 will read node IP from internal IP or node annotation node.antrea.io/transport-addresses, if transport interface is specified in the Antrea configuration.

Content feedback and comments