celoman/abril
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4acbe91b6c
abril/molecule/ipv6/README.md
Simon Leiner a1ef590442
Add support for API servers on IPv6 addresses (#48) 
* Remove duplicate file for deletion

* Add support for IPv6 clusters

To correctly escape IPv6 addresses when ports are used, they must be
wrapped in square brackets [1]. This patch adds support for that,
using Ansible's ipwrap filter [2].

[1]: https://datatracker.ietf.org/doc/html/rfc4038#section-5.1
[2]: http://docs.ansible.com/ansible/latest/collections/ansible/utils/docsite/filters_ipaddr.html#wrapping-ipv6-addresses-in-brackets

* Do not abort other molecule jobs on failure

* Fix cache keys for Vagrant boxes

* Molecule: Derive overrides.yml location from scenario dir

# Conflicts:
#	molecule/default/molecule.yml
#	molecule/ipv6/molecule.yml
2022-09-10 12:57:38 -05:00

1.4 KiB
Raw Blame History

Sample IPv6 configuration for k3s-ansible

This scenario contains a cluster configuration which is IPv6 first, but still supports dual-stack networking with IPv4 for most things. This means:

  • The API server VIP is an IPv6 address.
  • The MetalLB pool consists of both IPv4 and IPv4 addresses.
  • Nodes as well as cluster-internal resources (pods and services) are accessible via IPv4 as well as IPv6.

Network design

All IPv6 addresses used in this scenario share a single /48 prefix: fdad:bad:ba55. The following subnets are used:

  • fdad:bad:ba55:0::/64 is the subnet which contains the cluster components meant for external access. That includes:

    • The VIP for the Kubernetes API server: fdad:bad:ba55::333
    • Services load-balanced by MetalLB: fdad:bad:ba55::1b:0/112
    • Cluster nodes: fdad:bad:ba55::de:0/112
    • The host executing Vagrant: fdad:bad:ba55::1

    In a home lab setup, this might be your LAN.

  • fdad:bad:ba55:4200::/56 is used internally by the cluster for pods.

  • fdad:bad:ba55:4300::/108 is used internally by the cluster for services.

IPv4 networking is also available:

  • The nodes have addresses inside 192.168.123.0/24. MetalLB also has a bit of address space in this range: 192.168.123.80-192.168.123.90
  • For pods and services, the k3s defaults (10.42.0.0/16 and 10.43.0.0/16) are used.

Note that the host running Vagrant is not part any of these IPv4 networks.