diff --git a/templates/addons/cilium/cilium-ipv6.yaml b/templates/addons/cilium/cilium-ipv6.yaml new file mode 100644 index 000000000..807dcd08e --- /dev/null +++ b/templates/addons/cilium/cilium-ipv6.yaml @@ -0,0 +1,29 @@ +apiVersion: addons.cluster.x-k8s.io/v1alpha1 +kind: HelmChartProxy +metadata: + name: cilium-ipv6 +spec: + clusterSelector: + matchLabels: + cni: cilium + ipv6: "true" + repoURL: https://helm.cilium.io/ + chartName: cilium + namespace: kube-system + version: ${CILIUM_VERSION:=1.15.0} + options: + waitForJobs: true + wait: true + timeout: 5m + valuesTemplate: | + ipv6: + enabled: true + ipam: + mode: kubernetes + k8s: + requireIPv4PodCIDR: true + hubble: + relay: + enabled: true + ui: + enabled: true diff --git a/templates/addons/cilium/cilium.yaml b/templates/addons/cilium/cilium.yaml index 5527f3a2c..bd778bfef 100644 --- a/templates/addons/cilium/cilium.yaml +++ b/templates/addons/cilium/cilium.yaml @@ -4,8 +4,9 @@ metadata: name: cilium spec: clusterSelector: - matchLabels: - cni: cilium + matchExpressions: + - {key: ipv6, operator: DoesNotExist} + - {key: cni, operator: In, values: ['cilium']} repoURL: https://helm.cilium.io/ chartName: cilium namespace: kube-system diff --git a/templates/addons/cilium/kustomization.yaml b/templates/addons/cilium/kustomization.yaml index 07edafad1..eafa3a9d3 100644 --- a/templates/addons/cilium/kustomization.yaml +++ b/templates/addons/cilium/kustomization.yaml @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - cilium.yaml + - cilium-ipv6.yaml diff --git a/templates/common-init-files/secret.yaml b/templates/common-init-files/secret.yaml index d0906c7a1..b3e8246c6 100644 --- a/templates/common-init-files/secret.yaml +++ b/templates/common-init-files/secret.yaml @@ -22,6 +22,7 @@ stringData: net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 + net.ipv6.conf.all.forwarding = 1 kubeadm-pre-init.sh: | #!/bin/bash set -euo pipefail diff --git a/templates/flavors/dual-stack/kustomization.yaml b/templates/flavors/dual-stack/kustomization.yaml new file mode 100644 index 000000000..90671dd1b --- /dev/null +++ b/templates/flavors/dual-stack/kustomization.yaml @@ -0,0 +1,42 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ../default + +patches: + - target: + group: cluster.x-k8s.io + version: v1beta1 + kind: Cluster + patch: |- + apiVersion: cluster.x-k8s.io/v1beta1 + kind: Cluster + metadata: + name: ${CLUSTER_NAME} + labels: + ipv6: true + spec: + clusterNetwork: + pods: + cidrBlocks: + - 10.192.0.0/10 + - fd02::/80 + services: + cidrBlocks: + - 10.96.0.0/12 + - fd03::/108 + - target: + group: controlplane.cluster.x-k8s.io + version: v1beta1 + kind: KubeadmControlPlane + patch: |- + apiVersion: controlplane.cluster.x-k8s.io/v1beta1 + kind: KubeadmControlPlane + metadata: + name: ${CLUSTER_NAME}-control-plane + spec: + kubeadmConfigSpec: + clusterConfiguration: + controllerManager: + extraArgs: + node-cidr-mask-size-ipv6: "96"