containers with ipv6 addresses can't connect to outside in k8s/calico environment containers with ipv6 addresses can't connect to outside in k8s/calico environment kubernetes kubernetes

containers with ipv6 addresses can't connect to outside in k8s/calico environment


networking kubernetes containers ipv6 calico

Enabling ipv6 on your cluster isn't as simple as you did. Just configuring ipv6 in your network isn't going to work with Kubernetes.

First and most important topic in this mater is that IPv4/IPv6 dual-stack is an alpha feature. As any alpha feature it may not work as expected.

Please go through this document to understand better the requisites to make it work in your cluster (you have to add a feature-gate).

There is also some work being done to make it possible to bootstrap a Kubernetes cluster with Dual Stack using Kubeadm, but it's not usable yet and there is no ETA for it.

There are some examples of IPv6 and dual-stack setups with other networking plugins in this repository.

This project serves two primary purposes: (i) study and validate ipv6 support in kubernetes and associated plugins (ii) provide a dev environment for implementing and testing additional functionality (e.g.dual-stack)

networking kubernetes containers ipv6 calico

I had exactily the same issue with a similar CentOS7 setup.

Besides following the instruction on the calico website and securing that all nodes had ipv6 forwarding enabled the solution was setting the environment variable CALICO_IPV6POOL_NAT_OUTGOING to true for the install-cni in the initContainers section and for the calico-node in the containers section.

In my case I also had to set the IP_AUTODETECTION_METHOD to my actual interface with the public v6 IP address.

I also explicitly added --proxy-mode=iptables to the kube-proxy parameters (which I'm not sure if it is default).

I hope this helps.

networking kubernetes containers ipv6 calico

thanks for your comments, i found that the root cause is because calico delete the route to container automatically right after about 15 second when the route was created, like below:[2020-06-20T22:12:21.292676] ff00::/8 dev caliad9673f27e9 table local metric 256 pref medium[2020-06-20T22:12:21.292723] fe80::/64 dev caliad9673f27e9 proto kernel metric 256 pref medium[2020-06-20T22:12:21.292736] 10.244.36.212 dev caliad9673f27e9 scope link[2020-06-20T22:12:21.292746] fc00:f00:0:24fe:200:8fa7:f4c7:af14 dev caliad9673f27e9 metric 1024 pref medium[2020-06-20T22:12:23.173297] local fe80::ecee:eeff:feee:eeee dev lo table local proto unspec metric 0 pref medium[2020-06-20T22:12:23.173376] local fe80:: dev lo table local proto unspec metric 0 pref medium[2020-06-20T22:12:31.734619] Deleted fc00:f00:0:24fe:200:8fa7:f4c7:af14 dev caliad9673f27e9 metric 1024 pref medium

and there's an issue report in github, they found it in calico 3.9 version, and i tried this in 3.13.4, the same result..https://github.com/projectcalico/calico/issues/2876

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last