Dual Stack Support for Remote Kubernetes and CM HA

The host and the remote Kubernetes can be configured with the IPv6 address, by setting the ipv6-mode to dual-stack in the configuration file.

This section provides sample configurations for the SMI Management Cluster with Cluster Manager HA and CEE, and the remote Kubernetes with the pod subnet, service subnet and the docker subnet configured with IPv6 address.

The following are the default IPv6 addresses for the subnets:

  • The default IPv6 subnet for pod subnet is fd20::0/112

  • The default IPv6 subnet for service subnet is fd20::0/112

  • The default IPv6 CIDR for docker subnet is fd00::/80

Note
  • You must reset the cluster after upgrading an IPv4 cluster with dual stack.

  • The network interfaces that are configured using the clusters nodes k8s node-ip CLI command must have an IPv6 address.

For deployment information, see the SMI Cluster Manager in High Availability section.

Dual Stack Configuration for Remote Kubernetes

Prerequisites

The following are the prerequisites for deploying the remote Kubernetes cluster for dual stack configuration:

  • SMI Cluster Manager and CEE are deployed.

  • All the pods are running.

  • The network is configured to interact with the remote cluster CIN on both IPv4 and IPv6.

The following is the sample configuration for remote Kubernetes:


software cnf cee
 url                            <repo_url>
 user                           <user>
 password                       <password>
 accept-self-signed-certificate false
 sha256                         <sha256_hash>
exit
software cnf cm
 url                            <url>
 user                           <username>
 password                       <password>
 accept-self-signed-certificate false
 sha256                         <sha256_hash>
exit
environments ucs
 ucs-server
exit
feature-gates alpha true
clusters tb16-2
 environment ucs
 vm-defaults upf software 74879
 vm-defaults upf networking management netmask 255.255.255.192
 vm-defaults upf networking management gateway 10.84.114.193
 vm-defaults upf networking management interface-type bridge
 vm-defaults upf networking management bridge name ex4000
 vm-defaults upf day0 username starent
 vm-defaults upf day0 password <password>
 vm-defaults upf day0 syslog-ip 10.192.1.101
 node-defaults ssh-username cloud-user
 node-defaults kvm fluent-forwarding host 10.192.1.59
 node-defaults kvm fluent-forwarding port 24224
 node-defaults kvm fluent-forwarding disable-tls true
 node-defaults initial-boot default-user cloud-user
 node-defaults initial-boot default-user-ssh-public-key <ssh_public_key>
 node-defaults initial-boot default-user-password <password>
 node-defaults initial-boot netplan ethernets eno5
  dhcp4 false
  dhcp6 false
 exit
 node-defaults initial-boot netplan ethernets eno6
  dhcp4 false
Aborted: by user
[upf-cm-tb16-2-cm1] SMI Cluster Deployer# show running-config clusters tb16-ipv6 
clusters tb16-ipv6
 environment ucs
 addons ingress bind-ip-address 10.84.114.206
 addons ingress bind-ip-address-internal 10.192.1.61
 addons cpu-partitioner enabled
 configuration master-virtual-ip        10.84.114.206
 configuration master-virtual-ip-interface vlan3540
 configuration additional-master-virtual-ip 10.192.1.61
 configuration additional-master-virtual-ip-interface vlan1001
 configuration ipv6-mode                dual-stack
 configuration pod-subnet               12.0.0.0/16
 configuration allow-insecure-registry  true
 configuration docker-address-pools pool1
  base 192.51.0.0/16
  size 24
 exit
 node-defaults ssh-username cloud-user
 node-defaults initial-boot default-user cloud-user
 node-defaults initial-boot default-user-ssh-public-key <ssh_public_key>
 node-defaults initial-boot default-user-password <password>
 node-defaults initial-boot netplan ethernets eno5
  dhcp4 false
  dhcp6 false
 exit
 node-defaults initial-boot netplan ethernets eno6
  dhcp4 false
  dhcp6 false
 exit
 node-defaults initial-boot netplan bonds bd0
  dhcp4      false
  dhcp6      false
  optional   true
  interfaces [ eno5 eno6 ]
  parameters mode      active-backup
  parameters mii-monitor-interval 100
  parameters fail-over-mac-policy active
 exit
 node-defaults initial-boot netplan vlans vlan1001
  dhcp4 false
  dhcp6 false
  id    1001
  link  bd0
 exit
 node-defaults k8s ssh-connection-private-key <ssh_connection_key>
 node-defaults ucs-server cimc user admin
 node-defaults ucs-server cimc password <password>
 node-defaults ucs-server cimc networking ntp enabled
 node-defaults ucs-server cimc networking ntp servers 192.200.0.29
 exit
 node-defaults os netplan-additions vlans vlan3540
  dhcp4    false
  dhcp6    false
  gateway4 10.84.114.193
  gateway6 2001:420:2c7f:f690::1
  nameservers search [ cisco.com ]
  nameservers addresses [ 10.84.96.130 64.102.6.247 161.44.124.122 ]
  id       3540
  link     bd0
 exit
 node-defaults os ntp enabled
 node-defaults os ntp servers ntp.esl.cisco.com
 exit
 nodes controlplane1
  ssh-ip 10.192.1.62
  type   k8s
  k8s node-type control-plane
  k8s ssh-ip   10.192.1.62
  k8s node-ip  10.192.1.62
  k8s ssh-username cloud-user
  k8s node-labels smi.cisco.com/node-type oam
  exit
  ucs-server cimc ip-address 192.100.0.6
  initial-boot netplan vlans vlan1001
   addresses [ 10.192.1.62/24 fd32:e985:ce1:fff2::106/64 ]
   routes 10.192.1.0/24 10.192.1.1
   exit
  exit
  os netplan-additions vlans vlan3540
   addresses [ 10.84.114.246/26 2001:420:2c7f:f690::f106/64 ]
  exit
 exit
 nodes controlplane2
  ssh-ip 10.192.1.63
  type   k8s
  k8s node-type control-plane
  k8s ssh-ip   10.192.1.63
  k8s node-ip  10.192.1.63
  k8s ssh-username cloud-user
  k8s node-labels smi.cisco.com/node-type oam
  exit
  ucs-server cimc ip-address 192.100.0.5
  initial-boot netplan vlans vlan1001
   addresses [ 10.192.1.63/24 fd32:e985:ce1:fff2::105/64 ]
   routes 10.192.1.0/24 10.192.1.1
   exit
  exit
  os netplan-additions vlans vlan3540
   addresses [ 10.84.114.248/26 2001:420:2c7f:f690::f105/64 ]
  exit
 exit
 nodes controlplane3
  ssh-ip 10.192.1.64
  type   k8s
  k8s node-type control-plane
  k8s ssh-ip   10.192.1.64
  k8s node-ip  10.192.1.64
  k8s ssh-username cloud-user
  k8s node-labels smi.cisco.com/node-type oam
  exit
  ucs-server cimc ip-address 192.100.0.4
  initial-boot netplan vlans vlan1001
   addresses [ 10.192.1.64/24 fd32:e985:ce1:fff2::104/64 ]
   routes 10.192.1.0/24 10.192.1.1
   exit
  exit
  os netplan-additions vlans vlan3540
   addresses [ 10.84.114.250/26 2001:420:2c7f:f690::f104/64 ]
  exit
 exit
 ops-centers cee voice
  repository-local cee
  initial-boot-parameters use-volume-claims true
  initial-boot-parameters first-boot-password <password>
  initial-boot-parameters auto-deploy true
  initial-boot-parameters single-node false
 exit
exit

Dual Stack Configuration for SMI Management Cluster with CM HA and CEE

Prerequisites

  • The management cluster is deployed comprising of the CM HA active and standby nodes and CEE.

  • Inception cluster manager is deployed

  • All the containers are running.

  • The network is configured to interact with the remote cluster CIN on both IPv4 and IPv6.

The following is the configuration for management cluster:


software cnf cee
 url                            <repo_url>
 user                           <username>
 password                       <password>
 accept-self-signed-certificate false
 sha256                         <sha256_hash
exit
software cnf cm
 url                            <repo_url>
 user                           <username>
 password                       <password>
 accept-self-signed-certificate false
 sha256                         <sha256_hash>
exit
environments ucs
 ucs-server
exit
feature-gates alpha true
clusters tb16-ipv6-ha
 environment ucs
 addons ingress bind-ip-address 10.84.114.206
 addons ingress bind-ip-address-internal 10.192.1.61
 addons cpu-partitioner enabled
 configuration master-virtual-ip        10.84.114.206
 configuration master-virtual-ip-interface vlan3540
 configuration additional-master-virtual-ip 10.192.1.61
 configuration additional-master-virtual-ip-interface vlan1001
 configuration ipv6-mode                dual-stack
 configuration pod-subnet               12.0.0.0/16
 configuration allow-insecure-registry  true
 configuration docker-address-pools pool1
  base 192.51.0.0/16
  size 24
 exit
 node-defaults ssh-username cloud-user
 node-defaults initial-boot default-user cloud-user
 node-defaults initial-boot default-user-ssh-public-key "<SSH_Public_Key>"
 node-defaults initial-boot default-user-password <user_password>
 node-defaults initial-boot netplan ethernets eno5
  dhcp4 false
  dhcp6 false
 exit
 node-defaults initial-boot netplan ethernets eno6
  dhcp4 false
  dhcp6 false
 exit
 node-defaults initial-boot netplan bonds bd0
  dhcp4      false
  dhcp6      false
  optional   true
  interfaces [ eno5 eno6 ]
  parameters mode      active-backup
  parameters mii-monitor-interval 100
  parameters fail-over-mac-policy active
 exit
 node-defaults initial-boot netplan vlans vlan1001
  dhcp4 false
  dhcp6 false
  id    1001
  link  bd0
 exit
 node-defaults k8s ssh-connection-private-key <ssh_connection_key>
 node-defaults ucs-server cimc user admin
 node-defaults ucs-server cimc password <password>
 node-defaults ucs-server cimc networking ntp enabled
 node-defaults ucs-server cimc networking ntp servers 192.200.0.29
 exit
 node-defaults os netplan-additions vlans vlan3540
  dhcp4    false
  dhcp6    false
  gateway4 10.84.114.193
  gateway6 2001:420:2c7f:f690::1
  nameservers search [ cisco.com ]
  nameservers addresses [ 10.84.96.130 64.102.6.247 161.44.124.122 ]
  id       3540
  link     bd0
 exit
 node-defaults os ntp enabled
 node-defaults os ntp servers ntp.esl.cisco.com
 exit
 nodes controlplane1
  ssh-ip 10.192.1.62
  type   k8s
  k8s node-type control-plane
  k8s node-ip  10.192.1.61
  k8s ssh-username cloud-user
  k8s node-labels smi.cisco.com/node-type oam
  exit
  ucs-server cimc ip-address 192.100.0.6
  initial-boot netplan vlans vlan1001
   addresses [ 10.192.1.62/24 fd32:e985:ce1:fff2::106/64 ]
   routes 10.192.1.0/24 10.192.1.1
   exit
  exit
  os netplan-additions vlans vlan3540
   addresses [ 10.84.114.246/26 2001:420:2c7f:f690::f106/64 ]
  exit
 exit
 nodes controlplane2
  ssh-ip 10.192.1.63
  type   k8s
  k8s node-type backup
  k8s node-ip  10.192.1.61
  k8s ssh-username cloud-user
  k8s node-labels smi.cisco.com/node-type oam
  exit
  ucs-server cimc ip-address 192.100.0.5
  initial-boot netplan vlans vlan1001
   addresses [ 10.192.1.63/24 fd32:e985:ce1:fff2::105/64 ]
   routes 10.192.1.0/24 10.192.1.1
   exit
  exit
  os netplan-additions vlans vlan3540
   addresses [ 10.84.114.248/26 2001:420:2c7f:f690::f105/64 ]
  exit
 exit
 cluster-manager enabled
 cluster-manager repository-local cm
 cluster-manager netconf-port 831
 cluster-manager ssh-port 2023
 cluster-manager initial-boot-parameters first-boot-password <password>
 ops-centers cee voice
  repository-local cee
  initial-boot-parameters use-volume-claims true
  initial-boot-parameters first-boot-password <password>
  initial-boot-parameters auto-deploy true
  initial-boot-parameters single-node false
 exit
exit
Note

To improve scalability, if you must switch to PCIe from an mLOM card, where the K8s internal network is on VLAN 107, change the network bond value from bd0 to bd1.

Considering that the CEE and SMF are shut down, you must only move the VIP from bd0 to bd1 without changing the IP subnet.