Dual Stack Support for Remote Kubernetes and CM HA
The host and the remote Kubernetes can be configured with the IPv6 address, by setting the ipv6-mode to dual-stack in the configuration file.
This section provides sample configurations for the SMI Management Cluster with Cluster Manager HA and CEE, and the remote Kubernetes with the pod subnet, service subnet and the docker subnet configured with IPv6 address.
The following are the default IPv6 addresses for the subnets:
-
The default IPv6 subnet for pod subnet is fd20::0/112
-
The default IPv6 subnet for service subnet is fd20::0/112
-
The default IPv6 CIDR for docker subnet is fd00::/80
Note |
|
For deployment information, see the SMI Cluster Manager in High Availability section.
Dual Stack Configuration for Remote Kubernetes
Prerequisites
The following are the prerequisites for deploying the remote Kubernetes cluster for dual stack configuration:
-
SMI Cluster Manager and CEE are deployed.
-
All the pods are running.
-
The network is configured to interact with the remote cluster CIN on both IPv4 and IPv6.
The following is the sample configuration for remote Kubernetes:
software cnf cee
url <repo_url>
user <user>
password <password>
accept-self-signed-certificate false
sha256 <sha256_hash>
exit
software cnf cm
url <url>
user <username>
password <password>
accept-self-signed-certificate false
sha256 <sha256_hash>
exit
environments ucs
ucs-server
exit
feature-gates alpha true
clusters tb16-2
environment ucs
vm-defaults upf software 74879
vm-defaults upf networking management netmask 255.255.255.192
vm-defaults upf networking management gateway 10.84.114.193
vm-defaults upf networking management interface-type bridge
vm-defaults upf networking management bridge name ex4000
vm-defaults upf day0 username starent
vm-defaults upf day0 password <password>
vm-defaults upf day0 syslog-ip 10.192.1.101
node-defaults ssh-username cloud-user
node-defaults kvm fluent-forwarding host 10.192.1.59
node-defaults kvm fluent-forwarding port 24224
node-defaults kvm fluent-forwarding disable-tls true
node-defaults initial-boot default-user cloud-user
node-defaults initial-boot default-user-ssh-public-key <ssh_public_key>
node-defaults initial-boot default-user-password <password>
node-defaults initial-boot netplan ethernets eno5
dhcp4 false
dhcp6 false
exit
node-defaults initial-boot netplan ethernets eno6
dhcp4 false
Aborted: by user
[upf-cm-tb16-2-cm1] SMI Cluster Deployer# show running-config clusters tb16-ipv6
clusters tb16-ipv6
environment ucs
addons ingress bind-ip-address 10.84.114.206
addons ingress bind-ip-address-internal 10.192.1.61
addons cpu-partitioner enabled
configuration master-virtual-ip 10.84.114.206
configuration master-virtual-ip-interface vlan3540
configuration additional-master-virtual-ip 10.192.1.61
configuration additional-master-virtual-ip-interface vlan1001
configuration ipv6-mode dual-stack
configuration pod-subnet 12.0.0.0/16
configuration allow-insecure-registry true
configuration docker-address-pools pool1
base 192.51.0.0/16
size 24
exit
node-defaults ssh-username cloud-user
node-defaults initial-boot default-user cloud-user
node-defaults initial-boot default-user-ssh-public-key <ssh_public_key>
node-defaults initial-boot default-user-password <password>
node-defaults initial-boot netplan ethernets eno5
dhcp4 false
dhcp6 false
exit
node-defaults initial-boot netplan ethernets eno6
dhcp4 false
dhcp6 false
exit
node-defaults initial-boot netplan bonds bd0
dhcp4 false
dhcp6 false
optional true
interfaces [ eno5 eno6 ]
parameters mode active-backup
parameters mii-monitor-interval 100
parameters fail-over-mac-policy active
exit
node-defaults initial-boot netplan vlans vlan1001
dhcp4 false
dhcp6 false
id 1001
link bd0
exit
node-defaults k8s ssh-connection-private-key <ssh_connection_key>
node-defaults ucs-server cimc user admin
node-defaults ucs-server cimc password <password>
node-defaults ucs-server cimc networking ntp enabled
node-defaults ucs-server cimc networking ntp servers 192.200.0.29
exit
node-defaults os netplan-additions vlans vlan3540
dhcp4 false
dhcp6 false
gateway4 10.84.114.193
gateway6 2001:420:2c7f:f690::1
nameservers search [ cisco.com ]
nameservers addresses [ 10.84.96.130 64.102.6.247 161.44.124.122 ]
id 3540
link bd0
exit
node-defaults os ntp enabled
node-defaults os ntp servers ntp.esl.cisco.com
exit
nodes controlplane1
ssh-ip 10.192.1.62
type k8s
k8s node-type control-plane
k8s ssh-ip 10.192.1.62
k8s node-ip 10.192.1.62
k8s ssh-username cloud-user
k8s node-labels smi.cisco.com/node-type oam
exit
ucs-server cimc ip-address 192.100.0.6
initial-boot netplan vlans vlan1001
addresses [ 10.192.1.62/24 fd32:e985:ce1:fff2::106/64 ]
routes 10.192.1.0/24 10.192.1.1
exit
exit
os netplan-additions vlans vlan3540
addresses [ 10.84.114.246/26 2001:420:2c7f:f690::f106/64 ]
exit
exit
nodes controlplane2
ssh-ip 10.192.1.63
type k8s
k8s node-type control-plane
k8s ssh-ip 10.192.1.63
k8s node-ip 10.192.1.63
k8s ssh-username cloud-user
k8s node-labels smi.cisco.com/node-type oam
exit
ucs-server cimc ip-address 192.100.0.5
initial-boot netplan vlans vlan1001
addresses [ 10.192.1.63/24 fd32:e985:ce1:fff2::105/64 ]
routes 10.192.1.0/24 10.192.1.1
exit
exit
os netplan-additions vlans vlan3540
addresses [ 10.84.114.248/26 2001:420:2c7f:f690::f105/64 ]
exit
exit
nodes controlplane3
ssh-ip 10.192.1.64
type k8s
k8s node-type control-plane
k8s ssh-ip 10.192.1.64
k8s node-ip 10.192.1.64
k8s ssh-username cloud-user
k8s node-labels smi.cisco.com/node-type oam
exit
ucs-server cimc ip-address 192.100.0.4
initial-boot netplan vlans vlan1001
addresses [ 10.192.1.64/24 fd32:e985:ce1:fff2::104/64 ]
routes 10.192.1.0/24 10.192.1.1
exit
exit
os netplan-additions vlans vlan3540
addresses [ 10.84.114.250/26 2001:420:2c7f:f690::f104/64 ]
exit
exit
ops-centers cee voice
repository-local cee
initial-boot-parameters use-volume-claims true
initial-boot-parameters first-boot-password <password>
initial-boot-parameters auto-deploy true
initial-boot-parameters single-node false
exit
exit
Dual Stack Configuration for SMI Management Cluster with CM HA and CEE
Prerequisites
-
The management cluster is deployed comprising of the CM HA active and standby nodes and CEE.
-
Inception cluster manager is deployed
-
All the containers are running.
-
The network is configured to interact with the remote cluster CIN on both IPv4 and IPv6.
The following is the configuration for management cluster:
software cnf cee
url <repo_url>
user <username>
password <password>
accept-self-signed-certificate false
sha256 <sha256_hash
exit
software cnf cm
url <repo_url>
user <username>
password <password>
accept-self-signed-certificate false
sha256 <sha256_hash>
exit
environments ucs
ucs-server
exit
feature-gates alpha true
clusters tb16-ipv6-ha
environment ucs
addons ingress bind-ip-address 10.84.114.206
addons ingress bind-ip-address-internal 10.192.1.61
addons cpu-partitioner enabled
configuration master-virtual-ip 10.84.114.206
configuration master-virtual-ip-interface vlan3540
configuration additional-master-virtual-ip 10.192.1.61
configuration additional-master-virtual-ip-interface vlan1001
configuration ipv6-mode dual-stack
configuration pod-subnet 12.0.0.0/16
configuration allow-insecure-registry true
configuration docker-address-pools pool1
base 192.51.0.0/16
size 24
exit
node-defaults ssh-username cloud-user
node-defaults initial-boot default-user cloud-user
node-defaults initial-boot default-user-ssh-public-key "<SSH_Public_Key>"
node-defaults initial-boot default-user-password <user_password>
node-defaults initial-boot netplan ethernets eno5
dhcp4 false
dhcp6 false
exit
node-defaults initial-boot netplan ethernets eno6
dhcp4 false
dhcp6 false
exit
node-defaults initial-boot netplan bonds bd0
dhcp4 false
dhcp6 false
optional true
interfaces [ eno5 eno6 ]
parameters mode active-backup
parameters mii-monitor-interval 100
parameters fail-over-mac-policy active
exit
node-defaults initial-boot netplan vlans vlan1001
dhcp4 false
dhcp6 false
id 1001
link bd0
exit
node-defaults k8s ssh-connection-private-key <ssh_connection_key>
node-defaults ucs-server cimc user admin
node-defaults ucs-server cimc password <password>
node-defaults ucs-server cimc networking ntp enabled
node-defaults ucs-server cimc networking ntp servers 192.200.0.29
exit
node-defaults os netplan-additions vlans vlan3540
dhcp4 false
dhcp6 false
gateway4 10.84.114.193
gateway6 2001:420:2c7f:f690::1
nameservers search [ cisco.com ]
nameservers addresses [ 10.84.96.130 64.102.6.247 161.44.124.122 ]
id 3540
link bd0
exit
node-defaults os ntp enabled
node-defaults os ntp servers ntp.esl.cisco.com
exit
nodes controlplane1
ssh-ip 10.192.1.62
type k8s
k8s node-type control-plane
k8s node-ip 10.192.1.61
k8s ssh-username cloud-user
k8s node-labels smi.cisco.com/node-type oam
exit
ucs-server cimc ip-address 192.100.0.6
initial-boot netplan vlans vlan1001
addresses [ 10.192.1.62/24 fd32:e985:ce1:fff2::106/64 ]
routes 10.192.1.0/24 10.192.1.1
exit
exit
os netplan-additions vlans vlan3540
addresses [ 10.84.114.246/26 2001:420:2c7f:f690::f106/64 ]
exit
exit
nodes controlplane2
ssh-ip 10.192.1.63
type k8s
k8s node-type backup
k8s node-ip 10.192.1.61
k8s ssh-username cloud-user
k8s node-labels smi.cisco.com/node-type oam
exit
ucs-server cimc ip-address 192.100.0.5
initial-boot netplan vlans vlan1001
addresses [ 10.192.1.63/24 fd32:e985:ce1:fff2::105/64 ]
routes 10.192.1.0/24 10.192.1.1
exit
exit
os netplan-additions vlans vlan3540
addresses [ 10.84.114.248/26 2001:420:2c7f:f690::f105/64 ]
exit
exit
cluster-manager enabled
cluster-manager repository-local cm
cluster-manager netconf-port 831
cluster-manager ssh-port 2023
cluster-manager initial-boot-parameters first-boot-password <password>
ops-centers cee voice
repository-local cee
initial-boot-parameters use-volume-claims true
initial-boot-parameters first-boot-password <password>
initial-boot-parameters auto-deploy true
initial-boot-parameters single-node false
exit
exit
Note | To improve scalability, if you must switch to PCIe from an mLOM card, where the K8s internal network is on VLAN 107, change the network bond value from bd0 to bd1. Considering that the CEE and SMF are shut down, you must only move the VIP from bd0 to bd1 without changing the IP subnet. |