github.com/openshift/installer@v1.4.17/docs/user/openstack/connect_nodes_to_ipv6_network.md

github.com/openshift/installer@v1.4.17/docs/user/openstack/connect_nodes_to_ipv6_network.md (about)

     1  # Connecting worker nodes and pods to an IPv6 network
     2  
     3  To connect your workers at the time of installation you can use [additionalNetworkIDs](https://github.com/openshift/installer/blob/master/docs/user/openstack/customization.md#additional-networks) parameter in the install config and set IPv6 network ID there:
     4  
     5  Example OpenShift install config:
     6  
     7  ```yaml
     8  ...
     9  compute:
    10  - name: worker
    11    platform:
    12      openstack:
    13        additionalNetworkIDs:
    14        - <ipv6_network_id>
    15  ...
    16  ```
    17  
    18  > **Note**
    19  > To use Stateful IPv6 Networks, the arg `ip=dhcp,dhcp6` needs to be included in the kernel args of the Worker nodes,
    20  > otherwise the Nodes won't get an IPv6 address due to a [bug][dhcpv6-bug].
    21  > Use the [procedure][add-kernel-args] to add kernel argument to the Nodes.
    22  
    23  ## Enable connectivity to the pods
    24  
    25  To enable connectivity between pods with additional Network on different Nodes, the Port security needs to be disabled for the IPv6 Port of the Server. This way it's possible to avoid adding an allowed-address-pairs with an IP and MAC address in the Server's IPv6 Port whenever a new pod gets created.
    26  
    27  ```sh
    28  openstack port set --no-security-group --disable-port-security <worker-ipv6-port>
    29  ```
    30  
    31  ## Add IPv6 connectivity to pods
    32  
    33  Create a file named `network.yaml` and specify [the desired CNI config][configuring-an-additional-network]. Here is an example of CNI config used for slaac address mode with macvlan:
    34  
    35  ```yaml
    36  spec:
    37    additionalNetworks:
    38    - name: ipv6
    39      namespace: ipv6
    40      rawCNIConfig: '{ "cniVersion": "0.3.1", "name": "ipv6", "type": "macvlan", "master": "ens4"}'
    41      type: Raw
    42  ```
    43  
    44  The node's interface specified in the Network attachment `master` field may differ from `ens4` when more additional networks are configured or when a different Kernel driver is used.
    45  
    46  > **Note**
    47  > When using Stateful address mode, specify the `ipam` section in the CNI config,
    48  > otherwise no address is configured in the additional interface of the pod.
    49  > Also, note that DHCPv6 is not yet supported by [Multus][dhcpv6-multus].
    50  
    51  then run:
    52  
    53  ```sh
    54  oc patch network.operator cluster --patch "$(cat network.yaml)" --type=merge
    55  ```
    56  
    57  It takes a while for the network definition to be enforced.
    58  You can check with the following command:
    59  
    60  ```sh
    61  oc get network-attachment-definitions -A
    62  ```
    63  
    64  ## Create pods with IPv6 network
    65  
    66  To create pods with IPv6 network make sure to create them on the same Namespace specified in the `additionalNetworks`
    67  and specify the following annotation `k8s.v1.cni.cncf.io/networks: <additional-network-name>`.
    68  
    69  [dhcpv6-bug]: https://issues.redhat.com/browse/OCPBUGS-2104
    70  [add-kernel-args]: https://docs.openshift.com/container-platform/4.11/nodes/nodes/nodes-nodes-managing.html#nodes-nodes-kernel-arguments_nodes-nodes-managing
    71  [configuring-an-additional-network]: https://docs.openshift.com/container-platform/4.11/networking/multiple_networks/configuring-additional-network.html#configuring-additional-network_approaches-managing-additional-network
    72  [dhcpv6-multus]: https://issues.redhat.com/browse/SDN-2844