To connect your workers at the time of installation you can use additionalNetworkIDs parameter in the install config and set IPv6 network ID there:
Example OpenShift install config:
...
compute:
- name: worker
platform:
openstack:
additionalNetworkIDs:
- <ipv6_network_id>
...Note To use Stateful IPv6 Networks, the arg
ip=dhcp,dhcp6needs to be included in the kernel args of the Worker nodes, otherwise the Nodes won't get an IPv6 address due to a bug. Use the procedure to add kernel argument to the Nodes.
To enable connectivity between pods with additional Network on different Nodes, the Port security needs to be disabled for the IPv6 Port of the Server. This way it's possible to avoid adding an allowed-address-pairs with an IP and MAC address in the Server's IPv6 Port whenever a new pod gets created.
openstack port set --no-security-group --disable-port-security <worker-ipv6-port>Create a file named network.yaml and specify the desired CNI config. Here is an example of CNI config used for slaac address mode with macvlan:
spec:
additionalNetworks:
- name: ipv6
namespace: ipv6
rawCNIConfig: '{ "cniVersion": "0.3.1", "name": "ipv6", "type": "macvlan", "master": "ens4"}'
type: RawThe node's interface specified in the Network attachment master field may differ from ens4 when more additional networks are configured or when a different Kernel driver is used.
Note When using Stateful address mode, specify the
ipamsection in the CNI config, otherwise no address is configured in the additional interface of the pod. Also, note that DHCPv6 is not yet supported by Multus.
then run:
oc patch network.operator cluster --patch "$(cat network.yaml)" --type=mergeIt takes a while for the network definition to be enforced. You can check with the following command:
oc get network-attachment-definitions -ATo create pods with IPv6 network make sure to create them on the same Namespace specified in the additionalNetworks
and specify the following annotation k8s.v1.cni.cncf.io/networks: <additional-network-name>.