Troubleshooting dual-stack Nexus Kubernetes Cluster configuration issues
This guide provides detailed steps for troubleshooting issues related to setting up a dual stack Nexus Kubernetes cluster. If you've created a dual stack cluster but are experiencing issues, this guide will help you identify and resolve potential configuration problems.
Prerequisites
- Install the latest version of the az CLI extensions
- Tenant ID
- Necessary permissions to make changes to the cluster configuration.
Dual-stack configuration
Dual-stack configuration involves running both IPv4 and IPv6 protocols on your CNI network. This allows Kubernetes services that support both protocols to communicate over either IPv4 or IPv6.
Common issues
- A dual-stack Nexus Kubernetes cluster has been established, yet you're having trouble observing the dual-stack address on the CNI network. Additionally, the Kubernetes services are not receiving dual-stack addresses.
Configuration steps
- Step 1: Verifying dual-stack L3 network
Make certain that your Layer 3 (L3) network, serving as the Container Network Interface (CNI), is properly set up to manage both IPv4 and IPv6 traffic. Utilize the az networkcloud l3network show command for validation.
- Example:
"ipAllocationType": "DualStack",
"ipv4ConnectedPrefix": "166.XXX.XXX.X/24",
"ipv6ConnectedPrefix": fda0:XXXX:XXXX:XXX::/64,
Note
If the output only contains an IPv4 address, please consult the prerequisites for deploying tenant workloads to establish a dual-stack network.
- Step 2: Validating Nexus Kubernetes Cluster configuration:
To ensure proper configuration for dual-stack networking in your Nexus Kubernetes cluster, follow these steps:
- Execute the command
az networkcloud kubernetescluster showto retrieve information about your cluster. - Examine the
networkConfigurationsection in theaz networkcloud kubernetescluster showoutput. - Confirm that
podCidrsandserviceCidrsare set as arrays, each containing one IPv4 prefix and one IPv6 prefix. - To enable the Kubernetes service to have a dual-stack address, make sure that the IP pool configuration includes both IPv4 and IPv6 addresses. For additional information, refer to the IP address pool configuration section in the how-to available at IP address pool configuration for more details.
By following these steps, you can guarantee the correct setup of dual-stack networking in your Nexus Kubernetes cluster.
Example:
"podCidrs": [ "10.XXX.X.X/16", "fdbe:8fbe:17b7:0::/64" ], "serviceCidrs": [ "10.XXX.X.X/16", "fda0:XXXX:XXXX:ffff::/108" ]
Note
The prefix length for IPv6 serviceCidrs must be >= 108 (for example, /64 won't work).
- Step 3: Ensuring proper peering configuration:
If the configurations in steps 1 and 2 are correct but traffic issues persist, please ensure that any peering connections or routes between your cluster and external networks are properly established for both IPv4 and IPv6 traffic. When Nexus Kubernetes cluster isn't configured with IPv6 in "podCidrs" and "serviceCidrs," IPv4 peering occurs on CE but not IPv6.
Action: Review and update peering configurations as necessary to accommodate dual stack traffic.
Sample output
Output without IPv6 configuration:
BGP summary information Router identifier 10.X.XXX.XX, local AS number 65501 Neighbor Status Codes: m - Under maintenance Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc 107.XXX.XX.X 4 64906 222452 239726 0 0 7d02h Estab(NotNegotiated) ...Output with IPv6 configuration:
BGP summary information Router identifier 10.X.XXX.XX, local AS number 65501 Neighbor Status Codes: m - Under maintenance Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc 107.XXX.XX.X 4 64906 246524 265580 0 0 7d20h Estab(NotNegotiated) ...
Additional recommendations:
Scrutinize logs and error messages for indicators of configuration issues.
Conclusion
Setting up a dual-stack configuration involves enabling both IPv4 and IPv6 on your network, and ensuring services can communicate over both. By following the steps outlined in this guide, you should be able to identify and resolve common configuration issues related to setting up a dual stack cluster. If you continue to experience difficulties, consider seeking further assistance from your network administrator or consulting platform-specific support resources.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for