Adding IPV6 as Additional Network on a Pod

This is tested using OCP 4.6

In this demonstration, we will have a secondary network interface (ens224) on my worker3.hub.ocp-poc-demo.com node. This interface will be used to attach an additional network to a CENTOS tools pod.

The steps I am following are mostly from:

https://docs.openshift.com/container-platform/4.6/networking/multiple_networks/configuring-ipvlan.html#configuring-ipvlan

https://docs.openshift.com/container-platform/4.6/networking/multiple_networks/attaching-pod.html#attaching-pod

1. I added a secondary NIC to my worker3 node ahead of time. It is attached to the public network and its interface name is ens224.

2. I’m going to label this node with net=ipv6 since this is the only node with a ens224 interface.

oc label nodes worker3.hub.ocp-poc-demo.com net=ipv6

3. Next, I am going to create my namespace/project called test-1 that will hold the network-attachment-definition and the pod.

4. Now, I am going to edit the cluster network operator.

oc edit networks.operator.openshift.io cluster

Edit with the following:

I will explain the settings I used:

name: test-network-1 (this is the network-attachment-definition name)
namespace: test-1 (this is the namespace that will hold the pod and the network-attachment-definition)
rawCNIConfig:

cniVersion: 0.3.1
name: test-network-1 (needs to be same as above)
type: ipvlan
master: ens224 (this is the secondary interface that was added to worker3)
mode: l2
ipam is using wherabouts which acts like a dhcp server. My public (routable) ip range is 2602:fff9:1::/64. I am using the 1 and 2 IPs so am starting with 3 and assigning up to 10.
type: raw

5. Once you apply these settings, go to the test-1 project and ensure that the test-network-1 network-attachment-definition exists.

oc project test-1
oc get network-attachment-definitions

6. Now, let’s create the pod that will be assigned a secondary ipv6 interface. I am calling it sample-pod.yaml

-This is running a centos/tools container.

-We add the k8s.v1.cni.cncf.io/networks: test-network-1 annotation which tells the pod to attach to the test-network-1 attachment that was created.

-It runs /sbin/init which allows us to login to the pod to run some commands

-The nodeSelector is “net: ipv6” which will land the pod on worker3.

7. Now, run “oc create -f sample-pod.yaml

8. Let’s run an “oc get events

This shows us that the pod was created and that the secondary interface was assigned 2602:fff9:1::3 IP address.

9. Let’s ping this IP from the Internet

I used the following site:

https://tools.keycdn.com/ipv6-ping

Leave a Reply