服务部署在k8s集群上,目前已实现IPv4/IPv6双协议栈:

    1. 实现的功能:
      1. 双协议栈Pod网络(每个Pod分配一个IPv4和IPv6地址)
      2. IPv4和IPv6启用的Service
      3. Pod的集群外出口通过IPv4和IPv6路由
    2. 具体实现(IPv6方面):

    2.1 基础环境支持IPv6
    2.1.1 网络运行商支持IPv6协议并已提供IPv6地址;
    2.1.2 集群各个物理节点配置IPv6
    a. 加载ipv6模块

    1. modprobe ipv6

    b. 配置内核参数,支持ipv6功能

    1. net.ipv6.conf.all.disable_ipv6 = 0
    2. net.ipv6.conf.default.disable_ipv6 = 0
    3. net.ipv6.conf.lo.disable_ipv6 = 0
    4. net.ipv6.conf.all.forwarding=1

    c. 启用Ipv6网络并配置ipv6地址

    1. NETWORKING_IPV6=yes
    2. IPV6INIT=yes
    3. IPV6_AUTOCONF=no
    4. IPV6ADDR=
    5. IPV6_DEFAULTGW=

    2.2 k8s集群启用ipv6
    2.2.1 kubernetes从1.16+以后支持的ipv6协议栈,此次部署为k8s 18+版本,k8s各个核心组件在集群初始化过程会开启ipv6配置;
    a. kube-apiserver

    1. --feature-gates=IPv6DualStack=true
    2. --service-cluster-ip-range=10.96.0.0/12,fd00::/108

    b. kube-controller-manager

    1. --feature-gates=IPv6DualStack=true
    2. --service-cluster-ip-range=10.96.0.0/12,fd00::/108
    3. --cluster-cidr=172.16.0.0/16,fc00::/48
    4. --node-cidr-mask-size-ipv4=24
    5. --node-cidr-mask-size-ipv6=64

    c. kubelet

    1. KUBELET_EXTRA_ARGS="--feature-gates=IPv6DualStack=true"

    d. kube-proxy

    1. data:
    2.   config.conf: |-
    3.     ......
    4.     featureGates:
    5.       IPv6DualStack: true
    6.     clusterCIDR: 172.16.0.0/16,fc00::/48

    2.2.2 k8s集群的网络插件calico支持ipv5

    1.     "ipam": {
    2.         "type": "calico-ipam",
    3.         "assign_ipv4": "true",
    4.         "assign_ipv6": "true"
    5.     },
    6.     - name: IP
    7.       value: "autodetect"
    9.     - name: IP6
    10.       value: "autodetect"
    12.     - name: CALICO_IPV4POOL_CIDR
    13.       value: "172.16.0.0/16"
    15.     - name: CALICO_IPV6POOL_CIDR
    16.       value: "fc00::/48"
    18.     - name: FELIX_IPV6SUPPORT
    19.       value: "true"