kubernetes-sigs · k8s-ci-robot · Sep 25, 2020 · Apr 10, 2020 · Sep 1, 2020 · Sep 11, 2020
diff --git a/Makefile b/Makefile
@@ -449,7 +449,12 @@ create-workload-cluster: $(ENVSUBST)
 	timeout --foreground 600 bash -c "while ! kubectl --kubeconfig=./kubeconfig get nodes | grep master; do sleep 1; done"
 
 	# Deploy calico
-	kubectl --kubeconfig=./kubeconfig apply -f templates/addons/calico.yaml
+	@if [[ "${CLUSTER_TEMPLATE}" == *ipv6* ]]; then \
+		kubectl --kubeconfig=./kubeconfig apply -f templates/addons/calico-ipv6.yaml; \
+	else \
+		kubectl --kubeconfig=./kubeconfig apply -f templates/addons/calico.yaml; \
+	fi
+
 
 	@echo 'run "kubectl --kubeconfig=./kubeconfig ..." to work with the new target cluster'
 

diff --git a/api/v1alpha2/azurecluster_conversion.go b/api/v1alpha2/azurecluster_conversion.go
@@ -59,13 +59,14 @@ func (src *AzureCluster) ConvertTo(dstRaw conversion.Hub) error { // nolint
 	}
 
 	dst.Status.FailureDomains = restored.Status.FailureDomains
+	dst.Spec.NetworkSpec.Vnet.CIDRBlocks = restored.Spec.NetworkSpec.Vnet.CIDRBlocks
 
 	for _, restoredSubnet := range restored.Spec.NetworkSpec.Subnets {
 		if restoredSubnet != nil {
 			for _, dstSubnet := range dst.Spec.NetworkSpec.Subnets {
 				if dstSubnet != nil && dstSubnet.Name == restoredSubnet.Name {
 					dstSubnet.RouteTable = restoredSubnet.RouteTable
-
+					dstSubnet.CIDRBlocks = restoredSubnet.CIDRBlocks
 					dstSubnet.SecurityGroup.IngressRules = restoredSubnet.SecurityGroup.IngressRules
 				}
 			}
@@ -203,6 +204,11 @@ func Convert_v1alpha3_NetworkSpec_To_v1alpha2_NetworkSpec(in *infrav1alpha3.Netw
 	return nil
 }
 
+// Convert_v1alpha3_VnetSpec_To_v1alpha2_VnetSpec.
+func Convert_v1alpha3_VnetSpec_To_v1alpha2_VnetSpec(in *infrav1alpha3.VnetSpec, out *VnetSpec, s apiconversion.Scope) error { //nolint
+	return autoConvert_v1alpha3_VnetSpec_To_v1alpha2_VnetSpec(in, out, s)
+}
+
 // Convert_v1alpha2_SubnetSpec_To_v1alpha3_SubnetSpec.
 func Convert_v1alpha2_SubnetSpec_To_v1alpha3_SubnetSpec(in *SubnetSpec, out *infrav1alpha3.SubnetSpec, s apiconversion.Scope) error { //nolint
 	return autoConvert_v1alpha2_SubnetSpec_To_v1alpha3_SubnetSpec(in, out, s)

diff --git a/api/v1alpha2/azuremachine_conversion.go b/api/v1alpha2/azuremachine_conversion.go
@@ -57,6 +57,7 @@ func restoreAzureMachineSpec(restored, dst *infrav1alpha3.AzureMachineSpec) {
 		dst.AcceleratedNetworking = restored.AcceleratedNetworking
 	}
 	dst.FailureDomain = restored.FailureDomain
+	dst.EnableIPForwarding = restored.EnableIPForwarding
 	if restored.SpotVMOptions != nil {
 		dst.SpotVMOptions = restored.SpotVMOptions.DeepCopy()
 	}

diff --git a/api/v1alpha2/zz_generated.conversion.go b/api/v1alpha2/zz_generated.conversion.go
diff --git a/api/v1alpha3/azurecluster_default.go b/api/v1alpha3/azurecluster_default.go
@@ -29,6 +29,15 @@ const (
 	DefaultNodeSubnetCIDR = "10.1.0.0/16"
 )
 
+const (
+	// DefaultVnetIPv6CIDR is the ipv6 Vnet CIDR
+	DefaultVnetIPv6CIDR = "2001:1234:5678:9a00::/56"
+	// DefaultControlPlaneSubnetIPv6CIDR is the default Control Plane Subnet CIDR
+	DefaultControlPlaneSubnetIPv6CIDR = "2001:1234:5678:9abc::/64"
+	// DefaultNodeSubnetIPv6CIDR is the default Node Subnet CIDR
+	DefaultNodeSubnetIPv6CIDR = "2001:1234:5678:9abd::/64"
+)
+
 func (c *AzureCluster) setDefaults() {
 	c.setNetworkSpecDefaults()
 }
@@ -52,8 +61,8 @@ func (c *AzureCluster) setVnetDefaults() {
 	if c.Spec.NetworkSpec.Vnet.Name == "" {
 		c.Spec.NetworkSpec.Vnet.Name = generateVnetName(c.ObjectMeta.Name)
 	}
-	if c.Spec.NetworkSpec.Vnet.CidrBlock == "" {
-		c.Spec.NetworkSpec.Vnet.CidrBlock = DefaultVnetCIDR
+	if len(c.Spec.NetworkSpec.Vnet.CIDRBlocks) == 0 {
+		c.Spec.NetworkSpec.Vnet.CIDRBlocks = []string{DefaultVnetCIDR}
 	}
 }
 
@@ -73,8 +82,8 @@ func (c *AzureCluster) setSubnetDefaults() {
 	if cpSubnet.Name == "" {
 		cpSubnet.Name = generateControlPlaneSubnetName(c.ObjectMeta.Name)
 	}
-	if cpSubnet.CidrBlock == "" {
-		cpSubnet.CidrBlock = DefaultControlPlaneSubnetCIDR
+	if len(cpSubnet.CIDRBlocks) == 0 {
+		cpSubnet.CIDRBlocks = []string{DefaultControlPlaneSubnetCIDR}
 	}
 	if cpSubnet.SecurityGroup.Name == "" {
 		cpSubnet.SecurityGroup.Name = generateControlPlaneSecurityGroupName(c.ObjectMeta.Name)
@@ -86,8 +95,8 @@ func (c *AzureCluster) setSubnetDefaults() {
 	if nodeSubnet.Name == "" {
 		nodeSubnet.Name = generateNodeSubnetName(c.ObjectMeta.Name)
 	}
-	if nodeSubnet.CidrBlock == "" {
-		nodeSubnet.CidrBlock = DefaultNodeSubnetCIDR
+	if len(nodeSubnet.CIDRBlocks) == 0 {
+		nodeSubnet.CIDRBlocks = []string{DefaultNodeSubnetCIDR}
 	}
 	if nodeSubnet.SecurityGroup.Name == "" {
 		nodeSubnet.SecurityGroup.Name = generateNodeSecurityGroupName(c.ObjectMeta.Name)

diff --git a/api/v1alpha3/azurecluster_default_test.go b/api/v1alpha3/azurecluster_default_test.go
@@ -98,7 +98,7 @@ func TestVnetDefaults(t *testing.T) {
 						Vnet: VnetSpec{
 							ResourceGroup: "custom-vnet",
 							Name:          "my-vnet",
-							CidrBlock:     DefaultVnetCIDR,
+							CIDRBlocks:    []string{DefaultVnetCIDR},
 						},
 						Subnets: Subnets{
 							{
@@ -138,7 +138,7 @@ func TestVnetDefaults(t *testing.T) {
 						Vnet: VnetSpec{
 							ResourceGroup: "cluster-test",
 							Name:          "cluster-test-vnet",
-							CidrBlock:     DefaultVnetCIDR,
+							CIDRBlocks:    []string{DefaultVnetCIDR},
 						},
 					},
 				},
@@ -154,7 +154,7 @@ func TestVnetDefaults(t *testing.T) {
 					ResourceGroup: "cluster-test",
 					NetworkSpec: NetworkSpec{
 						Vnet: VnetSpec{
-							CidrBlock: "10.0.0.0/16",
+							CIDRBlocks: []string{"10.0.0.0/16"},
 						},
 					},
 				},
@@ -169,7 +169,38 @@ func TestVnetDefaults(t *testing.T) {
 						Vnet: VnetSpec{
 							ResourceGroup: "cluster-test",
 							Name:          "cluster-test-vnet",
-							CidrBlock:     "10.0.0.0/16",
+							CIDRBlocks:    []string{"10.0.0.0/16"},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "IPv6 enabled",
+			cluster: &AzureCluster{
+				ObjectMeta: v1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					ResourceGroup: "cluster-test",
+					NetworkSpec: NetworkSpec{
+						Vnet: VnetSpec{
+							CIDRBlocks: []string{DefaultVnetCIDR, DefaultVnetIPv6CIDR},
+						},
+					},
+				},
+			},
+			output: &AzureCluster{
+				ObjectMeta: v1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					ResourceGroup: "cluster-test",
+					NetworkSpec: NetworkSpec{
+						Vnet: VnetSpec{
+							ResourceGroup: "cluster-test",
+							Name:          "cluster-test-vnet",
+							CIDRBlocks:    []string{DefaultVnetCIDR, DefaultVnetIPv6CIDR},
 						},
 					},
 				},
@@ -217,14 +248,14 @@ func TestSubnetDefaults(t *testing.T) {
 							{
 								Role:          SubnetControlPlane,
 								Name:          "cluster-test-controlplane-subnet",
-								CidrBlock:     DefaultControlPlaneSubnetCIDR,
+								CIDRBlocks:    []string{DefaultControlPlaneSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
 							{
 								Role:          SubnetNode,
 								Name:          "cluster-test-node-subnet",
-								CidrBlock:     DefaultNodeSubnetCIDR,
+								CIDRBlocks:    []string{DefaultNodeSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
@@ -243,14 +274,14 @@ func TestSubnetDefaults(t *testing.T) {
 					NetworkSpec: NetworkSpec{
 						Subnets: Subnets{
 							{
-								Role:      SubnetControlPlane,
-								Name:      "my-controlplane-subnet",
-								CidrBlock: "10.0.0.16/24",
+								Role:       SubnetControlPlane,
+								Name:       "my-controlplane-subnet",
+								CIDRBlocks: []string{"10.0.0.16/24"},
 							},
 							{
-								Role:      SubnetNode,
-								Name:      "my-node-subnet",
-								CidrBlock: "10.1.0.16/24",
+								Role:       SubnetNode,
+								Name:       "my-node-subnet",
+								CIDRBlocks: []string{"10.1.0.16/24"},
 							},
 						},
 					},
@@ -266,14 +297,14 @@ func TestSubnetDefaults(t *testing.T) {
 							{
 								Role:          SubnetControlPlane,
 								Name:          "my-controlplane-subnet",
-								CidrBlock:     "10.0.0.16/24",
+								CIDRBlocks:    []string{"10.0.0.16/24"},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
 							{
 								Role:          SubnetNode,
 								Name:          "my-node-subnet",
-								CidrBlock:     "10.1.0.16/24",
+								CIDRBlocks:    []string{"10.1.0.16/24"},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
@@ -313,14 +344,14 @@ func TestSubnetDefaults(t *testing.T) {
 							{
 								Role:          SubnetControlPlane,
 								Name:          "cluster-test-controlplane-subnet",
-								CidrBlock:     DefaultControlPlaneSubnetCIDR,
+								CIDRBlocks:    []string{DefaultControlPlaneSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
 							{
 								Role:          SubnetNode,
 								Name:          "cluster-test-node-subnet",
-								CidrBlock:     DefaultNodeSubnetCIDR,
+								CIDRBlocks:    []string{DefaultNodeSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
@@ -356,17 +387,72 @@ func TestSubnetDefaults(t *testing.T) {
 							{
 								Role:          SubnetNode,
 								Name:          "my-node-subnet",
-								CidrBlock:     DefaultNodeSubnetCIDR,
+								CIDRBlocks:    []string{DefaultNodeSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
 							{
 								Role:          SubnetControlPlane,
 								Name:          "cluster-test-controlplane-subnet",
-								CidrBlock:     DefaultControlPlaneSubnetCIDR,
+								CIDRBlocks:    []string{DefaultControlPlaneSubnetCIDR},
+								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
+								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+							},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "subnets specified with IPv6 enabled",
+			cluster: &AzureCluster{
+				ObjectMeta: v1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					NetworkSpec: NetworkSpec{
+						Vnet: VnetSpec{
+							CIDRBlocks: []string{"2001:be00::1/56"},
+						},
+						Subnets: Subnets{
+							{
+								Name:       "cluster-test-controlplane-subnet",
+								Role:       "control-plane",
+								CIDRBlocks: []string{"2001:beef::1/64"},
+							},
+							{
+								Name:       "cluster-test-node-subnet",
+								Role:       "node",
+								CIDRBlocks: []string{"2001:beea::1/64"},
+							},
+						},
+					},
+				},
+			},
+			output: &AzureCluster{
+				ObjectMeta: v1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					NetworkSpec: NetworkSpec{
+						Vnet: VnetSpec{
+							CIDRBlocks: []string{"2001:be00::1/56"},
+						},
+						Subnets: Subnets{
+							{
+								Role:          SubnetControlPlane,
+								Name:          "cluster-test-controlplane-subnet",
+								CIDRBlocks:    []string{"2001:beef::1/64"},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
+							{
+								Role:          SubnetNode,
+								Name:          "cluster-test-node-subnet",
+								CIDRBlocks:    []string{"2001:beea::1/64"},
+								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
+								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+							},
 						},
 					},
 				},

diff --git a/api/v1alpha3/azuremachine_types.go b/api/v1alpha3/azuremachine_types.go
@@ -87,6 +87,12 @@ type AzureMachineSpec struct {
 	// +optional
 	AllocatePublicIP bool `json:"allocatePublicIP,omitempty"`
 
+	// EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI's to send traffic from a pods on one machine
+	// to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller
+	// manager). Default is false for disabled.
+	// +optional
+	EnableIPForwarding bool `json:"enableIPForwarding,omitempty"`
+
 	// AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on
 	// whether the requested VMSize supports accelerated networking.
 	// If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error.