Enabling IPv6 on EKS clusters with VPC CNI
TypeScriptTo enable IPv6 on EKS clusters with VPC CNI, we must set up a few resources. We will create an EKS cluster and configure it to use the Amazon VPC CNI plugin with IPv6 enabled. First, ensure that your VPC is configured to support IPv6, and subnets have IPv6 CIDR blocks assigned.
Here is a step-by-step guide and the corresponding Pulumi program written in TypeScript to achieve this:
- Create an EKS Cluster: We will use the
aws.eks.Cluster
resource to set up an EKS cluster. This will provide us with managed Kubernetes service. - Configure the VPC CNI: The Amazon VPC CNI plugin for Kubernetes supports IPv6 by enabling it through the
eks.VpcCni
resource options. - Define the Subnets: Each subnet that's used by the EKS cluster should have an IPv6 CIDR block associated with it.
- Node Groups: Define the node groups that will host your Kubernetes workloads. Ensure that the worker nodes are launched within the subnets that have IPv6 enabled.
Let's start by defining our VPC and subnets with IPv6 and creating an EKS cluster with IPv6 enabled using the VPC CNI plugin:
import * as aws from "@pulumi/aws"; import * as eks from "@pulumi/eks"; // Create a new VPC with IPv6 CIDR block const vpc = new aws.ec2.Vpc("myVpc", { assignGeneratedIpv6CidrBlock: true, cidrBlock: "10.0.0.0/16", }); // Create subnets and associate them with IPv6 CIDR blocks const subnet = new aws.ec2.Subnet("mySubnet", { vpcId: vpc.id, cidrBlock: "10.0.1.0/24", assignIpv6AddressOnCreation: true, ipv6CidrBlock: vpc.ipv6CidrBlock, }); // Create an EKS cluster in the VPC const cluster = new eks.Cluster("myCluster", { vpcId: vpc.id, subnetIds: [subnet.id], instanceType: "t3.medium", desiredCapacity: 2, minSize: 1, maxSize: 3, deployDashboard: false, // Configure VPC CNI options with IPv6 enabled vpcCniOptions: { enableIpv6: true, }, }); // Export the cluster kubeconfig and URI export const kubeconfig = cluster.kubeconfig; export const clusterUri = cluster.eksCluster.endpoint;
In the above program:
- We create a new VPC with the
assignGeneratedIpv6CidrBlock
flag set totrue
, which ensures that the VPC has an associated IPv6 CIDR block. - We create a subnet and explicitly enable IPv6 by setting
assignIpv6AddressOnCreation
totrue
and associating it with the VPC’s IPv6 CIDR block. - We create an EKS cluster and specify the VPC ID and subnet IDs, along with other configurations like the instance type, number of desired instances, and more.
- Inside the
vpcCniOptions
, we enable IPv6 support by settingenableIpv6
totrue
. This tells the Amazon VPC CNI plugin to create IPv6 addresses for your pods. - Finally, we export the cluster's kubeconfig and URI so that you can access your Kubernetes cluster.
Dependencies
Ensure you have the following dependencies installed:
- Pulumi CLI
- AWS CLI (configured with the necessary credentials)
Running the Program
- Create a new directory for your Pulumi program.
- Run
pulumi new typescript
inside the directory to initialize a new Pulumi project. - Replace the contents of
index.ts
with the code above. - Run
npm install
to install the needed Pulumi packages. - Run
pulumi up
to create the resources and deploy the EKS cluster.
Please note that for this configuration to work, your AWS account and region must support EKS and IPv6 for EKS, and the instance type should be available in your selected region.
For more information about configuring Amazon EKS clusters and VPC CNI plugin with IPv6, refer to Amazon EKS User Guide and Amazon VPC CNI plugin.
- Create an EKS Cluster: We will use the