kubernetes-sigs
diff --git a/‎Makefile‎
Lines changed: 6 additions & 1 deletion b/‎Makefile‎
Lines changed: 6 additions & 1 deletion
diff --git a/‎api/v1alpha2/azurecluster_conversion.go‎
Lines changed: 7 additions & 1 deletion b/‎api/v1alpha2/azurecluster_conversion.go‎
Lines changed: 7 additions & 1 deletion
diff --git a/‎api/v1alpha2/azuremachine_conversion.go‎
Lines changed: 1 addition & 0 deletions b/‎api/v1alpha2/azuremachine_conversion.go‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎api/v1alpha2/zz_generated.conversion.go‎
Lines changed: 8 additions & 10 deletions b/‎api/v1alpha2/zz_generated.conversion.go‎
Lines changed: 8 additions & 10 deletions
diff --git a/‎api/v1alpha3/azurecluster_default.go‎
Lines changed: 15 additions & 6 deletions b/‎api/v1alpha3/azurecluster_default.go‎
Lines changed: 15 additions & 6 deletions
diff --git a/‎api/v1alpha3/azurecluster_default_test.go‎
Lines changed: 104 additions & 18 deletions b/‎api/v1alpha3/azurecluster_default_test.go‎
Lines changed: 104 additions & 18 deletions
diff --git a/‎api/v1alpha3/azuremachine_types.go‎
Lines changed: 6 additions & 0 deletions b/‎api/v1alpha3/azuremachine_types.go‎
Lines changed: 6 additions & 0 deletions
@@ -449,7 +449,12 @@ create-workload-cluster: $(ENVSUBST)
 	timeout --foreground 600 bash -c "while ! kubectl --kubeconfig=./kubeconfig get nodes | grep master; do sleep 1; done"
 
 	# Deploy calico
-	kubectl --kubeconfig=./kubeconfig apply -f templates/addons/calico.yaml
+	@if [[ "${CLUSTER_TEMPLATE}" == *ipv6* ]]; then \
+		kubectl --kubeconfig=./kubeconfig apply -f templates/addons/calico-ipv6.yaml; \
+	else \
+		kubectl --kubeconfig=./kubeconfig apply -f templates/addons/calico.yaml; \
+	fi
+
 
 	@echo 'run "kubectl --kubeconfig=./kubeconfig ..." to work with the new target cluster'
 
 
@@ -59,13 +59,14 @@ func (src *AzureCluster) ConvertTo(dstRaw conversion.Hub) error { // nolint
 	}
 
 	dst.Status.FailureDomains = restored.Status.FailureDomains
+	dst.Spec.NetworkSpec.Vnet.CIDRBlocks = restored.Spec.NetworkSpec.Vnet.CIDRBlocks
 
 	for _, restoredSubnet := range restored.Spec.NetworkSpec.Subnets {
 		if restoredSubnet != nil {
 			for _, dstSubnet := range dst.Spec.NetworkSpec.Subnets {
 				if dstSubnet != nil && dstSubnet.Name == restoredSubnet.Name {
 					dstSubnet.RouteTable = restoredSubnet.RouteTable
-
+					dstSubnet.CIDRBlocks = restoredSubnet.CIDRBlocks
 					dstSubnet.SecurityGroup.IngressRules = restoredSubnet.SecurityGroup.IngressRules
 				}
 			}
@@ -203,6 +204,11 @@ func Convert_v1alpha3_NetworkSpec_To_v1alpha2_NetworkSpec(in *infrav1alpha3.Netw
 	return nil
 }
 
+// Convert_v1alpha3_VnetSpec_To_v1alpha2_VnetSpec.
+func Convert_v1alpha3_VnetSpec_To_v1alpha2_VnetSpec(in *infrav1alpha3.VnetSpec, out *VnetSpec, s apiconversion.Scope) error { //nolint
+	return autoConvert_v1alpha3_VnetSpec_To_v1alpha2_VnetSpec(in, out, s)
+}
+
 // Convert_v1alpha2_SubnetSpec_To_v1alpha3_SubnetSpec.
 func Convert_v1alpha2_SubnetSpec_To_v1alpha3_SubnetSpec(in *SubnetSpec, out *infrav1alpha3.SubnetSpec, s apiconversion.Scope) error { //nolint
 	return autoConvert_v1alpha2_SubnetSpec_To_v1alpha3_SubnetSpec(in, out, s)
 
@@ -57,6 +57,7 @@ func restoreAzureMachineSpec(restored, dst *infrav1alpha3.AzureMachineSpec) {
 		dst.AcceleratedNetworking = restored.AcceleratedNetworking
 	}
 	dst.FailureDomain = restored.FailureDomain
+	dst.EnableIPForwarding = restored.EnableIPForwarding
 	if restored.SpotVMOptions != nil {
 		dst.SpotVMOptions = restored.SpotVMOptions.DeepCopy()
 	}
 
@@ -29,6 +29,15 @@ const (
 	DefaultNodeSubnetCIDR = "10.1.0.0/16"
 )
 
+const (
+	// DefaultVnetIPv6CIDR is the ipv6 Vnet CIDR
+	DefaultVnetIPv6CIDR = "2001:1234:5678:9a00::/56"
+	// DefaultControlPlaneSubnetIPv6CIDR is the default Control Plane Subnet CIDR
+	DefaultControlPlaneSubnetIPv6CIDR = "2001:1234:5678:9abc::/64"
+	// DefaultNodeSubnetIPv6CIDR is the default Node Subnet CIDR
+	DefaultNodeSubnetIPv6CIDR = "2001:1234:5678:9abd::/64"
+)
+
 func (c *AzureCluster) setDefaults() {
 	c.setNetworkSpecDefaults()
 }
@@ -52,8 +61,8 @@ func (c *AzureCluster) setVnetDefaults() {
 	if c.Spec.NetworkSpec.Vnet.Name == "" {
 		c.Spec.NetworkSpec.Vnet.Name = generateVnetName(c.ObjectMeta.Name)
 	}
-	if c.Spec.NetworkSpec.Vnet.CidrBlock == "" {
-		c.Spec.NetworkSpec.Vnet.CidrBlock = DefaultVnetCIDR
+	if len(c.Spec.NetworkSpec.Vnet.CIDRBlocks) == 0 {
+		c.Spec.NetworkSpec.Vnet.CIDRBlocks = []string{DefaultVnetCIDR}
 	}
 }
 
@@ -73,8 +82,8 @@ func (c *AzureCluster) setSubnetDefaults() {
 	if cpSubnet.Name == "" {
 		cpSubnet.Name = generateControlPlaneSubnetName(c.ObjectMeta.Name)
 	}
-	if cpSubnet.CidrBlock == "" {
-		cpSubnet.CidrBlock = DefaultControlPlaneSubnetCIDR
+	if len(cpSubnet.CIDRBlocks) == 0 {
+		cpSubnet.CIDRBlocks = []string{DefaultControlPlaneSubnetCIDR}
 	}
 	if cpSubnet.SecurityGroup.Name == "" {
 		cpSubnet.SecurityGroup.Name = generateControlPlaneSecurityGroupName(c.ObjectMeta.Name)
@@ -86,8 +95,8 @@ func (c *AzureCluster) setSubnetDefaults() {
 	if nodeSubnet.Name == "" {
 		nodeSubnet.Name = generateNodeSubnetName(c.ObjectMeta.Name)
 	}
-	if nodeSubnet.CidrBlock == "" {
-		nodeSubnet.CidrBlock = DefaultNodeSubnetCIDR
+	if len(nodeSubnet.CIDRBlocks) == 0 {
+		nodeSubnet.CIDRBlocks = []string{DefaultNodeSubnetCIDR}
 	}
 	if nodeSubnet.SecurityGroup.Name == "" {
 		nodeSubnet.SecurityGroup.Name = generateNodeSecurityGroupName(c.ObjectMeta.Name)
 
@@ -98,7 +98,7 @@ func TestVnetDefaults(t *testing.T) {
 						Vnet: VnetSpec{
 							ResourceGroup: "custom-vnet",
 							Name:          "my-vnet",
-							CidrBlock:     DefaultVnetCIDR,
+							CIDRBlocks:    []string{DefaultVnetCIDR},
 						},
 						Subnets: Subnets{
 							{
@@ -138,7 +138,7 @@ func TestVnetDefaults(t *testing.T) {
 						Vnet: VnetSpec{
 							ResourceGroup: "cluster-test",
 							Name:          "cluster-test-vnet",
-							CidrBlock:     DefaultVnetCIDR,
+							CIDRBlocks:    []string{DefaultVnetCIDR},
 						},
 					},
 				},
@@ -154,7 +154,7 @@ func TestVnetDefaults(t *testing.T) {
 					ResourceGroup: "cluster-test",
 					NetworkSpec: NetworkSpec{
 						Vnet: VnetSpec{
-							CidrBlock: "10.0.0.0/16",
+							CIDRBlocks: []string{"10.0.0.0/16"},
 						},
 					},
 				},
@@ -169,7 +169,38 @@ func TestVnetDefaults(t *testing.T) {
 						Vnet: VnetSpec{
 							ResourceGroup: "cluster-test",
 							Name:          "cluster-test-vnet",
-							CidrBlock:     "10.0.0.0/16",
+							CIDRBlocks:    []string{"10.0.0.0/16"},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "IPv6 enabled",
+			cluster: &AzureCluster{
+				ObjectMeta: v1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					ResourceGroup: "cluster-test",
+					NetworkSpec: NetworkSpec{
+						Vnet: VnetSpec{
+							CIDRBlocks: []string{DefaultVnetCIDR, DefaultVnetIPv6CIDR},
+						},
+					},
+				},
+			},
+			output: &AzureCluster{
+				ObjectMeta: v1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					ResourceGroup: "cluster-test",
+					NetworkSpec: NetworkSpec{
+						Vnet: VnetSpec{
+							ResourceGroup: "cluster-test",
+							Name:          "cluster-test-vnet",
+							CIDRBlocks:    []string{DefaultVnetCIDR, DefaultVnetIPv6CIDR},
 						},
 					},
 				},
@@ -217,14 +248,14 @@ func TestSubnetDefaults(t *testing.T) {
 							{
 								Role:          SubnetControlPlane,
 								Name:          "cluster-test-controlplane-subnet",
-								CidrBlock:     DefaultControlPlaneSubnetCIDR,
+								CIDRBlocks:    []string{DefaultControlPlaneSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
 							{
 								Role:          SubnetNode,
 								Name:          "cluster-test-node-subnet",
-								CidrBlock:     DefaultNodeSubnetCIDR,
+								CIDRBlocks:    []string{DefaultNodeSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
@@ -243,14 +274,14 @@ func TestSubnetDefaults(t *testing.T) {
 					NetworkSpec: NetworkSpec{
 						Subnets: Subnets{
 							{
-								Role:      SubnetControlPlane,
-								Name:      "my-controlplane-subnet",
-								CidrBlock: "10.0.0.16/24",
+								Role:       SubnetControlPlane,
+								Name:       "my-controlplane-subnet",
+								CIDRBlocks: []string{"10.0.0.16/24"},
 							},
 							{
-								Role:      SubnetNode,
-								Name:      "my-node-subnet",
-								CidrBlock: "10.1.0.16/24",
+								Role:       SubnetNode,
+								Name:       "my-node-subnet",
+								CIDRBlocks: []string{"10.1.0.16/24"},
 							},
 						},
 					},
@@ -266,14 +297,14 @@ func TestSubnetDefaults(t *testing.T) {
 							{
 								Role:          SubnetControlPlane,
 								Name:          "my-controlplane-subnet",
-								CidrBlock:     "10.0.0.16/24",
+								CIDRBlocks:    []string{"10.0.0.16/24"},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
 							{
 								Role:          SubnetNode,
 								Name:          "my-node-subnet",
-								CidrBlock:     "10.1.0.16/24",
+								CIDRBlocks:    []string{"10.1.0.16/24"},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
@@ -313,14 +344,14 @@ func TestSubnetDefaults(t *testing.T) {
 							{
 								Role:          SubnetControlPlane,
 								Name:          "cluster-test-controlplane-subnet",
-								CidrBlock:     DefaultControlPlaneSubnetCIDR,
+								CIDRBlocks:    []string{DefaultControlPlaneSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
 							{
 								Role:          SubnetNode,
 								Name:          "cluster-test-node-subnet",
-								CidrBlock:     DefaultNodeSubnetCIDR,
+								CIDRBlocks:    []string{DefaultNodeSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
@@ -356,17 +387,72 @@ func TestSubnetDefaults(t *testing.T) {
 							{
 								Role:          SubnetNode,
 								Name:          "my-node-subnet",
-								CidrBlock:     DefaultNodeSubnetCIDR,
+								CIDRBlocks:    []string{DefaultNodeSubnetCIDR},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
 							{
 								Role:          SubnetControlPlane,
 								Name:          "cluster-test-controlplane-subnet",
-								CidrBlock:     DefaultControlPlaneSubnetCIDR,
+								CIDRBlocks:    []string{DefaultControlPlaneSubnetCIDR},
+								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
+								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+							},
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "subnets specified with IPv6 enabled",
+			cluster: &AzureCluster{
+				ObjectMeta: v1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					NetworkSpec: NetworkSpec{
+						Vnet: VnetSpec{
+							CIDRBlocks: []string{"2001:be00::1/56"},
+						},
+						Subnets: Subnets{
+							{
+								Name:       "cluster-test-controlplane-subnet",
+								Role:       "control-plane",
+								CIDRBlocks: []string{"2001:beef::1/64"},
+							},
+							{
+								Name:       "cluster-test-node-subnet",
+								Role:       "node",
+								CIDRBlocks: []string{"2001:beea::1/64"},
+							},
+						},
+					},
+				},
+			},
+			output: &AzureCluster{
+				ObjectMeta: v1.ObjectMeta{
+					Name: "cluster-test",
+				},
+				Spec: AzureClusterSpec{
+					NetworkSpec: NetworkSpec{
+						Vnet: VnetSpec{
+							CIDRBlocks: []string{"2001:be00::1/56"},
+						},
+						Subnets: Subnets{
+							{
+								Role:          SubnetControlPlane,
+								Name:          "cluster-test-controlplane-subnet",
+								CIDRBlocks:    []string{"2001:beef::1/64"},
 								SecurityGroup: SecurityGroup{Name: "cluster-test-controlplane-nsg"},
 								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
 							},
+							{
+								Role:          SubnetNode,
+								Name:          "cluster-test-node-subnet",
+								CIDRBlocks:    []string{"2001:beea::1/64"},
+								SecurityGroup: SecurityGroup{Name: "cluster-test-node-nsg"},
+								RouteTable:    RouteTable{Name: "cluster-test-node-routetable"},
+							},
 						},
 					},
 				},
 
@@ -87,6 +87,12 @@ type AzureMachineSpec struct {
 	// +optional
 	AllocatePublicIP bool `json:"allocatePublicIP,omitempty"`
 
+	// EnableIPForwarding enables IP Forwarding in Azure which is required for some CNI's to send traffic from a pods on one machine
+	// to another. This is required for IpV6 with Calico in combination with User Defined Routes (set by the Azure Cloud Controller
+	// manager). Default is false for disabled.
+	// +optional
+	EnableIPForwarding bool `json:"enableIPForwarding,omitempty"`
+
 	// AcceleratedNetworking enables or disables Azure accelerated networking. If omitted, it will be set based on
 	// whether the requested VMSize supports accelerated networking.
 	// If AcceleratedNetworking is set to true with a VMSize that does not support it, Azure will return an error.
Original file line number	Diff line number	Diff line change
`@@ -59,13 +59,14 @@ func (src *AzureCluster) ConvertTo(dstRaw conversion.Hub) error { // nolint`
`59`	`59`	`}`
`60`	`60`
`61`	`61`	`dst.Status.FailureDomains = restored.Status.FailureDomains`
	`62`	`+ dst.Spec.NetworkSpec.Vnet.CIDRBlocks = restored.Spec.NetworkSpec.Vnet.CIDRBlocks`
`62`	`63`
`63`	`64`	`for _, restoredSubnet := range restored.Spec.NetworkSpec.Subnets {`
`64`	`65`	`if restoredSubnet != nil {`
`65`	`66`	`for _, dstSubnet := range dst.Spec.NetworkSpec.Subnets {`
`66`	`67`	`if dstSubnet != nil && dstSubnet.Name == restoredSubnet.Name {`
`67`	`68`	`dstSubnet.RouteTable = restoredSubnet.RouteTable`
`68`		`-`
	`69`	`+ dstSubnet.CIDRBlocks = restoredSubnet.CIDRBlocks`
`69`	`70`	`dstSubnet.SecurityGroup.IngressRules = restoredSubnet.SecurityGroup.IngressRules`
`70`	`71`	`}`
`71`	`72`	`}`
`@@ -203,6 +204,11 @@ func Convert_v1alpha3_NetworkSpec_To_v1alpha2_NetworkSpec(in *infrav1alpha3.Netw`
`203`	`204`	`return nil`
`204`	`205`	`}`
`205`	`206`
	`207`	`+// Convert_v1alpha3_VnetSpec_To_v1alpha2_VnetSpec.`
	`208`	`+func Convert_v1alpha3_VnetSpec_To_v1alpha2_VnetSpec(in infrav1alpha3.VnetSpec, out VnetSpec, s apiconversion.Scope) error { //nolint`
	`209`	`+ return autoConvert_v1alpha3_VnetSpec_To_v1alpha2_VnetSpec(in, out, s)`
	`210`	`+}`
	`211`	`+`
`206`	`212`	`// Convert_v1alpha2_SubnetSpec_To_v1alpha3_SubnetSpec.`
`207`	`213`	`func Convert_v1alpha2_SubnetSpec_To_v1alpha3_SubnetSpec(in SubnetSpec, out infrav1alpha3.SubnetSpec, s apiconversion.Scope) error { //nolint`
`208`	`214`	`return autoConvert_v1alpha2_SubnetSpec_To_v1alpha3_SubnetSpec(in, out, s)`
Original file line number	Diff line number	Diff line change
`@@ -57,6 +57,7 @@ func restoreAzureMachineSpec(restored, dst *infrav1alpha3.AzureMachineSpec) {`
`57`	`57`	`dst.AcceleratedNetworking = restored.AcceleratedNetworking`
`58`	`58`	`}`
`59`	`59`	`dst.FailureDomain = restored.FailureDomain`
	`60`	`+ dst.EnableIPForwarding = restored.EnableIPForwarding`
`60`	`61`	`if restored.SpotVMOptions != nil {`
`61`	`62`	`dst.SpotVMOptions = restored.SpotVMOptions.DeepCopy()`
`62`	`63`	`}`
Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,15 @@ const (`
`29`	`29`	`DefaultNodeSubnetCIDR = "10.1.0.0/16"`
`30`	`30`	`)`
`31`	`31`
	`32`	`+const (`
	`33`	`+ // DefaultVnetIPv6CIDR is the ipv6 Vnet CIDR`
	`34`	`+ DefaultVnetIPv6CIDR = "2001:1234:5678:9a00::/56"`
	`35`	`+ // DefaultControlPlaneSubnetIPv6CIDR is the default Control Plane Subnet CIDR`
	`36`	`+ DefaultControlPlaneSubnetIPv6CIDR = "2001:1234:5678:9abc::/64"`
	`37`	`+ // DefaultNodeSubnetIPv6CIDR is the default Node Subnet CIDR`
	`38`	`+ DefaultNodeSubnetIPv6CIDR = "2001:1234:5678:9abd::/64"`
	`39`	`+)`
	`40`	`+`
`32`	`41`	`func (c *AzureCluster) setDefaults() {`
`33`	`42`	`c.setNetworkSpecDefaults()`
`34`	`43`	`}`
`@@ -52,8 +61,8 @@ func (c *AzureCluster) setVnetDefaults() {`
`52`	`61`	`if c.Spec.NetworkSpec.Vnet.Name == "" {`
`53`	`62`	`c.Spec.NetworkSpec.Vnet.Name = generateVnetName(c.ObjectMeta.Name)`
`54`	`63`	`}`
`55`		`- if c.Spec.NetworkSpec.Vnet.CidrBlock == "" {`
`56`		`- c.Spec.NetworkSpec.Vnet.CidrBlock = DefaultVnetCIDR`
	`64`	`+ if len(c.Spec.NetworkSpec.Vnet.CIDRBlocks) == 0 {`
	`65`	`+ c.Spec.NetworkSpec.Vnet.CIDRBlocks = []string{DefaultVnetCIDR}`
`57`	`66`	`}`
`58`	`67`	`}`
`59`	`68`
`@@ -73,8 +82,8 @@ func (c *AzureCluster) setSubnetDefaults() {`
`73`	`82`	`if cpSubnet.Name == "" {`
`74`	`83`	`cpSubnet.Name = generateControlPlaneSubnetName(c.ObjectMeta.Name)`
`75`	`84`	`}`
`76`		`- if cpSubnet.CidrBlock == "" {`
`77`		`- cpSubnet.CidrBlock = DefaultControlPlaneSubnetCIDR`
	`85`	`+ if len(cpSubnet.CIDRBlocks) == 0 {`
	`86`	`+ cpSubnet.CIDRBlocks = []string{DefaultControlPlaneSubnetCIDR}`
`78`	`87`	`}`
`79`	`88`	`if cpSubnet.SecurityGroup.Name == "" {`
`80`	`89`	`cpSubnet.SecurityGroup.Name = generateControlPlaneSecurityGroupName(c.ObjectMeta.Name)`
`@@ -86,8 +95,8 @@ func (c *AzureCluster) setSubnetDefaults() {`
`86`	`95`	`if nodeSubnet.Name == "" {`
`87`	`96`	`nodeSubnet.Name = generateNodeSubnetName(c.ObjectMeta.Name)`
`88`	`97`	`}`
`89`		`- if nodeSubnet.CidrBlock == "" {`
`90`		`- nodeSubnet.CidrBlock = DefaultNodeSubnetCIDR`
	`98`	`+ if len(nodeSubnet.CIDRBlocks) == 0 {`
	`99`	`+ nodeSubnet.CIDRBlocks = []string{DefaultNodeSubnetCIDR}`
`91`	`100`	`}`
`92`	`101`	`if nodeSubnet.SecurityGroup.Name == "" {`
`93`	`102`	`nodeSubnet.SecurityGroup.Name = generateNodeSecurityGroupName(c.ObjectMeta.Name)`