Running kops version: 1.24.1, kubectl version 1.24.2 on AWS in a dual-stack enabled VPC I use the following command to create the cluster
kops create cluster --cloud aws \
--vpc $VPC_ID \
--node-count 2 \
--zones us-east-1a,us-east-1b \
--master-zones us-east-1a,us-east-1b,us-east-1c \
--node-size $NODE_SIZE \
--master-count 3 \
--master-size $MASTER_SIZE \
--networking calico \
--ssh-public-key ~/.ssh/id_rsa.pub \
--cloud-labels "Cost=NewDevKubernetesCluster" \
--ipv6
After the cluster is created and validated, I'm trying to create a nginx service with dual-stack loadbalancer. nginx service creation fails with the following error
The Service "svc-nginx" is invalid: spec.ipFamilyPolicy: Invalid value: "RequireDualStack": this cluster is not configured for dual-stack services
Here's my cluster manifest (with omitted identifiable information):
apiVersion: kops.k8s.io/v1alpha2
kind: Cluster
metadata:
creationTimestamp: "2022-08-30T17:07:55Z"
generation: 1
name: devcluster.dev.domain.name
spec:
api:
dns: {}
authorization:
rbac: {}
channel: stable
cloudControllerManager: {}
cloudLabels:
Cost: NewDevKubernetesCluster
cloudProvider: aws
configBase: s3://devcluster-kops-state-store/devcluster.dev.domain.name
etcdClusters:
- cpuRequest: 200m
etcdMembers:
- encryptedVolume: true
instanceGroup: master-us-east-1a
name: a
- encryptedVolume: true
instanceGroup: master-us-east-1b
name: b
- encryptedVolume: true
instanceGroup: master-us-east-1c
name: c
memoryRequest: 100Mi
name: main
- cpuRequest: 100m
etcdMembers:
- encryptedVolume: true
instanceGroup: master-us-east-1a
name: a
- encryptedVolume: true
instanceGroup: master-us-east-1b
name: b
- encryptedVolume: true
instanceGroup: master-us-east-1c
name: c
memoryRequest: 100Mi
name: events
iam:
allowContainerRegistry: true
legacy: false
kubelet:
anonymousAuth: false
authenticationTokenWebhook: true
authorizationMode: Webhook
kubernetesApiAccess:
- 0.0.0.0/0
- ::/0
kubernetesVersion: 1.24.4
masterInternalName: api.internal.devcluster.dev.domain.name
masterPublicName: api.devcluster.dev.domain.name
networkCIDR: 172.30.0.0/16
networkID: vpc-ID
networking:
calico: {}
nonMasqueradeCIDR: ::/0
sshAccess:
- 0.0.0.0/0
- ::/0
subnets:
- cidr: 172.30.32.0/19
ipv6CIDR: 2600:a:b:c::/64
name: us-east-1a
type: Public
zone: us-east-1a
- cidr: 172.30.64.0/19
ipv6CIDR: 2600:a:b:d::/64
name: us-east-1b
type: Public
zone: us-east-1b
- cidr: 172.30.96.0/19
ipv6CIDR: 2600:a:b:e::/64
name: us-east-1c
type: Public
zone: us-east-1c
topology:
dns:
type: Public
masters: public
nodes: public
I'm not sure why is the cluster being created with IPv6 only support