Careful!

You are browsing documentation for a version of Kuma that is not the latest release.

IPv6 support

All Kuma entitites do support running in mixed IPv4 and IPv6 environments as well as pure IPv6 setup. This includes Global and Zone control planes, the Data plane proxy, the accompanying iptables scripts and the CNI. All major deployment scenarios are continuously verified - standalone Kubernetes and Universal, multizone and hybrid.

For the most part any IPv6 setup will work out of the box, but there are some specifics that need to be taken into account:

  • when the dataplane proxies are run in IPv6 only environment (i.e. no IPv4 address), the DNS shall be set to generate relevant IPv6 addresses using KUMA_DNS_SERVER_CIDR. Please make sure there is no overlap with a pre-existing network in your environment.

  • On Universal, when the dataplane resource is generated, specify networking.transparentProxying.redirectPortInboundV6. The default value for that port is 15010.

type: Dataplane
mesh: default
name: 
networking:
  address: 
  inbound:
  - port: 
    tags:
      kuma.io/service: demo-client
  transparentProxying:
    redirectPortInbound: 15006
    redirectPortInboundV6: 15010
    redirectPortOutbound: 15001 

Disabling IPv6

In some cases you might not want to use IPv6 at all.

To turn it off for all workloads set either:

  • runtime.kubernetes.injector.sidecarContainer.redirectPortInboundV6 to 0
  • the environment variable: KUMA_RUNTIME_KUBERNETES_INJECTOR_SIDECAR_CONTAINER_REDIRECT_PORT_INBOUND_V6=0

To turn it off for a specific pod add the annotation kuma.io/transparent-proxying-inbound-v6-port: "0".

Last Updated: 10/26/2022, 10:13:28 AM