![]() By default, Azure Virtual Network supports IPv4 only. Dual-stack AKS needs to run on a dual-stack Azure Virtual Network.ĭual-stack Azure Virtual Network provides highly secure virtual network environments on Azure infrastructure. Azure manages the Kubernetes API service. The example consists of the following components:ĭual-stack Azure Kubernetes Service is a managed Kubernetes cluster hosted in the Azure cloud. The dataflow from 2 to 6 is the same as in the IPv4 dataflow.Īlternatively, AKS main traffic can run on top of IPv6, and IPv4 ingress serves as the NAT46 proxy. It's now IPv4 traffic with more metadata, which includes the IPv6 source address.Ģ-6. The IPv6 ingress directs traffic to IPv4 addresses. You can use a server like Nginx for this translation.ġc. The load balancer forwards traffic to the IPv6 ingress where a NAT64 proxy translates its address. IPv6 reaches the IPv6 option on Load Balancer.ġb. IPv6 traffic (orange line): Load Balancer directs IPv6 traffic as follows:ġa. Azure Container Registry can quickly and securely deliver application images. ![]() Applications can securely store and retrieve data to and from Azure storage services in the Azure infrastructure.Ħ. Each Kubernetes service distributes traffic to its application.ĥ. The AKS ingress acts as a reverse proxy to direct traffic to a Kubernetes service.Ĥ. The load balancer forwards traffic to the AKS ingress dedicated for IPv4 traffic.ģ. Traffic from the public internet or external network reaches IPv4 on Azure Load Balancer.Ģ. IPv4 traffic (black line): Azure Load Balancer directs IPv4 traffic to the corresponding services in the virtual network as follows:ġ. There are two options in this example architecture: For clients inside an Azure virtual network with a custom DNS resolution rule, the closest server can be an Azure private DNS server. The closest DNS server can be a global DNS server for clients from the internet. They get the IPv6 value from the AAAA record and the IPv4 value from the A record of the domain name. When clients establish connections to the service, they get service IP addresses from the closest DNS server. ![]() It can be added to or removed from an existing infrastructure with minimal changes. This example uses a NAT64 proxy for the ingress controller to translate external traffic to either IPv4 or IPv6. Architectureĭownload a Visio file of this architecture. This example baseline infrastructure deploys an Azure Kubernetes Service (AKS) cluster to multiple regions on a dual-stack network by using both IPv4 and IPv6 addresses.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |