7:[["$","$12",null,{"fallback":null,"children":["$","$L13",null,{"reason":"next/dynamic","children":["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org/\",\"@type\":\"Article\",\"headline\":\"Dual Stack on AKS with Cilium\",\"image\":\"https://cdn.sanity.io/images/xinsvxfu/production/34b30eb32ebe8d8544e1ea58825d2d15b6fd8a6c-2400x1260.png\",\"datePublished\":\"2024-09-25T07:28:39.000Z\",\"dateModified\":\"2024-04-16T12:21:24.000Z\",\"description\":\"This blog post will walk you through deploying an IPv4/IPv6 Dual Stack AKS cluster with Cilium as the CNI.\",\"author\":[{\"@type\":\"Person\",\"name\":\"Amit Gupta\",\"url\":\"https://isovalent.com/\"}]}"}}]}]}],["$","main",null,{"id":"top","children":[["$","header",null,{"className":"restricted mt-10 mb-14","children":[["$","$L18",null,{"href":"/blog/","className":"flex items-center justify-items-center gap-1 mb-6 text-sm font-bold text-action max-w-max","children":[["$","isov-icon",null,{"class":"block rotate-90","name":"arrow-right","size":"small"}],["$","isov-content",null,{"children":["$","span",null,{"className":"ui-text","children":"Blog"}]}]]}],["$","h1",null,{"className":"text-4xl text-nightfall font-bold mb-5 max-w-3xl","children":"Dual Stack on AKS with Cilium"}],["$","div",null,{"className":"article-details block sm:flex items-center justify-items-start sm:justify-items-center cursor-default","children":[[["$","isov-avatar","ff5e2eda-05bb-ade9-8831-4dddc66e927d",{"size":"medium","name":"Amit Gupta","class":"mr-1","children":["$","$L19",null,{"src":"https://cdn.sanity.io/images/xinsvxfu/production/19b2e7212433d6c85f9a7cbb62beb590d8044fa0-528x1009.jpg?auto=format&q=80&fit=clip&w=200","alt":"Amit Gupta Image","slot":"avatar","height":200,"width":200}]}]],["$","div",null,{"className":"text-charcoal","children":[["$","span",null,{"className":"hidden sm:inline","children":"| "}],["$","span",null,{"children":["Published:"," ",["$","strong",null,{"className":"font-bold","children":"April 16, 2024"}],[" ","| Updated:"," ",["$","strong",null,{"className":"font-bold","children":"September 25, 2024"}]]]}]," | ",[["$","$L1a","2159f293-7dd2-46f3-9b11-bf943ad2ae98",{"href":"/blog/networking-for-kubernetes","className":"inline-block text-action hover:underline font-bold pr-1","children":["Networking for Kubernetes",", "]}],["$","$L1a","a59847f0-8657-4dfb-ad52-57af46ab0f45",{"href":"/blog/mesh-networking","className":"inline-block text-action hover:underline font-bold pr-1","children":["Mesh Networking",false]}]]]}]]}]]}],["$","section",null,{"id":"page-content","className":"mb-8","children":["$","$12",null,{"fallback":null,"children":["$","$L13",null,{"reason":"next/dynamic","children":["$","$L1b",null,{"content":[{"_key":"37e0e787-fb9c-4f58-9760-2353f0daab23","_type":"block","children":[{"_key":"31162e21-ae97-4ccf-90e5-593b1ff1f31d","_type":"span","marks":[],"text":"An increasing number of organizations are adopting IPv6 in their environments, driven by the public IPv4 space exhaustion, private IPv4 scarcity, especially within large-scale networks, and the need to provide service availability to IPv6-only clients. An intermediary step in fully supporting IPv6 is dual-stack IPv4/IPv6. Three years ago, 31% of Google users were using IPv6. "},{"_key":"0687e7d4-9c4d-41fd-a383-c30c39b92a31","_type":"span","marks":["87653960-d2f0-4b75-8708-b8e1a07a139b"],"text":"We’re now up to 45%"},{"_key":"b62ac6d7-c62a-4732-b440-6a954b16909d","_type":"span","marks":[],"text":", and at the current rate, IPv6 will be the majority protocol seen by Google users worldwide (it’s already over 70% in countries like India and France) by the end of 2024. "},{"_key":"fbcdbb4c-b640-4b34-9d1f-c62b488d4456","_type":"span","marks":["strong"],"text":"This blog post will walk you through how to "},{"_key":"a8654e723e41","_type":"span","marks":["strong","704ecadf4e99"],"text":"deploy"},{"_key":"d3e3975e2cf9","_type":"span","marks":["strong"],"text":" and upgrade an IPv4/IPv6 Dual Stack AKS (Azure Kubernetes Service) cluster with Cilium as the CNI to benefit from its networking, observability, and security capabilities."},{"_key":"57d2ab00-e6d7-4281-88a5-b56ca789d09e","_type":"span","marks":[],"text":" "}],"markDefs":[{"_key":"87653960-d2f0-4b75-8708-b8e1a07a139b","_type":"link","href":"https://www.google.com/intl/en/ipv6/statistics.html","openInNewTab":true},{"_key":"704ecadf4e99","_type":"link","href":"/blog/post/cilium-aks/","isLink":false,"openInNewTab":true}],"style":"normal"},{"_key":"3b907476-16e3-4745-8972-7b0909aa7aa8","_type":"block","children":[{"_key":"9496a92e-adf3-4424-af4b-18e1d065619d","_type":"span","marks":[],"text":"What is Dual-Stack Networking in Kubernetes?"}],"markDefs":[],"style":"h2"},{"_key":"e807b532-f63e-45f2-99a4-fe381684a567","_type":"block","children":[{"_key":"370de675-5e8b-4793-b9b5-ebbb03a37505","_type":"span","marks":[],"text":"IPv4/IPv6 dual-stack networking enables the allocation of IPv4 and IPv6 addresses to "},{"_key":"ca023b3c-0ca2-4632-b235-58496278d50a","_type":"span","marks":["76166b68-64b8-4af1-8e9f-5f43951d1e6f"],"text":"Pods"},{"_key":"c0ed9ad7-382f-4162-a69b-a5c7817104f5","_type":"span","marks":[],"text":" and "},{"_key":"45787e3e-8d12-44fb-8eaa-66f360eb99aa","_type":"span","marks":["7d08b20c-d259-4984-9414-d94033b261bc"],"text":"Services"},{"_key":"07b29658-ed4d-430e-9e95-82557b5b64b1","_type":"span","marks":[],"text":". IPv4/IPv6 dual-stack on your Kubernetes cluster provides the following features:"}],"markDefs":[{"_key":"76166b68-64b8-4af1-8e9f-5f43951d1e6f","_type":"link","href":"https://kubernetes.io/docs/concepts/workloads/pods/","openInNewTab":true},{"_key":"7d08b20c-d259-4984-9414-d94033b261bc","_type":"link","href":"https://kubernetes.io/docs/concepts/services-networking/service/","openInNewTab":true}],"style":"normal"},{"_key":"a273b248f340","_type":"block","children":[{"_key":"ced5a494ea8c","_type":"span","marks":[],"text":"Dual-stack Pod networking (a single IPv4 and IPv6 address assignment per Pod)."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"ab22dd56492c","_type":"block","children":[{"_key":"f13f8d9b5949","_type":"span","marks":[],"text":"IPv4 and IPv6 enabled Services."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"995b604498c1","_type":"block","children":[{"_key":"56f1c58f4959","_type":"span","marks":[],"text":"Pod off-cluster egress routing (e.g., the Internet) via IPv4 and IPv6 interfaces."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"6b70f047-84af-4bb9-ade9-252f35631489","_type":"block","children":[{"_key":"ceae52ac-a409-4202-93d6-f8a8c96a7a94","_type":"span","marks":[],"text":"Why do you need Dual-Stack networking?"}],"markDefs":[],"style":"h2"},{"_key":"90802fcf-ac2e-40bf-8eb1-7942c0fd66d2","_type":"block","children":[{"_key":"9f0537fa-dccf-4706-aec5-a5499c56205e","_type":"span","marks":[],"text":"The Service Provider Dilemma"}],"markDefs":[],"style":"h3"},{"_key":"1b234dcfab94","_type":"block","children":[{"_key":"8730dafc2c7c","_type":"span","marks":[],"text":"Service providers and enterprises are faced with growing their networks using IPv6 while continuing to serve IPv4 customers."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"0af71d1ee7ae","_type":"block","children":[{"_key":"2b5379f714cd","_type":"span","marks":[],"text":"Increasingly, the public side of network address translation (NAT) devices is IPv6 rather than IPv4. Service providers cannot continue giving customers globally routable IPv4 addresses, they cannot get new globally routable IPv4 addresses for expanding their networks, and yet they must continue to serve both IPv4 customers and new customers, all of whom are primarily trying to reach IPv4 destinations."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"71126b7d1a84","_type":"block","children":[{"_key":"351c18db5a96","_type":"span","marks":[],"text":"IPv4 and IPv6 must coexist for some number of years, and their coexistence must be transparent to end users. If an IPv4-to-IPv6 transition succeeds, end users should not notice it."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"dbf99489d460","_type":"block","children":[{"_key":"562d1de00e4c","_type":"span","marks":[],"text":"Other strategies exist, such as manually or dynamically configured tunnels and translation devices, but dual stacking is often the preferable solution in many scenarios. The dual-stacked device can interoperate equally with IPv4 devices, IPv6 devices, and other dual-stacked devices. When both devices are dual-stacked, the two devices agree on which IP version to use."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"5ddfd399-1dfd-4543-b807-a2f6fa95c153","_type":"block","children":[{"_key":"ef31a56b-c430-438a-ac92-47d2504b03f0","_type":"span","marks":[],"text":"The Kubernetes perspective"}],"markDefs":[],"style":"h3"},{"_key":"c8930649271a","_type":"block","children":[{"_key":"5a408d14b9a4","_type":"span","marks":[],"text":"While Kubernetes has dual-stack support, it depends on whether the network plugin/CNI supports it."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"7df7da2548f9","_type":"block","children":[{"_key":"138a9b9e7f04","_type":"span","marks":[],"text":"Kubernetes running on IPv4/IPv6 dual-stack networking allows workloads to access IPv4 and IPv6 endpoints natively without additional complexities or performance penalties."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"d046679124e7","_type":"block","children":[{"_key":"8a9c96ebaf85","_type":"span","marks":[],"text":"Cluster operators can also choose to expose external endpoints using one or both address families in any order that fits their requirements."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"46331a4e3607","_type":"block","children":[{"_key":"60735763b1b1","_type":"span","marks":[],"text":"Kubernetes does not make any strong assumptions about the network it runs on. For example, users running on a small IPv4 address space can choose to enable dual-stack on a subset of their cluster nodes and have the rest running on IPv6, which traditionally has a larger available address space."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"f3779198-e7bb-493a-b578-ab4b16639821","_type":"block","children":[{"_key":"bd0e16f1-cdaf-45d1-b59e-1ce6551116f0","_type":"span","marks":[],"text":"How do you define Dual Stack Networking in AKS?"}],"markDefs":[],"style":"h2"},{"_key":"bfbba4f3-94e9-462d-8fe6-21614057ab39","_type":"block","children":[{"_key":"597a4905-e151-4ebb-b3ff-b112305bbc8e","_type":"span","marks":[],"text":"You can deploy your AKS clusters in a dual-stack mode using Overlay networking and a dual-stack Azure virtual network. In this configuration, nodes receive both an IPv4 and IPv6 address from the Azure virtual network subnet. Pods receive both an IPv4 and IPv6 address from a logically different address space to the Azure virtual network subnet of the nodes. Network address translation (NAT) is configured so pods can reach resources on the Azure virtual network. The source IP address of the traffic is NAT'd to the node's primary IP address of the same family (IPv4 to IPv4 and IPv6 to IPv6)."}],"markDefs":[],"style":"normal"},{"_key":"7610091c-e1ea-4d1f-884c-308e458596f2","_type":"block","children":[{"_key":"f30402f1-2e73-4598-9c11-cd6314d28d8d","_type":"span","marks":[],"text":"When will AKS clusters powered by Cilium have Dual Stack availability?"}],"markDefs":[],"style":"h2"},{"_key":"bcf5f701-bb85-4b9d-918b-ea33561805ae","_type":"block","children":[{"_key":"176499e3-5325-4cbb-a7f5-d70ac62b2d56","_type":"span","marks":[],"text":"\"When will Kubernetes have Dual Stack support?\" This question has been asked with increasing frequency ever since alpha support for IPv6 was first added in Kubernetes v1.9. While Kubernetes has supported IPv6-only clusters since v1.18, migration from IPv4 to IPv6 was not possible. Eventually, dual-stack IPv4/IPv6 networking reached general availability (GA) in Kubernetes v1.23."}],"markDefs":[],"style":"normal"},{"_key":"ac547340-7f8b-4334-a883-d9dfbc011a52","_type":"block","children":[{"_key":"125d03d1-38be-45d9-9471-2c60da2b062b","_type":"span","marks":["strong"],"text":"Starting Kubernetes 1.29 Azure Kubernetes Service announced the availability of Dual Stack on AKS clusters running Azure CNI powered by Cilium in preview mode."}],"markDefs":[],"style":"normal"},{"_key":"130aa976-b692-46db-a3f6-936a37aecaea","_type":"block","children":[{"_key":"491f841f-0263-44c4-8fd2-094184d52d92","_type":"span","marks":[],"text":"What is Isovalent Enterprise for Cilium?"}],"markDefs":[],"style":"h2"},{"_key":"a53d5c07-7123-44de-971b-639b86028971","_type":"block","children":[{"_key":"0caf366f-c6be-44e3-acb6-07603913fac5","_type":"span","marks":[],"text":"Isovalent Cilium Enterprise is an enterprise-grade, hardened distribution of open-source projects "},{"_key":"3cbf2321-b976-4ae4-8ff7-0f193b1a2401","_type":"span","marks":["675d60e7-c5bc-4d45-9366-c9be3ef741dc"],"text":"Cilium"},{"_key":"63148e40-ee8d-4d9f-91e2-fb51198af526","_type":"span","marks":[],"text":", "},{"_key":"86bd21d0-089a-4f60-bb30-71b3de19df79","_type":"span","marks":["793ae710-0e5a-4ba5-b028-eb4ada653b3e"],"text":"Hubble"},{"_key":"06ba9858-970a-4b7e-b902-52509432b2d8","_type":"span","marks":[],"text":", and "},{"_key":"320f0682-c79c-4317-b920-3edb30b8048c","_type":"span","marks":["a1ea121d-323a-46b8-8bab-9f4343f28471"],"text":"Tetragon"},{"_key":"2918bfc4-4ffc-41b6-ab36-81c154249d86","_type":"span","marks":[],"text":", built and supported by the Cilium creators. Cilium enhances networking and security at the network layer, while Hubble ensures thorough network observability and tracing. Tetragon ties it all together with runtime enforcement and security observability, offering a well-rounded solution for connectivity, compliance, multi-cloud, and security concerns."}],"markDefs":[{"_key":"675d60e7-c5bc-4d45-9366-c9be3ef741dc","_type":"link","href":"http://cilium.io/","openInNewTab":true},{"_key":"793ae710-0e5a-4ba5-b028-eb4ada653b3e","_type":"link","href":"/projects/hubble/","openInNewTab":true},{"_key":"a1ea121d-323a-46b8-8bab-9f4343f28471","_type":"link","href":"/projects/tetragon/","openInNewTab":true}],"style":"normal"},{"_key":"4c6c71a9-52ef-406a-802a-c2fae2c3eb30","_type":"block","children":[{"_key":"1ebf61a1-6058-42a9-a4a7-847a06ad0841","_type":"span","marks":[],"text":"Why Isovalent Enterprise for Cilium?"}],"markDefs":[],"style":"h2"},{"_key":"b4660142-71b5-45e6-903b-2c07a8ad5683","_type":"block","children":[{"_key":"7cf7a15c-6d30-4ceb-b9a2-2ab3d4c56cbe","_type":"span","marks":[],"text":"For enterprise customers requiring support and usage of "},{"_key":"6294f95c-409e-4159-896c-5ce914bdfc64","_type":"span","marks":["11b9d759-fc70-45ce-a5c8-211a486ddae1"],"text":"Advanced Networking"},{"_key":"ed2a56f3-3911-4ac6-9369-e65814571ae6","_type":"span","marks":[],"text":", "},{"_key":"131795e0-05e6-4bec-8421-646c25cb9fa0","_type":"span","marks":["2327e7c4-3c1b-4d3c-aaba-952a122674f2"],"text":"Security"},{"_key":"ed34bb62-a3d2-45cf-a400-cadc5d610791","_type":"span","marks":[],"text":", and "},{"_key":"965392a4-6100-4599-8d72-547fdf2c03db","_type":"span","marks":["df104b6b-1bc1-4ffa-8005-78969ff41f22"],"text":"Observability"},{"_key":"12a3133d-7d62-4d19-92de-67007fd01a2b","_type":"span","marks":[],"text":" features, “"},{"_key":"1f5b3db2-df27-4f34-abe6-e12f2956e150","_type":"span","marks":["strong"],"text":"Isovalent Enterprise for Cilium"},{"_key":"59bf1ef7-7720-4772-b82a-9383d02a8964","_type":"span","marks":[],"text":"” is recommended with the following benefits:"}],"markDefs":[{"_key":"11b9d759-fc70-45ce-a5c8-211a486ddae1","_type":"link","href":"/networking/","openInNewTab":true},{"_key":"2327e7c4-3c1b-4d3c-aaba-952a122674f2","_type":"link","href":"/security/","openInNewTab":true},{"_key":"df104b6b-1bc1-4ffa-8005-78969ff41f22","_type":"link","href":"/observability/","openInNewTab":true}],"style":"normal"},{"_key":"bc4d35c88dcf","_type":"block","children":[{"_key":"aef8196e0057","_type":"span","marks":["strong"],"text":"Advanced network policy"},{"_key":"843d49ae17ee","_type":"span","marks":[],"text":": advanced network policy capabilities that enable fine-grained control over network traffic for micro-segmentation and improved security."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"9e9ae591884e","_type":"block","children":[{"_key":"373483c9537c","_type":"span","marks":["strong","ce5685075bdf"],"text":"Hubble"},{"_key":"3d1e37a6ebb2","_type":"span","marks":["strong"],"text":" flow observability + User Interface"},{"_key":"3bb1cf96293a","_type":"span","marks":[],"text":": real-time network traffic flow, policy visualization, and a powerful User Interface for easy troubleshooting and network management."}],"level":1,"listItem":"bullet","markDefs":[{"_key":"ce5685075bdf","_type":"link","href":"/projects/hubble/","openInNewTab":true}],"style":"normal"},{"_key":"c16e392d7143","_type":"block","children":[{"_key":"f86fb75e0f75","_type":"span","marks":["strong"],"text":"Multi-cluster connectivity via "},{"_key":"c7fa569b3d30","_type":"span","marks":["strong","cfe7bcc7c679"],"text":"Cluster Mesh"},{"_key":"495e27d1500e","_type":"span","marks":[],"text":": seamless networking and security across multiple cloud providers like AWS, Azure, Google, and on-premises environments."}],"level":1,"listItem":"bullet","markDefs":[{"_key":"cfe7bcc7c679","_type":"link","href":"/labs/cilium-cluster-mesh/","openInNewTab":true}],"style":"normal"},{"_key":"a326e69e15cc","_type":"block","children":[{"_key":"d2f6e3708424","_type":"span","marks":["strong"],"text":"Advanced Security Capabilities via "},{"_key":"f3606a84a1eb","_type":"span","marks":["strong","d9ea053f1c1d"],"text":"Tetragon"},{"_key":"e2dc128e59fa","_type":"span","marks":[],"text":": Tetragon provides advanced security capabilities such as protocol enforcement, IP and port whitelisting, and automatic application-aware policy generation to protect against the most sophisticated threats. Built on eBPF, Tetragon can easily scale to meet the needs of the most demanding cloud-native environments."}],"level":1,"listItem":"bullet","markDefs":[{"_key":"d9ea053f1c1d","_type":"link","href":"/projects/tetragon/","openInNewTab":true}],"style":"normal"},{"_key":"c4c08ca064fd","_type":"block","children":[{"_key":"c1f1a4a33856","_type":"span","marks":["strong","8dab5863872d"],"text":"Service Mesh"},{"_key":"c576f023978b","_type":"span","marks":[],"text":": Isovalent Cilium Enterprise provides sidecar-free, seamless service-to-service communication and advanced load balancing, making deploying and managing complex microservices architectures easy."}],"level":1,"listItem":"bullet","markDefs":[{"_key":"8dab5863872d","_type":"link","href":"/projects/service-mesh/","openInNewTab":true}],"style":"normal"},{"_key":"550753082e2e","_type":"block","children":[{"_key":"b2666efcd661","_type":"span","marks":["strong"],"text":"Enterprise-grade support"},{"_key":"22d55253c21f","_type":"span","marks":[],"text":": Enterprise-grade support from Isovalent’s experienced team of experts ensures that issues are resolved promptly and efficiently. Additionally, professional services help organizations deploy and manage Cilium in production environments."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"cc82e053-b1cd-4637-9919-33de728f6a04","_type":"block","children":[{"_key":"89a52182-5016-4850-9e33-1156feccd810","_type":"span","marks":[],"text":"Pre-Requisites"}],"markDefs":[],"style":"h2"},{"_key":"c89e72c4-0adf-41eb-b649-7a44087b2a96","_type":"block","children":[{"_key":"7584a3b7-1711-4eca-b151-834416732b7c","_type":"span","marks":[],"text":"The following prerequisites need to be taken into account before you proceed with this tutorial:"}],"markDefs":[],"style":"normal"},{"_key":"d39d26657413","_type":"block","children":[{"_key":"dd17fc547b1d","_type":"span","marks":[],"text":"An up-and-running Kubernetes cluster. If you don’t have one, you can create a cluster using one of these options:"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"4ae9429cb2ee","_type":"block","children":[{"_key":"6dc81baae8f8","_type":"span","marks":["46b70df4b351"],"text":"AKS"}],"level":2,"listItem":"bullet","markDefs":[{"_key":"46b70df4b351","_type":"link","href":"https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough"}],"style":"normal"},{"_key":"db868b04485b","_type":"block","children":[{"_key":"d888c3a721ea","_type":"span","marks":[],"text":"The following dependencies should be installed:"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"6943088b854c","_type":"block","children":[{"_key":"4a4e616a985f","_type":"span","marks":[],"text":"Install "},{"_key":"eac102cbb479","_type":"span","marks":["0861e9cf5921"],"text":"Azure CLI"},{"_key":"8b39076b5dd9","_type":"span","marks":[],"text":"."}],"level":2,"listItem":"bullet","markDefs":[{"_key":"0861e9cf5921","_type":"link","href":"https://learn.microsoft.com/en-us/cli/azure/install-azure-cli"}],"style":"normal"},{"_key":"4181f5bf2410","_type":"block","children":[{"_key":"b3b694b795aa","_type":"span","marks":[],"text":"You should have an "},{"_key":"8309287ee651","_type":"span","marks":["13410feb07f2"],"text":"Azure Subscription"},{"_key":"619a1ae89be2","_type":"span","marks":[],"text":"."}],"level":2,"listItem":"bullet","markDefs":[{"_key":"13410feb07f2","_type":"link","href":"https://aka.ms/freeazure"}],"style":"normal"},{"_key":"5b8ed56e69a2","_type":"block","children":[{"_key":"6ff4555dd31e","_type":"span","marks":[],"text":"Install "},{"_key":"df23659ba857","_type":"span","marks":["d8e824662500"],"text":"kubectl"},{"_key":"02347f36b1b5","_type":"span","marks":[],"text":"."}],"level":2,"listItem":"bullet","markDefs":[{"_key":"d8e824662500","_type":"link","href":"https://kubernetes.io/releases/download/#kubectl"}],"style":"normal"},{"_key":"f5784680ceb1","_type":"block","children":[{"_key":"52caa3aa9d29","_type":"span","marks":[],"text":"Install "},{"_key":"1af346aaae96","_type":"span","marks":["f2fb8f4c64ab"],"text":"Cilium CLI"},{"_key":"f85c2171ac2c","_type":"span","marks":[],"text":"."}],"level":2,"listItem":"bullet","markDefs":[{"_key":"f2fb8f4c64ab","_type":"link","href":"https://docs.isovalent.com/operations-guide/monitoring/sysdump/index.html#install-cilium-cli"}],"style":"normal"},{"_key":"7932116354eb","_type":"block","children":[{"_key":"6190d57f5dc5","_type":"span","marks":[],"text":"Install "},{"_key":"e953d35bfd21","_type":"span","marks":["db819b2ce49a"],"text":"Helm"},{"_key":"1c25a994c6eb","_type":"span","marks":[],"text":"."}],"level":2,"listItem":"bullet","markDefs":[{"_key":"db819b2ce49a","_type":"link","href":"https://helm.sh/docs/intro/install/"}],"style":"normal"},{"_key":"977105467f7e","_type":"block","children":[{"_key":"32b41d13f03e","_type":"span","marks":[],"text":"Users can contact their partner Sales/SE representative(s) at sales@isovalent.com for more detailed insights into the features below and access the requisite documentation and hubble CLI software images."}],"markDefs":[],"style":"normal"},{"_key":"2eb9516d-2167-4074-bbbd-3f0216abffe1","_type":"block","children":[{"_key":"d7822aff-49d1-458d-905a-5a9aeb921c2c","_type":"span","marks":[],"text":"How can you achieve Dual Stack functionality with Cilium?"}],"markDefs":[],"style":"h2"},{"_key":"fb84056a-e384-40ab-9d24-58fc2e3c2ac6","_type":"block","children":[{"_key":"2eb3cb01-93fc-4160-973a-903edf5d9a91","_type":"span","marks":[],"text":"You can either create new AKS clusters or upgrade your existing AKS clusters to get the best of both worlds."}],"markDefs":[],"style":"normal"},{"_key":"7e663bf1-b54f-44c4-8754-67fed7351209","_type":"block","children":[{"_key":"fc7384ee-3be0-4d82-aa56-24756f704ddb","_type":"span","marks":[],"text":"Cilium's high-performing eBPF data plane."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"cf056dd860e3","_type":"block","children":[{"_key":"97ae46c91afe","_type":"span","marks":[],"text":"Dual Stack functionality from Azure with Overlay Networking."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"4eea2abf-6b66-4431-b1ab-ef1b279773ba","_type":"block","children":[{"_key":"0b20eba4-7feb-43b3-8d61-d23a925e88fe","_type":"span","marks":[],"text":"You can achieve Dual Stack Networking with the following network plugin combinations (as of now):"}],"markDefs":[],"style":"normal"},{"_key":"3e626ce2-c0b1-40bb-bc7a-5fe6ae016a1d","_type":"table","hasHLines":true,"hasLeftHeader":false,"hasTopHeader":true,"hasVLines":false,"rows":[{"_key":"7137737f-6340-45f3-a414-a7633b10e110","_type":"tableRow","cells":["Network Plugin","Default Nodepool OS(during AKS cluster creation)"]},{"_key":"eca162c6-7a12-4fac-97e2-3a99b0760157","_type":"tableRow","cells":["Bring your own CNI (BYOCNI)","Azure Linux"]},{"_key":"237def40-54ea-4cb0-a53f-54e5c1b1bdcc","_type":"tableRow","cells":["Bring your own CNI (BYOCNI)","Ubuntu"]},{"_key":"eac1e625-9859-4ca0-86ae-a2a6474ba242","_type":"tableRow","cells":["Azure CNI (Powered by Cilium)-Overlay Mode","Ubuntu"]},{"_key":"9bf6cfc2-9caa-48c4-a73b-cdf87b784e28","_type":"tableRow","cells":["Azure CNI (Powered by Cilium)-Overlay Mode","Azure Linux"]},{"_key":"f8dffee8-8669-42e1-812c-40809d3afc6b","_type":"tableRow","cells":["Upgrade Azure CNI Overlay to Azure CNI powered by Cilium","Ubuntu"]},{"_key":"a52b025f-c235-4ea7-82c5-ee463564728e","_type":"tableRow","cells":["Upgrade a Kubenet cluster toAzure CNI powered by Cilium","Ubuntu"]}]},{"_key":"58b2d101-3ff5-4e6c-9985-9787af567072","_type":"block","children":[{"_key":"446bbc0d-7626-4e5e-bbbc-d6fa97f61e89","_type":"span","marks":["strong"],"text":"Note:"}],"markDefs":[],"style":"normal"},{"_key":"3f16a0716b3d","_type":"block","children":[{"_key":"8feaa6176748","_type":"span","marks":[],"text":"Read AZPC= Azure CNI Powered by Cilium"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"c4b742bbc45e","_type":"block","children":[{"_key":"ad86b2aa93e4","_type":"span","marks":[],"text":"Read Azure Linux= AL"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"5b232e34b469","_type":"block","children":[{"_key":"fafd0367a8d7","_type":"span","marks":["em"],"text":"Read Overlay=OL"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"37b0369bd99e","_type":"block","children":[{"_key":"5228f2daf8f9","_type":"span","marks":["em"],"text":"Read Azure CNI Overlay= ACO"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"db93d702bc5c","_type":"block","children":[{"_key":"c0c7d8c66f34","_type":"span","marks":[],"text":"Azure CNI powered by Cilium clusters created with Kubernetes come up by default with Cilium 1.14.x version ( managed by Microsoft)."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"4ecb69f1bc7e","_type":"block","children":[{"_key":"2d08271a7f17","_type":"span","marks":[],"text":"In the case of BYOCNI, the tests were validated with Isovalent 1.14.x release."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"731c90e55c85","_type":"block","children":[{"_key":"f8e14ac3dcd9","_type":"span","marks":[],"text":"To install Isovalent Enterprise for Cilium on AKS clusters with the network-plugin "},{"_key":"f573a28abd9b","_type":"span","marks":["code"],"text":"BYOCNI"},{"_key":"dfe83e6421a1","_type":"span","marks":[],"text":", contact "},{"_key":"436ccca9ffb9","_type":"span","marks":["ba8f3ece6982"],"text":"sales@isovalent.com"},{"_key":"4407c74ee219","_type":"span","marks":[],"text":"."}],"level":1,"listItem":"bullet","markDefs":[{"_key":"ba8f3ece6982","_type":"link","href":"mailto:sales@isovalent.com"}],"style":"normal"},{"_key":"9adbed7174b9","_type":"block","children":[{"_key":"a937009d2e86","_type":"span","marks":[],"text":"Application pods must be recreated after upgrading an AKS cluster from Azure CNI Overlay to Azure CNI powered by Cilium with IP family to IPv4 to Dual-Stack."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"8204b9674467","_type":"block","children":[{"_key":"88982c71dbfd","_type":"span","marks":[],"text":"Application pods must be recreated after upgrading an AKS cluster from Kubenet to Azure CNI powered by Cilium with IP family to IPv4 to Dual-Stack."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2025-06-03T12:25:06Z","_id":"2e3ea40a-5d0f-420b-a4c8-c8948337df9c","_key":"5c562daeed01","_ref":"2e3ea40a-5d0f-420b-a4c8-c8948337df9c","_rev":"xpyN0xwPmYNsWcjXb9jRxr","_type":"contentSwitcher","_updatedAt":"2025-06-04T14:35:12Z","activeTab":1,"contentSwitcherItems":[{"_createdAt":"2025-06-03T12:25:40Z","_id":"b5f5a690-7b1b-42c9-b0dc-86960414d04e","_rev":"Li2CFyNtmPIJNNw2pRLxbU","_type":"contentSwitcherItem","_updatedAt":"2025-06-03T14:34:37Z","label":{"en":"BYONCI"},"languages":["en"],"text":{"en":[{"_key":"52035d32965a","_type":"block","children":[{"_key":"bd7848937fef","_type":"span","marks":[],"text":"Create an AKS cluster with BYOCNI in dual-stack mode."}],"markDefs":[],"style":"normal"},{"_key":"0020656e6a08","_type":"block","children":[{"_key":"be2ded35862f","_type":"span","marks":[],"text":"Set the subscription"}],"markDefs":[],"style":"h4"},{"_key":"0ec5a545438f","_type":"block","children":[{"_key":"73875d05a150","_type":"span","marks":[],"text":"Choose the subscription you want to use if you have multiple Azure subscriptions."}],"markDefs":[],"style":"normal"},{"_key":"40bf0ed8bc5f","_type":"block","children":[{"_key":"9e24aec6ff87","_type":"span","marks":[],"text":"Replace "},{"_key":"fb4be3a431cb","_type":"span","marks":["code"],"text":"SubscriptionName"},{"_key":"c36fcdf996f1","_type":"span","marks":[],"text":" with your subscription name."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"9fa136a0129b","_type":"block","children":[{"_key":"7b97bec01ce8","_type":"span","marks":[],"text":"You can also use your subscription ID instead of your subscription name."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2025-06-03T12:26:14Z","_id":"11899814-4dec-4b0b-be06-c40460b2f558","_key":"f72d20fe97be","_ref":"11899814-4dec-4b0b-be06-c40460b2f558","_rev":"0hRy6b50G0lKPtPk07Ghqk","_type":"codeBlock","_updatedAt":"2025-06-03T14:35:57Z","code":"az account set --subscription SubscriptionName","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"blog-cilium-dual-stack-aks-byocni-az account set"},{"_key":"a07f1ee54113","_type":"block","children":[{"_key":"fb2ac46f4204","_type":"span","marks":[],"text":"AKS Resource Group Creation"}],"markDefs":[],"style":"h4"},{"_key":"00ead0b7e2d1","_type":"block","children":[{"_key":"9f3538c2b729","_type":"span","marks":[],"text":"Create a Resource Group"}],"markDefs":[],"style":"normal"},{"_key":"0f752540bc60","_type":"block","children":[{"_key":"04d81ca430b5","_type":"span","marks":[],"text":""}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-03T12:27:06Z","_id":"bc27f59c-a1ed-4813-8e38-323c725bb51c","_key":"74c545b777fe","_ref":"bc27f59c-a1ed-4813-8e38-323c725bb51c","_rev":"PDHcFVyj5vN2blED3XLCWK","_type":"codeBlock","_updatedAt":"2025-06-03T12:27:55Z","code":"clusterName=\"byocnids\"\nresourceGroup=\"byocnids\"\nvnet=\"byocnids\"\nlocation=\"southindia\"\n\naz group create --name $resourceGroup --location $location","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-aks-resource-group"},{"_key":"b66848f46a58","_type":"block","children":[{"_key":"f79bfce2f405","_type":"span","marks":[],"text":"AKS Cluster creation"}],"markDefs":[],"style":"h4"},{"_key":"d343ae47182b","_type":"block","children":[{"_key":"38f80cd5e93e","_type":"span","marks":[],"text":"Pass the "},{"_key":"9ccf65480fc0","_type":"span","marks":["code"],"text":"--network-plugin"},{"_key":"b451af476271","_type":"span","marks":[],"text":" parameter with the parameter value of "},{"_key":"ca6c03a9d579","_type":"span","marks":["code"],"text":"none"},{"_key":"53443ce8af73","_type":"span","marks":[],"text":" and ip-families set to IPv4 and IPv6."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-03T12:28:20Z","_id":"c7545d3e-1829-4510-9e90-4a97b9876b6c","_key":"5d21db94e360","_ref":"c7545d3e-1829-4510-9e90-4a97b9876b6c","_rev":"R3ERKRMC2WUT4Dc5IsiTRk","_type":"codeBlock","_updatedAt":"2025-06-03T12:28:35Z","code":"az aks create --name $clusterName --resource-group $resourceGroup \\\n--network-plugin none \\\n--ip-families ipv4,ipv6 \\\n--kubernetes-version 1.29","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-cluster-creation"},{"_key":"18f17cb833b1","_type":"block","children":[{"_key":"31ac97f4376c","_type":"span","marks":[],"text":"Set the Kubernetes Context"}],"markDefs":[],"style":"h4"},{"_key":"7fcc819d1737","_type":"block","children":[{"_key":"5c0c526faec2","_type":"span","marks":[],"text":"Log in to the Azure portal, browse Kubernetes Services>, select the respective Kubernetes service created (AKS Cluster), and click connect. This will help you connect to your AKS cluster and set the respective Kubernetes context."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-03T12:29:01Z","_id":"c3423ed8-2f75-4b05-806f-ea15ebbdca45","_key":"70458b645b87","_ref":"c3423ed8-2f75-4b05-806f-ea15ebbdca45","_rev":"R3ERKRMC2WUT4Dc5IsiWEu","_type":"codeBlock","_updatedAt":"2025-06-03T12:29:13Z","code":"az aks get-credentials --name $clusterName --resource-group $resourceGroup","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-set kubernetes context"},{"_key":"f0ad7ee3d829","_type":"block","children":[{"_key":"4e2cd39b6656","_type":"span","marks":[],"text":"Cluster status check"}],"markDefs":[],"style":"h4"},{"_key":"5ba706474381","_type":"block","children":[{"_key":"388aa63ffdf8","_type":"span","marks":[],"text":"Check the status of the nodes and make sure they are in a “Ready” state and that the nodes have IPv6 and IPv4 addresses."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-03T12:29:38Z","_id":"d468d3ac-3926-4a41-89f4-0ea7744401ab","_key":"5b6d83b81160","_ref":"d468d3ac-3926-4a41-89f4-0ea7744401ab","_rev":"R3ERKRMC2WUT4Dc5IsiZHg","_type":"codeBlock","_updatedAt":"2025-06-03T12:29:45Z","code":"kubectl get nodes -o wide\n\nNAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME\naks-nodepool1-23195171-vmss000000 Ready 2d14h v1.29.0 10.224.0.6 Ubuntu 22.04.4 LTS 5.15.0-1058-azure containerd://1.7.7-1\naks-nodepool1-23195171-vmss000001 Ready 2d14h v1.29.0 10.224.0.4 Ubuntu 22.04.4 LTS 5.15.0-1058-azure containerd://1.7.7-1\naks-nodepool1-23195171-vmss000002 Ready 2d14h v1.29.0 10.224.0.5 Ubuntu 22.04.4 LTS 5.15.0-1058-azure containerd://1.7.7-1\n\nkubectl describe nodes | grep -E 'InternalIP'\n\n InternalIP: 10.224.0.6\n InternalIP: fd1c:466e:bfa3:9c20::6\n InternalIP: 10.224.0.4\n InternalIP: fd1c:466e:bfa3:9c20::4\n InternalIP: 10.224.0.5\n InternalIP: fd1c:466e:bfa3:9c20::5","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-cluster-status-check"},{"_key":"14a4435ca889","_type":"block","children":[{"_key":"0477d717d6ed","_type":"span","marks":[],"text":"Install Isovalent Enteprise for Cilium"}],"markDefs":[],"style":"h4"},{"_key":"e594d8c3f170","_type":"block","children":[{"_key":"cedb7bfbfdf9","_type":"span","marks":[],"text":"Users can contact their partner Sales/SE representative(s) at "},{"_key":"a93c1c73ca25","_type":"span","marks":["f4b117471cfd"],"text":"sales@isovalent.com"},{"_key":"9006426ccbcd","_type":"span","marks":[],"text":" to access the requisite documentation and how to "},{"_key":"593d3b7bbac2","_type":"span","marks":["3fd5b98c42d4"],"text":"install Isovalent Enteprpise for Cilium on an AKS cluster with BYOCNI"},{"_key":"80eeb2a94dde","_type":"span","marks":[],"text":" as the network plugin. "}],"markDefs":[{"_key":"f4b117471cfd","_type":"link","href":"mailto:sales@isovalent.com"},{"_key":"3fd5b98c42d4","_type":"link","href":"https://docs.isovalent.com/operations-guide/installation/clean-install.html"}],"style":"normal"},{"_key":"24e6604295d4","_type":"block","children":[{"_key":"0a4920f697f9","_type":"span","marks":[],"text":"Validate Cilium version"}],"markDefs":[],"style":"h4"},{"_key":"2578360793c0","_type":"block","children":[{"_key":"b50e25ebd598","_type":"span","marks":[],"text":"Check the version of cilium with "},{"_key":"18cf18104461","_type":"span","marks":["code"],"text":"cilium version"},{"_key":"1ef02cbc90df","_type":"span","marks":[],"text":":"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-03T14:33:51Z","_id":"64bdcd2f-76db-4475-abbd-9f647d9a87d0","_key":"494832842e05","_ref":"64bdcd2f-76db-4475-abbd-9f647d9a87d0","_rev":"0hRy6b50G0lKPtPk07GX2m","_type":"codeBlock","_updatedAt":"2025-06-03T14:34:07Z","code":"$1c","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-byocni-Validate Cilium version"},{"_key":"6ef4dbf66e9f","_type":"block","children":[{"_key":"3fc8eab5fb1c","_type":"span","marks":[],"text":"Cilium Health Check"}],"markDefs":[],"style":"h4"},{"_key":"a1da4656c4cc","_type":"block","children":[{"_key":"f269b91991a2","_type":"span","marks":["code"],"text":"cilium-health"},{"_key":"e3dfa20a48d1","_type":"span","marks":[],"text":" is a tool available in Cilium that provides visibility into the overall health of the cluster’s networking connectivity. You can check node-to-node health with cilium-health status:"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-03T14:34:41Z","_id":"797df39c-d478-42d1-9a7a-4d889f0fda1c","_key":"4521f87fa328","_ref":"797df39c-d478-42d1-9a7a-4d889f0fda1c","_rev":"Li2CFyNtmPIJNNw2pRLwoi","_type":"codeBlock","_updatedAt":"2025-06-03T14:35:03Z","code":"$1d","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-byocni-Cilium Health Check"}]}},{"_createdAt":"2025-06-03T14:37:46Z","_id":"beb38c2e-b345-4885-963c-914a984c31df","_rev":"xpyN0xwPmYNsWcjXb9irkh","_type":"contentSwitcherItem","_updatedAt":"2025-06-04T14:27:13Z","label":{"en":"BYOCNI with AL"},"languages":["en"],"text":{"en":[{"_key":"f35271b85310","_type":"block","children":[{"_key":"d5445665410d","_type":"span","marks":[],"text":"Create an AKS cluster with BYOCNI in dual-stack mode with "},{"_key":"98716a74d70c","_type":"span","marks":["e27cd3c770d1"],"text":"Azure Linux"},{"_key":"9d4730ba4e5b","_type":"span","marks":[],"text":" as the host OS."}],"markDefs":[{"_key":"e27cd3c770d1","_type":"link","href":"https://isovalent.com/blog/post/cilium-azure-linux/"}],"style":"normal"},{"_key":"147c04d67cb2","_type":"block","children":[{"_key":"fc8d22ec946d","_type":"span","marks":[],"text":"Set the subscription"}],"markDefs":[],"style":"h4"},{"_key":"4ff809b587e2","_type":"block","children":[{"_key":"11056ce1341c","_type":"span","marks":[],"text":"Choose the subscription you want to use if you have multiple Azure subscriptions."}],"markDefs":[],"style":"normal"},{"_key":"0e81b679f738","_type":"block","children":[{"_key":"50ad383e6099","_type":"span","marks":[],"text":"Replace "},{"_key":"a5f0444e7fd7","_type":"span","marks":["code"],"text":"SubscriptionName"},{"_key":"5b9266d23954","_type":"span","marks":[],"text":" with your subscription name."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"b40c1fa47f41","_type":"block","children":[{"_key":"bc34ffd69bc6","_type":"span","marks":[],"text":"You can also use your subscription ID instead of your subscription name."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T11:00:25Z","_id":"79ba0fc3-d8b4-4199-9e52-4ae6a8b1c1f0","_key":"f12224f3ca87","_ref":"79ba0fc3-d8b4-4199-9e52-4ae6a8b1c1f0","_rev":"dHFpTR1hba7sXOFAwJl4b5","_type":"codeBlock","_updatedAt":"2025-06-04T11:00:33Z","author":{"_ref":"85cdb366-49b3-6ceb-9e1a-c8450921a748","_type":"reference"},"code":"az account set --subscription SubscriptionName","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"az account set --subscription SubscriptionName"},{"_key":"353a340a69b1","_type":"block","children":[{"_key":"83d4181efaec","_type":"span","marks":[],"text":"AKS Resource Group Creation"}],"markDefs":[],"style":"h4"},{"_key":"04ad3c60457a","_type":"block","children":[{"_key":"e9e2502580e4","_type":"span","marks":[],"text":"Create a Resource Group"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:24:04Z","_id":"f33f9030-1beb-4a91-88c4-04151c83c038","_key":"357a712a110c","_ref":"f33f9030-1beb-4a91-88c4-04151c83c038","_rev":"ZjbMTKKCyoKeNu9aEu1nev","_type":"codeBlock","_updatedAt":"2025-06-04T14:24:29Z","code":"clusterName=\"byocnidsal\"\nresourceGroup=\"byocnidsal\"\nvnet=\"byocnidsal\"\nlocation=\"canadacentral\"\n\naz group create --name $resourceGroup --location $location","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-byoncnial-resource group creation"},{"_key":"2385eb37d260","_type":"block","children":[{"_key":"9030c656bd7a","_type":"span","marks":[],"text":"AKS Cluster creation"}],"markDefs":[],"style":"h4"},{"_key":"fccdbf8c1c95","_type":"block","children":[{"_key":"a81c752c5083","_type":"span","marks":[],"text":"Pass the "},{"_key":"a81b375e7230","_type":"span","marks":["code"],"text":"--network-plugin"},{"_key":"585047de2aad","_type":"span","marks":[],"text":" parameter with the parameter value of "},{"_key":"bafd4fe3c927","_type":"span","marks":["code"],"text":"none"},{"_key":"70057d610a56","_type":"span","marks":[],"text":" and ip-families set to IPv4 and IPv6. Also, set the os-sku type to AzureLinux."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:24:48Z","_id":"f8266268-cdcd-4bd6-8b24-21d8ba7c56e2","_key":"817d8f3d5a99","_ref":"f8266268-cdcd-4bd6-8b24-21d8ba7c56e2","_rev":"ZjbMTKKCyoKeNu9aEu1tgD","_type":"codeBlock","_updatedAt":"2025-06-04T14:24:56Z","code":"az aks create --name $clusterName --resource-group $resourceGroup \\\n--network-plugin none \\\n--ip-families ipv4,ipv6 \\\n--os-sku AzureLinux \\\n--kubernetes-version 1.29","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-byoncnial-aks cluster creation"},{"_key":"89c59af21516","_type":"block","children":[{"_key":"506c380c7686","_type":"span","marks":[],"text":"Set the Kubernetes Context"}],"markDefs":[],"style":"h4"},{"_key":"213bce30baf7","_type":"block","children":[{"_key":"2ddf3b294974","_type":"span","marks":[],"text":"Log in to the Azure portal, browse Kubernetes Services>, select the respective Kubernetes service created (AKS Cluster), and click connect. This will help you connect to your AKS cluster and set the respective Kubernetes context."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:25:10Z","_id":"ccc7b96e-5763-41e7-983e-9612fc89af59","_key":"acae0b651be2","_ref":"ccc7b96e-5763-41e7-983e-9612fc89af59","_rev":"ZjbMTKKCyoKeNu9aEu25Na","_type":"codeBlock","_updatedAt":"2025-06-04T14:25:19Z","code":"az aks get-credentials --name $clusterName --resource-group $resourceGroup","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-byoncnial-set-k8s-context"},{"_key":"b1ff84cfd94e","_type":"block","children":[{"_key":"2fd88ee1659b","_type":"span","marks":[],"text":"Cluster status check"}],"markDefs":[],"style":"h4"},{"_key":"8d7ab5bfcce6","_type":"block","children":[{"_key":"45c90457f94d","_type":"span","marks":[],"text":"Check the status of the nodes and make sure they are in a “Ready” state and that the nodes have IPv6 and IPv4 addresses."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:25:42Z","_id":"9da9a56b-96b2-44d6-94cb-010db20b0bcf","_key":"173be41760aa","_ref":"9da9a56b-96b2-44d6-94cb-010db20b0bcf","_rev":"ZjbMTKKCyoKeNu9aEu2Qaa","_type":"codeBlock","_updatedAt":"2025-06-04T14:25:51Z","code":"kubectl get nodes -o wide\n\nNAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME\naks-nodepool1-78919201-vmss000000 NotReady 3m21s v1.29.2 10.224.0.5 CBL-Mariner/Linux 5.15.148.2-2.cm2 containerd://1.6.26\naks-nodepool1-78919201-vmss000001 NotReady 3m18s v1.29.2 10.224.0.4 CBL-Mariner/Linux 5.15.148.2-2.cm2 containerd://1.6.26\naks-nodepool1-78919201-vmss000002 NotReady 3m20s v1.29.2 10.224.0.6 CBL-Mariner/Linux 5.15.148.2-2.cm2 containerd://1.6.26\n\nkubectl describe nodes | grep -E 'InternalIP'\n\n InternalIP: 10.224.0.5\n InternalIP: fd0e:6e62:87ea:7d6e::5\n InternalIP: 10.224.0.4\n InternalIP: fd0e:6e62:87ea:7d6e::4\n InternalIP: 10.224.0.6\n InternalIP: fd0e:6e62:87ea:7d6e::6","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-byoncnial-cluster-status-check"},{"_key":"9bd0e334413d","_type":"block","children":[{"_key":"f61efc454398","_type":"span","marks":[],"text":"Install Isovalent Enteprise for Cilium"}],"markDefs":[],"style":"h4"},{"_key":"f95424a5786f","_type":"block","children":[{"_key":"2ad5ccc20592","_type":"span","marks":[],"text":"Users can contact their partner Sales/SE representative(s) at "},{"_key":"064b3fb9f81c","_type":"span","marks":["e1f99d36368b"],"text":"sales@isovalent.com"},{"_key":"80af272aa1ed","_type":"span","marks":[],"text":" to access the requisite documentation and how to "},{"_key":"e66d2376d9fe","_type":"span","marks":["0793b29934dd"],"text":"install Isovalent Enteprpise for Cilium on an AKS cluster with BYOCNI"},{"_key":"b08975afa54a","_type":"span","marks":[],"text":" as the network plugin. "}],"level":1,"listItem":"bullet","markDefs":[{"_key":"e1f99d36368b","_type":"link","href":"mailto:sales@isovalent.com"},{"_key":"0793b29934dd","_type":"link","href":"https://docs.isovalent.com/operations-guide/installation/clean-install.html"}],"style":"normal"},{"_key":"38a1a52e04a3","_type":"block","children":[{"_key":"4dd21a546695","_type":"span","marks":[],"text":"Validate Cilium version"}],"markDefs":[],"style":"h4"},{"_key":"071050d8c537","_type":"block","children":[{"_key":"7f6113e4bb5e","_type":"span","marks":[],"text":"Check the version of cilium with "},{"_key":"39ab3cb47070","_type":"span","marks":["code"],"text":"cilium version"},{"_key":"255a6b0153da","_type":"span","marks":[],"text":":"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:26:25Z","_id":"fe09d52c-2802-4510-bbab-2f255715c7ac","_key":"c9d70927f290","_ref":"fe09d52c-2802-4510-bbab-2f255715c7ac","_rev":"M90ZQ1qKKr5D33uqfxiSlz","_type":"codeBlock","_updatedAt":"2025-06-04T14:26:36Z","code":"$1e","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-byoncnial-update-cilium-version"},{"_key":"4a43cad4cd8c","_type":"block","children":[{"_key":"207f9667362e","_type":"span","marks":[],"text":"Cilium Health Check"}],"markDefs":[],"style":"h4"},{"_key":"b16416eb0dbd","_type":"block","children":[{"_key":"08d3522617b3","_type":"span","marks":["code"],"text":"cilium-health"},{"_key":"f7e845b8ebdd","_type":"span","marks":[],"text":" is a tool available in Cilium that provides visibility into the overall health of the cluster’s networking connectivity. You can check node-to-node health with cilium-health status:"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:26:55Z","_id":"3180cd83-4cdf-4912-a041-ccecc18d3a41","_key":"d702595a7708","_ref":"3180cd83-4cdf-4912-a041-ccecc18d3a41","_rev":"M90ZQ1qKKr5D33uqfxiUdh","_type":"codeBlock","_updatedAt":"2025-06-04T14:27:05Z","code":"$1f","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-cilium-dual-stack-aks-byoncnial-cilium-health-check"}]}},{"_createdAt":"2025-06-04T14:27:37Z","_id":"e6a03e34-4fe6-4165-b664-ef990b4d2e85","_rev":"xpyN0xwPmYNsWcjXb9jQg7","_type":"contentSwitcherItem","_updatedAt":"2025-06-04T14:34:24Z","label":{"en":"AZPC (OL Mode)"},"languages":["en"],"text":{"en":[{"_key":"236f9ee5e581","_type":"block","children":[{"_key":"44708b5aacde","_type":"span","marks":[],"text":"Azure CNI Powered by Cilium can be deployed by assigning IP addresses from an overlay network."}],"markDefs":[],"style":"normal"},{"_key":"e0cf51770764","_type":"block","children":[{"_key":"66b79c0dd1f0","_type":"span","marks":[],"text":"Set the subscription"}],"markDefs":[],"style":"h4"},{"_key":"ed984d3455b3","_type":"block","children":[{"_key":"ae3678a13bf1","_type":"span","marks":[],"text":"Choose the subscription you want to use if you have multiple Azure subscriptions."}],"markDefs":[],"style":"normal"},{"_key":"fda452fa5124","_type":"block","children":[{"_key":"9192a6f645f8","_type":"span","marks":[],"text":"Replace "},{"_key":"2408c5a47995","_type":"span","marks":["code"],"text":"SubscriptionName"},{"_key":"7a2ef8526d36","_type":"span","marks":[],"text":" with your subscription name."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"09e46c1c4612","_type":"block","children":[{"_key":"99b53ff13c12","_type":"span","marks":[],"text":"You can also use your subscription ID instead of your subscription name."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:29:03Z","_id":"353415da-38fc-41a6-a633-cd1dc6de553d","_key":"410bb6b5a5d3","_ref":"353415da-38fc-41a6-a633-cd1dc6de553d","_rev":"ZjbMTKKCyoKeNu9aEu3bey","_type":"codeBlock","_updatedAt":"2025-06-04T14:29:21Z","code":"az account set --subscription SubscriptionName","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-set-subscription"},{"_key":"768e19e75268","_type":"block","children":[{"_key":"51b7187bed7e","_type":"span","marks":[],"text":"AKS Resource Group Creation"}],"markDefs":[],"style":"h4"},{"_key":"95abc383a3a2","_type":"block","children":[{"_key":"d190229d939b","_type":"span","marks":[],"text":"Create a Resource Group"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:30:14Z","_id":"60dd8dde-0c4b-4eab-bc87-c0ed164fdad3","_key":"c8234b089853","_ref":"60dd8dde-0c4b-4eab-bc87-c0ed164fdad3","_rev":"ZjbMTKKCyoKeNu9aEu42PZ","_type":"codeBlock","_updatedAt":"2025-06-04T14:30:21Z","code":"clusterName=\"azpcdsoverlay\"\nresourceGroup=\"azpcdsoverlay\"\nvnet=\"azpcdsoverlay\"\nlocation=\"francecentral\"\n\naz group create --name $resourceGroup --location $location","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-resource group creation"},{"_key":"d9ab4fda3c6a","_type":"block","children":[{"_key":"c672f1f8006b","_type":"span","marks":[],"text":"AKS Cluster creation"}],"markDefs":[],"style":"h4"},{"_key":"80a98db8a4dd","_type":"block","children":[{"_key":"f1bb24a110fa","_type":"span","marks":[],"text":"Create a cluster with Azure CNI Powered by Cilium with network-plugin as "},{"_key":"ec06832e6de9","_type":"span","marks":["code"],"text":"Azure"},{"_key":"64227a0d1c26","_type":"span","marks":[],"text":", network-plugin-mode as "},{"_key":"351c3f64b886","_type":"span","marks":["code"],"text":"Overlay"},{"_key":"4473defe762f","_type":"span","marks":[],"text":", ip-families set to IPv4 and IPv6 and network-dataplane as "},{"_key":"fffe59db37aa","_type":"span","marks":["code"],"text":"Cilium"},{"_key":"c7aae854910a","_type":"span","marks":[],"text":"."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:31:42Z","_id":"af6df7ff-9722-4f0f-8a6b-7caec38ac424","_key":"1d527954ac30","_ref":"af6df7ff-9722-4f0f-8a6b-7caec38ac424","_rev":"M90ZQ1qKKr5D33uqfxk3qo","_type":"codeBlock","_updatedAt":"2025-06-04T14:31:48Z","code":"az aks create -l $location -g $resourceGroup -n $clusterName \\\n --network-plugin azure \\\n --network-plugin-mode overlay \\\n --ip-families ipv4,ipv6 \\\n --kubernetes-version 1.29 \\\n --network-dataplane cilium","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL- aks cluster creation"},{"_key":"38fed93c6c39","_type":"block","children":[{"_key":"96bf383c1920","_type":"span","marks":[],"text":"Set the Kubernetes Context"}],"markDefs":[],"style":"h4"},{"_key":"47fe56387b04","_type":"block","children":[{"_key":"660228da8f09","_type":"span","marks":[],"text":"Log in to the Azure portal, browse Kubernetes Services>, select the respective Kubernetes service created (AKS Cluster), and click connect. This will help you connect to your AKS cluster and set the respective Kubernetes context."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:32:09Z","_id":"e77c8541-2aaa-45a9-bfcd-3739007c0505","_key":"6655f5f7b63f","_ref":"e77c8541-2aaa-45a9-bfcd-3739007c0505","_rev":"M90ZQ1qKKr5D33uqfxkHnE","_type":"codeBlock","_updatedAt":"2025-06-04T14:32:15Z","code":"az aks get-credentials --name $clusterName --resource-group $resourceGroup","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL- set k8s context"},{"_key":"9e633065ea82","_type":"block","children":[{"_key":"47b200679c12","_type":"span","marks":[],"text":"Cluster status check"}],"markDefs":[],"style":"h4"},{"_key":"4310568314be","_type":"block","children":[{"_key":"4a9c6217aa4d","_type":"span","marks":[],"text":"Check the status of the nodes and make sure they are in a “Ready” state and that the nodes have IPv6 and IPv4 addresses."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:32:40Z","_id":"2826f2f0-fdfd-450c-a465-44fcb14d5bb0","_key":"932c29cbd35d","_ref":"2826f2f0-fdfd-450c-a465-44fcb14d5bb0","_rev":"ZjbMTKKCyoKeNu9aEu5Sju","_type":"codeBlock","_updatedAt":"2025-06-04T14:32:45Z","code":"kubectl get nodes -o wide\n\nNAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME\naks-nodepool1-59269683-vmss000000 Ready 2d4h v1.29.2 10.224.0.6 Ubuntu 22.04.4 LTS 5.15.0-1059-azure containerd://1.7.14-1\naks-nodepool1-59269683-vmss000001 Ready 2d4h v1.29.2 10.224.0.5 Ubuntu 22.04.4 LTS 5.15.0-1059-azure containerd://1.7.14-1\naks-nodepool1-59269683-vmss000002 Ready 2d4h v1.29.2 10.224.0.4 Ubuntu 22.04.4 LTS 5.15.0-1059-azure containerd://1.7.14-1\n\nkubectl describe nodes | grep -E 'InternalIP'\n\n InternalIP: 10.224.0.6\n InternalIP: fd03:e220:33c2:875d::6\n InternalIP: 10.224.0.5\n InternalIP: fd03:e220:33c2:875d::5\n InternalIP: 10.224.0.4\n InternalIP: fd03:e220:33c2:875d::4","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-cluster status check"},{"_key":"94404a5edcf2","_type":"block","children":[{"_key":"fd2b060771ae","_type":"span","marks":[],"text":"Validate Cilium version"}],"markDefs":[],"style":"h4"},{"_key":"f86cc082569e","_type":"block","children":[{"_key":"49979225cc25","_type":"span","marks":[],"text":"Check the version of cilium with "},{"_key":"cb2ec948b519","_type":"span","marks":["code"],"text":"cilium version"},{"_key":"ff4a63dbe16c","_type":"span","marks":[],"text":":"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:33:14Z","_id":"63d828b9-dcca-411c-beea-525bfb36a115","_key":"854089081abc","_ref":"63d828b9-dcca-411c-beea-525bfb36a115","_rev":"M90ZQ1qKKr5D33uqfxkePM","_type":"codeBlock","_updatedAt":"2025-06-04T14:33:30Z","code":"$20","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-validate cilium version"},{"_key":"941af6b9ef26","_type":"block","children":[{"_key":"9487b8f01707","_type":"span","marks":[],"text":"Cilium Health Check"}],"markDefs":[],"style":"h4"},{"_key":"3aecb3d4529c","_type":"block","children":[{"_key":"06cc309db0bd","_type":"span","marks":["code"],"text":"cilium-health"},{"_key":"5f714cad10da","_type":"span","marks":[],"text":" is a tool available in Cilium that provides visibility into the overall health of the cluster’s networking connectivity. You can check node-to-node health with cilium-health status:"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:33:56Z","_id":"9dd01ae8-7c5c-4b70-bf28-d9fb47519c89","_key":"8d0551279e9f","_ref":"9dd01ae8-7c5c-4b70-bf28-d9fb47519c89","_rev":"M90ZQ1qKKr5D33uqfxkgsV","_type":"codeBlock","_updatedAt":"2025-06-04T14:34:04Z","code":"kubectl -n kube-system exec ds/cilium -- cilium-health status\n\nDefaulted container \"cilium-agent\" out of: cilium-agent, install-cni-binaries (init), mount-cgroup (init), apply-sysctl-overwrites (init), mount-bpf-fs (init), clean-cilium-state (init), systemd-networkd-overrides (init), block-wireserver (init)\nProbe time: 2024-04-05T13:52:28Z\nNodes:\n aks-nodepool1-59269683-vmss000001 (localhost):\n Host connectivity to 10.224.0.5:\n ICMP to stack: OK, RTT=172.799µs\n HTTP to agent: OK, RTT=77.3µs\n aks-nodepool1-59269683-vmss000000:\n Host connectivity to 10.224.0.6:\n ICMP to stack: OK, RTT=2.052993ms\n HTTP to agent: OK, RTT=298.699µs\n aks-nodepool1-59269683-vmss000002:\n Host connectivity to 10.224.0.4:\n ICMP to stack: OK, RTT=12.695255ms\n HTTP to agent: OK, RTT=338.399µs","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-cilium health check"},{"_key":"62d696933aca","_type":"block","children":[{"_key":"58c3af42c79c","_type":"span","marks":[],"text":"Cilium Connectivity Test"}],"markDefs":[],"style":"h4"},{"_key":"d5880ab5ea89","_type":"block","children":[{"_key":"21843cc481b7","_type":"span","marks":[],"text":"The Cilium connectivity test deploys a series of services and deployments, and CiliumNetworkPolicy will use various connectivity paths to connect. Connectivity paths include with and without service load-balancing and various network policy combinations."}],"markDefs":[],"style":"normal"},{"_key":"d64452b4a0f2","_type":"block","children":[{"_key":"83c049117a00","_type":"span","marks":[],"text":"The cilium connectivity test was run for all of the above scenarios, and the tests were passed successfully. A truncated output for one such test result:\n\n"},{"_key":"8495ac909f89","_type":"span","marks":["em"],"text":"Output Truncated"},{"_key":"c1fb036d49fa","_type":"span","marks":[],"text":":"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:34:26Z","_id":"d3110396-4355-4cd9-b549-521e463b5959","_key":"7a29044c480a","_ref":"d3110396-4355-4cd9-b549-521e463b5959","_rev":"xpyN0xwPmYNsWcjXb9jQJf","_type":"codeBlock","_updatedAt":"2025-06-04T14:34:39Z","code":"$21","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-cilium connectivity test"}]}},{"_createdAt":"2025-06-04T14:34:59Z","_id":"69ec5b51-ee21-4190-aa6d-83a6dfdc265b","_rev":"M90ZQ1qKKr5D33uqfxoxmT","_type":"contentSwitcherItem","_updatedAt":"2025-06-04T14:40:24Z","label":{"en":"AZPC (OL mode) and AL"},"languages":["en"],"text":{"en":[{"_key":"16622b60e876","_type":"block","children":[{"_key":"6960c384fec3","_type":"span","marks":[],"text":"Azure CNI Powered by Cilium can be deployed by assigning IP addresses from an overlay network. (host OS as Azure Linux)"}],"markDefs":[],"style":"normal"},{"_key":"188ca7bc8609","_type":"block","children":[{"_key":"0c482b45535f","_type":"span","marks":[],"text":"Set the subscription"}],"markDefs":[],"style":"h4"},{"_key":"d9910a4d93b2","_type":"block","children":[{"_key":"7091573cbdea","_type":"span","marks":[],"text":"Choose the subscription you want to use if you have multiple Azure subscriptions."}],"markDefs":[],"style":"normal"},{"_key":"8d524a717006","_type":"block","children":[{"_key":"ab2f0d1f23e8","_type":"span","marks":[],"text":"Replace "},{"_key":"ac05456a38a6","_type":"span","marks":["code"],"text":"SubscriptionName"},{"_key":"92d96d449104","_type":"span","marks":[],"text":" with your subscription name."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"a918abef2543","_type":"block","children":[{"_key":"ab5f31b6b0ce","_type":"span","marks":[],"text":"You can also use your subscription ID instead of your subscription name."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:37:23Z","_id":"81471e22-e1df-4620-847a-e63b980a9238","_key":"ce5f76b041c5","_ref":"81471e22-e1df-4620-847a-e63b980a9238","_rev":"xpyN0xwPmYNsWcjXb9jZNj","_type":"codeBlock","_updatedAt":"2025-06-04T14:37:41Z","code":"az account set --subscription SubscriptionName\n","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-and-AL-set subscription"},{"_key":"699308411b59","_type":"block","children":[{"_key":"93fd4d745d78","_type":"span","marks":[],"text":"AKS Resource Group Creation"}],"markDefs":[],"style":"h4"},{"_key":"d547c71c46cf","_type":"block","children":[{"_key":"8601546602b6","_type":"span","marks":[],"text":"Create a Resource Group"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:37:54Z","_id":"d8524ade-4c1d-47d3-8de6-e5b68dc893ed","_key":"8ff3705f7d10","_ref":"d8524ade-4c1d-47d3-8de6-e5b68dc893ed","_rev":"xpyN0xwPmYNsWcjXb9jbkp","_type":"codeBlock","_updatedAt":"2025-06-04T14:38:02Z","code":"clusterName=\"azpcdsaloverlay\"\nresourceGroup=\"azpcdsaloverlay\"\nvnet=\"azpcdsaloverlay\"\nlocation=\"australiaeast\"\n\naz group create --name $resourceGroup --location $location","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-and-AL-aks resource creation"},{"_key":"e25f9e7cec73","_type":"block","children":[{"_key":"88d360494353","_type":"span","marks":[],"text":"AKS Cluster creation"}],"markDefs":[],"style":"h4"},{"_key":"68569475b4a9","_type":"block","children":[{"_key":"29e775e36647","_type":"span","marks":[],"text":"Create a cluster with Azure CNI Powered by Cilium with network-plugin as "},{"_key":"5e38653b8dc6","_type":"span","marks":["code"],"text":"Azure"},{"_key":"5e23e353a301","_type":"span","marks":[],"text":", os-sku as "},{"_key":"1882fd316579","_type":"span","marks":["code"],"text":"AzureLinux"},{"_key":"3a56bc67b05d","_type":"span","marks":[],"text":", network-plugin-mode as "},{"_key":"9acd3bc5d2c5","_type":"span","marks":["code"],"text":"Overlay"},{"_key":"0fd8478a16ed","_type":"span","marks":[],"text":", ip-families set to IPv4 and IPv6 and network-dataplane as "},{"_key":"10be3643a630","_type":"span","marks":["code"],"text":"Cilium."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:38:12Z","_id":"09bdc85e-af0a-4bc4-a905-d8476b5bb5d3","_key":"8d7703297bb9","_ref":"09bdc85e-af0a-4bc4-a905-d8476b5bb5d3","_rev":"M90ZQ1qKKr5D33uqfxo882","_type":"codeBlock","_updatedAt":"2025-06-04T14:38:25Z","code":"az aks create -l $location -g $resourceGroup -n $clusterName \\\n --network-plugin azure \\\n --network-plugin-mode overlay \\\n --ip-families ipv4,ipv6 \\\n --kubernetes-version 1.29 \\\n --network-dataplane cilium \\\n --os-sku AzureLinux","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-and-AL-cluster creation"},{"_key":"8cfa4adde425","_type":"block","children":[{"_key":"a0192bcc3bd8","_type":"span","marks":[],"text":"Set the Kubernetes Context"}],"markDefs":[],"style":"h4"},{"_key":"c074a6acb73c","_type":"block","children":[{"_key":"b68602cd4b0c","_type":"span","marks":[],"text":"Log in to the Azure portal, browse Kubernetes Services>, select the respective Kubernetes service created (AKS Cluster), and click connect. This will help you connect to your AKS cluster and set the respective Kubernetes context."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:39:15Z","_id":"d90cb5b7-53d3-40fb-a206-a32f830e5884","_key":"829e1a5e5c9f","_ref":"d90cb5b7-53d3-40fb-a206-a32f830e5884","_rev":"ZjbMTKKCyoKeNu9aEuAn3y","_type":"codeBlock","_updatedAt":"2025-06-04T14:39:23Z","code":"az aks get-credentials --name $clusterName --resource-group $resourceGroup","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-and-AL-set Kubernetes context"},{"_key":"450525989b31","_type":"block","children":[{"_key":"533c36e1cafd","_type":"span","marks":[],"text":"Cluster status check"}],"markDefs":[],"style":"h4"},{"_key":"930231f49a75","_type":"block","children":[{"_key":"61dc3fe0d30c","_type":"span","marks":[],"text":"Check the status of the nodes and make sure they are in a “Ready” state and that the nodes have IPv6 and IPv4 addresses."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:39:33Z","_id":"48fcc61f-2056-493c-be01-15da900bf550","_key":"03a160f0797c","_ref":"48fcc61f-2056-493c-be01-15da900bf550","_rev":"xpyN0xwPmYNsWcjXb9jpIp","_type":"codeBlock","_updatedAt":"2025-06-04T14:39:40Z","code":"kubectl get nodes -o wide\n\nNAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME\naks-nodepool1-38202433-vmss000000 Ready 3d17h v1.29.0 10.224.0.4 CBL-Mariner/Linux 5.15.148.2-2.cm2 containerd://1.6.26\naks-nodepool1-38202433-vmss000001 Ready 3d17h v1.29.0 10.224.0.5 CBL-Mariner/Linux 5.15.148.2-2.cm2 containerd://1.6.26\naks-nodepool1-38202433-vmss000002 Ready 3d17h v1.29.0 10.224.0.6 CBL-Mariner/Linux 5.15.148.2-2.cm2 containerd://1.6.26\n\nkubectl describe nodes | grep -E 'InternalIP'\n InternalIP: 10.224.0.4\n InternalIP: fd3a:8aa1:6077:4e70::4\n InternalIP: 10.224.0.5\n InternalIP: fd3a:8aa1:6077:4e70::5\n InternalIP: 10.224.0.6\n InternalIP: fd3a:8aa1:6077:4e70::6","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-and-AL-status check"},{"_key":"e09b73001df4","_type":"block","children":[{"_key":"c3bdc59a5d33","_type":"span","marks":[],"text":"Validate Cilium version"}],"markDefs":[],"style":"h4"},{"_key":"34b07631f32f","_type":"block","children":[{"_key":"69c481bdd13b","_type":"span","marks":[],"text":"Check the version of cilium with "},{"_key":"1e8b8ec83f69","_type":"span","marks":["code"],"text":"cilium version"},{"_key":"25aeeb58edc0","_type":"span","marks":[],"text":":"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:39:51Z","_id":"db184519-0757-4f51-86b4-6e4b9e412b33","_key":"69024a069761","_ref":"db184519-0757-4f51-86b4-6e4b9e412b33","_rev":"xpyN0xwPmYNsWcjXb9jrNL","_type":"codeBlock","_updatedAt":"2025-06-04T14:40:00Z","code":"$22","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-and-AL-validate cilium version"},{"_key":"4f571e36865a","_type":"block","children":[{"_key":"fba37574b117","_type":"span","marks":[],"text":"Cilium Health Check"}],"markDefs":[],"style":"h4"},{"_key":"b159c1eb9ca8","_type":"block","children":[{"_key":"4c933e1fefe3","_type":"span","marks":["code"],"text":"cilium-health"},{"_key":"ed6a73f5b9a9","_type":"span","marks":[],"text":" is a tool available in Cilium that provides visibility into the overall health of the cluster’s networking connectivity. You can check node-to-node health with cilium-health status:"}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:40:10Z","_id":"70d09a9b-fc24-46b7-94ed-e5cbc8034862","_key":"3465df398f9e","_ref":"70d09a9b-fc24-46b7-94ed-e5cbc8034862","_rev":"xpyN0xwPmYNsWcjXb9js71","_type":"codeBlock","_updatedAt":"2025-06-04T14:40:18Z","code":"kubectl -n kube-system exec ds/cilium -- cilium-health status\n\nDefaulted container \"cilium-agent\" out of: cilium-agent, install-cni-binaries (init), mount-cgroup (init), apply-sysctl-overwrites (init), mount-bpf-fs (init), clean-cilium-state (init), systemd-networkd-overrides (init), block-wireserver (init)\nProbe time: 2024-04-06T09:48:18Z\nNodes:\n aks-nodepool1-38202433-vmss000002 (localhost):\n Host connectivity to 10.224.0.6:\n ICMP to stack: OK, RTT=336.002µs\n HTTP to agent: OK, RTT=248.602µs\n aks-nodepool1-38202433-vmss000000:\n Host connectivity to 10.224.0.4:\n ICMP to stack: OK, RTT=975.608µs\n HTTP to agent: OK, RTT=387.403µs\n aks-nodepool1-38202433-vmss000001:\n Host connectivity to 10.224.0.5:\n ICMP to stack: OK, RTT=966.007µs\n HTTP to agent: OK, RTT=523.204µs","lineNumbers":"hide","lineRestriction":7,"restrictHeight":false,"title":"cilium-dual-stack-aks-AZPC-OL-and-AL-health check"}]}}],"languages":["en"],"theme":"default","title":"code-create dual stack functionality with Cilium","width":"regular"},{"_key":"12a50375-5c97-4ecc-8a44-9798a903815a","_type":"block","children":[{"_key":"51f52e0f-9646-430c-b165-ebde7161cda5","_type":"span","marks":["strong"],"text":"Note: "},{"_key":"17449272-821e-4236-9b94-3f53ca92e7cb","_type":"span","marks":[],"text":"All tests below have been done on an AKS cluster with the network plugin as "},{"_key":"8dae6e1b-4ee8-48b7-ace4-47a2df6c5998","_type":"span","marks":["code"],"text":"BYOCNI"},{"_key":"1337d5a8-9970-4d1c-aaea-3a91b4cd5c17","_type":"span","marks":["strong"],"text":"."}],"markDefs":[],"style":"normal"},{"_key":"07c28a94-9fe7-4e72-a33e-7b123c8651be","_type":"block","children":[{"_key":"5330ee25-b6e1-4b2c-bf30-63659cb88e17","_type":"span","marks":[],"text":"Create sample application(s)"}],"markDefs":[],"style":"h2"},{"_key":"8b015190-a843-4214-ba7d-7598f006f967","_type":"block","children":[{"_key":"17e5682c-5b1c-4879-8cc8-b1d08b0afd8d","_type":"span","marks":[],"text":"Deploy the Pods"}],"markDefs":[],"style":"h4"},{"_key":"7997624c-3d36-47f1-8ec8-101d85ba675d","_type":"block","children":[{"_key":"1d3fa852-4973-441e-b10b-23e964b796e9","_type":"span","marks":[],"text":"You can deploy clients that have dual-stack functionality. We will use the "},{"_key":"09a6ce7bf023","_type":"span","marks":["f4d5120560c4"],"text":"netshoot"},{"_key":"0fbde7756d03","_type":"span","marks":[],"text":" image in this example."}],"level":1,"listItem":"bullet","markDefs":[{"_key":"f4d5120560c4","_type":"link","href":"https://github.com/nicolaka/netshoot","isLink":false,"openInNewTab":true}],"style":"normal"},{"_createdAt":"2024-09-30T11:21:39Z","_id":"59b7f2ec-4d89-8156-2afe-7e64a87ba8de","_key":"a72270f1-7ae0-477b-b567-b172a66c910d","_ref":"59b7f2ec-4d89-8156-2afe-7e64a87ba8de","_rev":"P5GVFsWfT1LlxauxUA4UsB","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:13Z","code":"apiVersion: v1\nkind: Pod\nmetadata:\n name: pod-worker\n labels:\n app: pod-worker\nspec:\n nodeName: aks-nodepool1-23195171-vmss000000\n containers:\n - name: netshoot\n image: nicolaka/netshoot:latest\n command: [\"sleep\", \"infinite\"]","language":"yaml","title":"yaml - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"4ede8370-4e6e-4af3-8a52-9f9b81479472","_type":"block","children":[{"_key":"fff66d69-8bed-4505-b0de-dfceb5418327","_type":"span","marks":[],"text":"Once you deploy it, notice that two IP addresses have been allocated – IPv4 and IPv6. You can directly get the IPv6 and IPv4 addresses with this command."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:40Z","_id":"1d9af7b5-23db-8ddf-3f9a-c45d14c16a72","_key":"99ad220e-3c7f-400a-bbac-2aaa36b1236e","_ref":"1d9af7b5-23db-8ddf-3f9a-c45d14c16a72","_rev":"P5GVFsWfT1LlxauxUA4Uxt","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:14Z","code":"kubectl get pod pod-worker -o jsonpath='{.status.podIPs[1].ip}'\nfd00::462\n\nkubectl get pod pod-worker -o jsonpath='{.status.podIPs[0].ip}'\n10.0.4.141","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"231dd643-746a-4780-a02b-a416c0aa7816","_type":"block","children":[{"_key":"e7e76fec-795d-4874-9c16-ea70a410a0e1","_type":"span","marks":[],"text":"Deploy another Pod (named "},{"_key":"3adbfe082286","_type":"span","marks":["code"],"text":"pod1-worker1"},{"_key":"870b9e503f98","_type":"span","marks":[],"text":") to verify successfully IPv6 connectivity."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:41Z","_id":"900f23c4-5376-ca18-bc63-b26a3d48125f","_key":"3ea9909b-5a7d-47e5-84e0-679ef9ce9962","_ref":"900f23c4-5376-ca18-bc63-b26a3d48125f","_rev":"P5GVFsWfT1LlxauxUA4aAU","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:15Z","code":"apiVersion: v1\nkind: Pod\nmetadata:\n name: pod1-worker1\n labels:\n app: pod1-worker1\nspec:\n nodeName: aks-nodepool1-23195171-vmss000001\n containers:\n - name: netshoot\n image: nicolaka/netshoot:latest\n command: [\"sleep\", \"infinite\"]","language":"yaml","title":"yaml - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"4ee5a2c8-734c-485d-a30e-8692aba2c18d","_type":"block","children":[{"_key":"75f050c1-1f06-4dfb-8c05-a2825eba0af9","_type":"span","marks":[],"text":"Verify IPv6 connectivity"}],"markDefs":[],"style":"h2"},{"_key":"5e28677a-6948-4d9e-af57-6d496364aa14","_type":"block","children":[{"_key":"1ea10bc8-8224-4d7c-8cc2-040adf2a59c2","_type":"span","marks":[],"text":"Pod-to-Pod connectivity"}],"markDefs":[],"style":"h4"},{"_key":"1a3f4ce7-b996-4622-ba6e-d8f57ae988c7","_type":"block","children":[{"_key":"33042d05-6b56-45b3-9d97-fa585cbc73de","_type":"span","marks":[],"text":"Both pods are manually pinned to different hosts by using "},{"_key":"9d8e462863b7","_type":"span","marks":["code"],"text":"spec.nodeName"},{"_key":"efe9032b7157","_type":"span","marks":[],"text":". As a result, the successful ping below showed successful IPv6 connectivity between Pods on different nodes."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:42Z","_id":"f2c46e12-4d4c-4de4-cde2-dd5155015ba4","_key":"55e77baa-806c-4935-8d83-21b51a019520","_ref":"f2c46e12-4d4c-4de4-cde2-dd5155015ba4","_rev":"be3C7ysj1QqQyrHso4bQu4","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:16Z","code":"$23","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"78e680da-d29b-4963-897a-d015efcd4ec7","_type":"block","children":[{"_key":"70f1a0e6-7341-4c2b-885d-3b853d66a7c4","_type":"span","marks":[],"text":"Pod-to-Service connectivity"}],"markDefs":[],"style":"h4"},{"_key":"4f71dc97-e6f6-4ff8-9bac-afd7c6d72c56","_type":"block","children":[{"_key":"33d424af-325f-41be-b99b-840e3c7dea45","_type":"span","marks":[],"text":"Use an echo server (An echo server is a server that replicates the request sent by the client and sends it back)."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:43Z","_id":"8056502f-ea79-0dda-9518-5da66445e55d","_key":"411765b4-8db7-4240-aee7-f5a221e21795","_ref":"8056502f-ea79-0dda-9518-5da66445e55d","_rev":"9px8ir0NfLa6aydsXNQiPO","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:17Z","code":"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: echoserver\nspec:\n replicas: 2\n selector:\n matchLabels:\n app: echoserver\n template:\n metadata:\n labels:\n app: echoserver\n spec:\n containers:\n - image: ealen/echo-server:latest\n imagePullPolicy: IfNotPresent\n name: echoserver\n ports:\n - containerPort: 80\n env:\n - name: PORT\n value: \"80\"\n---\napiVersion: v1\nkind: Service\nmetadata:\n name: echoserver\nspec:\n ipFamilyPolicy: PreferDualStack\n ipFamilies:\n - IPv6\n - IPv4\n ports:\n - port: 80\n targetPort: 80\n protocol: TCP\n type: ClusterIP\n selector:\n app: echoserver","language":"yaml","title":"yaml - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"95bb5c75-d87d-482e-806a-fe4f62fa7f0a","_type":"block","children":[{"_key":"b1aa223b-8fc0-410a-b788-6bed69b0a615","_type":"span","marks":[],"text":"Deploy it:"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:44Z","_id":"e85016df-4830-bcd0-d55b-fcdf08d88924","_key":"6f660e1b-9073-46f2-971a-acdc861c8806","_ref":"e85016df-4830-bcd0-d55b-fcdf08d88924","_rev":"9px8ir0NfLa6aydsXNQibq","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:18Z","code":"kubectl apply -f echo-kube-ipv6.yaml\ndeployment.apps/echoserver created\nservice/echoserver created","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"f2dfbc81-6b61-4357-b384-16eaecd6357e","_type":"block","children":[{"_key":"6e18308a-0270-4691-bd26-44e8154a482f","_type":"span","marks":[],"text":"The "},{"_key":"40d4eca0ecfa","_type":"span","marks":["code"],"text":"echoserver"},{"_key":"0cfde4fda5c7","_type":"span","marks":[],"text":" Service should have both IPv4 and IPv6 addresses."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:45Z","_id":"2e41b55f-d08f-7609-de9b-6dd16e34aee6","_key":"6cd0c1af-0626-4166-a6b3-5aaabd61b091","_ref":"2e41b55f-d08f-7609-de9b-6dd16e34aee6","_rev":"P5GVFsWfT1LlxauxUA4cvm","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:19Z","code":"kubectl describe svc echoserver\nName: echoserver\nNamespace: default\nLabels: \nAnnotations: \nSelector: app=echoserver\nType: ClusterIP\nIP Family Policy: PreferDualStack\nIP Families: IPv6,IPv4\nIP: fd5d:bc46:aeb0:8871::6d96\nIPs: fd5d:bc46:aeb0:8871::6d96,10.0.77.141\nPort: 80/TCP\nTargetPort: 80/TCP\nEndpoints: [fd00::15b]:80,[fd00::a0]:80\nSession Affinity: None\nEvents: ","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"88eddf9c-3dfd-4a9f-91e8-ed3ce2a57466","_type":"block","children":[{"_key":"48e5818a-ed21-47f1-8f90-79850b993054","_type":"span","marks":[],"text":"AAAA queries"}],"markDefs":[],"style":"h4"},{"_key":"626a0794-f514-47ac-9e66-fed56720597b","_type":"block","children":[{"_key":"6b074dbc-d90e-478d-8c47-913686e8ddcf","_type":"span","marks":[],"text":"AAAA records are assigned automatically to Services. You can do an "},{"_key":"1b7a01a94dee","_type":"span","marks":["code"],"text":"nslookup -q=AAAA"},{"_key":"9e6af0c20344","_type":"span","marks":[],"text":" to make an IPv6 DNS query."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:47Z","_id":"892e5904-64a2-d311-da27-b6cb64afadab","_key":"5069163f-313e-4a69-a62b-ff879ae225cc","_ref":"892e5904-64a2-d311-da27-b6cb64afadab","_rev":"P5GVFsWfT1LlxauxUA4d1U","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:20Z","code":"kubectl exec -it pod1-worker1 -- nslookup -q=AAAA echoserver.default\nServer:\t\t10.0.0.10\nAddress:\t10.0.0.10#53\n\nName:\techoserver.default.svc.cluster.local\nAddress: fd5d:bc46:aeb0:8871::6d96\n\nkubectl exec -it pod-worker -- nslookup -q=AAAA echoserver.default\nServer:\t\t10.0.0.10\nAddress:\t10.0.0.10#53\n\nName:\techoserver.default.svc.cluster.local\nAddress: fd5d:bc46:aeb0:8871::6d96","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"a48308fa-c86f-4a3b-ade7-6ec4ea8b013e","_type":"block","children":[{"_key":"eb96bfec-05ed-477b-a96c-66be72372249","_type":"span","marks":[],"text":"HTTP requests"}],"markDefs":[],"style":"h4"},{"_key":"70451f20-50ca-48ab-b39a-74d00b3fbda1","_type":"block","children":[{"_key":"389176ca-c7b5-4762-8e4d-f6ff059b2e9d","_type":"span","marks":[],"text":"curl requests to the AAAA record or the IP address should be executed successfully."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:48Z","_id":"2c5f018e-e24b-7b7f-1aa4-1598229f2dce","_key":"5a241858-09f7-4330-9230-914a960d973e","_ref":"2c5f018e-e24b-7b7f-1aa4-1598229f2dce","_rev":"P5GVFsWfT1LlxauxUA4d7C","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:21Z","code":"$24","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"63343472-5c92-4970-9879-0aa1bf2abe42","_type":"block","children":[{"_key":"34de0a0c-5fcd-45a2-951d-94cdc65ca552","_type":"span","marks":[],"text":"Expose the workload via service type "},{"_key":"c6dcc4fd-0010-4819-b9ae-b596a415bc1e","_type":"span","marks":["code"],"text":"LoadBalancer"},{"_key":"30b42ba2-c9b5-4270-9109-3dc9c015a992","_type":"span","marks":[],"text":" (Optional)- Before AKS 1.27"}],"markDefs":[],"style":"h4"},{"_key":"17c1cddd-f0e3-4bad-8e45-e472cd98e011","_type":"block","children":[{"_key":"5a4dd4a3-8948-48bc-86bd-1158a09a0ed5","_type":"span","marks":[],"text":"Before AKS 1.27, only the first IP address for a service will be provided to the load balancer, so a dual-stack service only receives a public IP for its first-listed IP family. To provide a dual-stack service for a single deployment, create two services targeting the same selector, one for IPv4 and one for IPv6."}],"markDefs":[],"style":"normal"},{"_key":"f64e5480-89f9-4961-a3c2-5b49f25ac2fd","_type":"block","children":[{"_key":"e3fdba9c-69a3-4249-94e7-8a85e10080dc","_type":"span","marks":[],"text":"Create and deploy an NGINX deployment."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:49Z","_id":"0fec6c25-ad07-75e3-e3f7-b89fc613ee86","_key":"74b060c6-c368-4223-82b3-c056c9cb05e0","_ref":"0fec6c25-ad07-75e3-e3f7-b89fc613ee86","_rev":"be3C7ysj1QqQyrHso4bpK9","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:22Z","code":"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n labels:\n app: nginx\n name: nginx\nspec:\n replicas: 1\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - image: nginx:latest\n name: nginx","language":"yaml","title":"yaml - \"Dual Stack on AKS with Cilium\" Code Block"},{"_createdAt":"2024-09-30T11:21:50Z","_id":"ebda3aa4-5899-840d-990c-3117931c65a2","_key":"006b3f40-ef70-4a61-9ab1-c6f048159fb4","_ref":"ebda3aa4-5899-840d-990c-3117931c65a2","_rev":"9px8ir0NfLa6aydsXNQwAK","_type":"codeBlock","_updatedAt":"2024-09-30T11:21:50Z","code":"kubectl apply -f nginx.yaml","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"1c78d3ae-6bec-40d9-b061-46d64a9722f8","_type":"block","children":[{"_key":"93186580-781d-4286-81dd-5a85f0a372a0","_type":"span","marks":[],"text":"Expose the deployment with service of type, "},{"_key":"979aa2cbc5ac","_type":"span","marks":["code"],"text":"LoadBalancer"},{"_key":"23c05e0c1a20","_type":"span","marks":[],"text":". "}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_key":"092e1849-9906-43f9-89a7-1a2899b24a81","_type":"block","children":[{"_key":"d7964676-60e2-4c09-bd31-cffdf1355ed1","_type":"span","marks":["strong"],"text":"Note: "},{"_key":"f858e31b-8636-4e59-b3a1-74c324cb5a7f","_type":"span","marks":[],"text":"To provide a dual-stack service for a single deployment, create two services targeting the same selector, one for IPv4 and one for IPv6."}],"markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:51Z","_id":"20fcb66f-1a3b-f417-4940-c6bd7d2dbf05","_key":"fd83472d-5f23-457f-af68-7103f54b8b19","_ref":"20fcb66f-1a3b-f417-4940-c6bd7d2dbf05","_rev":"P5GVFsWfT1LlxauxUA4f0F","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:24Z","code":"---\napiVersion: v1\nkind: Service\nmetadata:\n labels:\n app: nginx-ipv4\n name: nginx-ipv4\nspec:\n externalTrafficPolicy: Cluster\n ports:\n - port: 80\n protocol: TCP\n targetPort: 80\n selector:\n app: nginx-ipv4\n type: LoadBalancer\n---\n\n---\napiVersion: v1\nkind: Service\nmetadata:\n labels:\n app: nginx-ipv6\n name: nginx-ipv6\nspec:\n externalTrafficPolicy: Cluster\n ipFamilies:\n - IPv6\n ports:\n - port: 80\n protocol: TCP\n targetPort: 80\n selector:\n app: nginx-ipv6\n type: LoadBalancer\n---","language":"yaml","title":"yaml - \"Dual Stack on AKS with Cilium\" Code Block"},{"_createdAt":"2024-09-30T11:21:52Z","_id":"f3f337ff-9f92-399b-85c3-3d994b265f07","_key":"fb96b9bc-1431-406c-ae38-881e1784bd82","_ref":"f3f337ff-9f92-399b-85c3-3d994b265f07","_rev":"be3C7ysj1QqQyrHso4bpWC","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:25Z","code":"kubectl apply -f service-type-ipv4.yaml\n\nkubectl apply -f service-type-ipv6.yaml","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"35f75b8f-13bb-4dac-bede-d87e44625aaa","_type":"block","children":[{"_key":"5d63ea0c-cb78-4bc3-bf17-a84c98153520","_type":"span","marks":[],"text":"Check that both services have been deployed successfully."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:53Z","_id":"80c2fdfd-b0a8-bbd4-094c-ec151a85e050","_key":"6c6f2d44-0024-4a91-b48b-c69e92a815b4","_ref":"80c2fdfd-b0a8-bbd4-094c-ec151a85e050","_rev":"P5GVFsWfT1LlxauxUA4hwx","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:26Z","code":"$25","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"4957a283-9a7f-4c9c-9802-4ddecdfabe06","_type":"block","children":[{"_key":"32471e9f-9865-42e4-8dbe-82e83e555176","_type":"span","marks":[],"text":"Verify functionality via a command-line web request."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:54Z","_id":"82c3fc10-33a7-ab27-cb45-1a1ee90d0ea0","_key":"5e43f555-0ac5-4995-af9c-a474e469bd28","_ref":"82c3fc10-33a7-ab27-cb45-1a1ee90d0ea0","_rev":"9px8ir0NfLa6aydsXNQxp3","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:27Z","code":"curl -I 4.247.22.64\nHTTP/1.1 200 OK\nServer: nginx/1.25.4\nDate: Wed, 10 Apr 2024 13:01:10 GMT\nContent-Type: text/html\nContent-Length: 615\nLast-Modified: Wed, 14 Feb 2024 16:03:00 GMT\nConnection: keep-alive\nETag: \"65cce434-267\"\nAccept-Ranges: bytes\n\ncurl -g -6 'http://[2603:1040:c01::356]:80/' -I\nHTTP/1.1 200 OK\nServer: nginx/1.25.4\nDate: Wed, 10 Apr 2024 13:01:05 GMT\nContent-Type: text/html\nContent-Length: 615\nLast-Modified: Wed, 14 Feb 2024 16:03:00 GMT\nConnection: keep-alive\nETag: \"65cce434-267\"\nAccept-Ranges: bytes","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"2ad06944-2047-4e42-bf18-c019a7d3f90b","_type":"block","children":[{"_key":"ab8cf2bb-c73b-45f1-ae37-1fa1a441b880","_type":"span","marks":[],"text":"Expose the workload via service type "},{"_key":"caa59f6f-3933-4662-9951-797a5f1200ef","_type":"span","marks":["code"],"text":"LoadBalancer"},{"_key":"27d7f2d5-9fbf-4e7a-b2c2-13915c46aa18","_type":"span","marks":[],"text":" (Optional)- After AKS 1.27"}],"markDefs":[],"style":"h4"},{"_key":"a0da9234-7fbe-4dc0-8553-a1f51d0c159b","_type":"block","children":[{"_key":"35ee8b9a-5dc4-49f6-bf7c-b958a48006eb","_type":"span","marks":[],"text":"Starting in AKS v1.27, you can create a dual-stack LoadBalancer service, which will provide 1 IPv4 public IP and 1 IPv6 public IP. "}],"markDefs":[],"style":"normal"},{"_key":"d14452e8-b4e4-4eed-addc-926b8d64111b","_type":"block","children":[{"_key":"81eea7ad-d879-478a-8345-6ed773102ff7","_type":"span","marks":[],"text":"Create and deploy an NGINX deployment with a corresponding dual-stack service of type "},{"_key":"62871a64b934","_type":"span","marks":["code"],"text":"LoadBalancer"},{"_key":"719fb409a025","_type":"span","marks":[],"text":"."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:55Z","_id":"78672776-539c-0e56-d0a1-185d6cabaa17","_key":"4bbb3c39-a396-48ca-a16b-6db01c2878ac","_ref":"78672776-539c-0e56-d0a1-185d6cabaa17","_rev":"be3C7ysj1QqQyrHso4bs6q","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:28Z","code":"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n name: nginx\nspec:\n replicas: 2\n selector:\n matchLabels:\n app: nginx\n template:\n metadata:\n labels:\n app: nginx\n spec:\n containers:\n - name: nginx\n image: nginx:1.25.1\n ports:\n - containerPort: 80\n---\napiVersion: v1\nkind: Service\nmetadata:\n labels:\n app: nginx\n name: nginx\nspec:\n ipFamilyPolicy: PreferDualStack\n externalTrafficPolicy: Cluster\n ipFamilies:\n - IPv4\n - IPv6\n ports:\n - port: 80\n protocol: TCP\n targetPort: 80\n selector:\n app: nginx\n type: LoadBalancer","language":"yaml","title":"yaml - \"Dual Stack on AKS with Cilium\" Code Block"},{"_createdAt":"2024-09-30T11:21:56Z","_id":"a4a32a71-4102-561d-be63-be96171b3005","_key":"230ca5de-25b6-42c8-ab84-a1ab8f94b5bd","_ref":"a4a32a71-4102-561d-be63-be96171b3005","_rev":"be3C7ysj1QqQyrHso4bsEs","_type":"codeBlock","_updatedAt":"2024-09-30T11:21:56Z","code":"kubectl apply -f dualstack.yaml","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"f62c2f7c-13db-410b-ba0b-fda8a006ce87","_type":"block","children":[{"_key":"adef7a20-1435-4d56-b565-5b74a41d56f1","_type":"span","marks":[],"text":"Check that the service has been deployed successfully."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:57Z","_id":"c7e8f358-f7ed-c8d2-dc77-f8605ddbdc7a","_key":"b3f71b2a-5b5c-4a15-971f-4bde8b98a2e8","_ref":"c7e8f358-f7ed-c8d2-dc77-f8605ddbdc7a","_rev":"be3C7ysj1QqQyrHso4bsMu","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:30Z","code":"kubectl describe svc nginx\nName: nginx\nNamespace: default\nLabels: app=nginx\nAnnotations: \nSelector: app=nginx\nType: LoadBalancer\nIP Family Policy: PreferDualStack\nIP Families: IPv4,IPv6\nIP: 10.0.116.242\nIPs: 10.0.116.242,fdb0:56d5:c97f:8871::767a\nLoadBalancer Ingress: 13.70.187.148, 2603:1010:200::1d1\nPort: 80/TCP\nTargetPort: 80/TCP\nNodePort: 32517/TCP\nEndpoints: 10.0.1.160:80,10.0.2.234:80\nSession Affinity: None\nExternal Traffic Policy: Cluster\nEvents: ","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"d936f3d2-7700-4dff-b13d-6d2c8f60859a","_type":"block","children":[{"_key":"d10e335a-ebc4-4ce2-9dc8-50fd513256a2","_type":"span","marks":[],"text":"Verify functionality via a command-line web request for both IPv4 and IPv6."}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:21:58Z","_id":"3f2c3aca-90e1-4207-dc66-6193a68c5a18","_key":"48aee3ac-e9c0-44cf-b03e-9b711da853d0","_ref":"3f2c3aca-90e1-4207-dc66-6193a68c5a18","_rev":"be3C7ysj1QqQyrHso4bsUw","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:31Z","code":"curl -I 13.70.187.148\nHTTP/1.1 200 OK\nServer: nginx/1.25.1\nDate: Tue, 07 May 2024 10:29:58 GMT\nContent-Type: text/html\nContent-Length: 615\nLast-Modified: Tue, 13 Jun 2023 15:08:10 GMT\nConnection: keep-alive\nETag: \"6488865a-267\"\nAccept-Ranges: bytes\n\ncurl -g -6 'http://[2603:1010:200::1d1]:80/' -I\nHTTP/1.1 200 OK\nServer: nginx/1.25.1\nDate: Tue, 07 May 2024 10:30:06 GMT\nContent-Type: text/html\nContent-Length: 615\nLast-Modified: Tue, 13 Jun 2023 15:08:10 GMT\nConnection: keep-alive\nETag: \"6488865a-267\"\nAccept-Ranges: bytes","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"3162d8fd-d087-4012-b034-0f15bf4c1a9c","_type":"block","children":[{"_key":"65d1f8c3-90f3-49e3-9e60-3fade717c8b0","_type":"span","marks":[],"text":"Monitor IPv6 traffic flows with Hubble UI."}],"markDefs":[],"style":"h2"},{"_key":"b8277f63-8af5-4500-a5b6-8d1d9d14d057","_type":"block","children":[{"_key":"95dd5810-5279-4a71-8f10-a14c0ee1bb2f","_type":"span","marks":["strong"],"text":"Note: "},{"_key":"81cc5171-4514-481f-bc57-92d2c3a4bc38","_type":"span","marks":[],"text":"To obtain the helm values to install Hubble UI and access the Enterprise documentation, you need to reach out to "},{"_key":"55c59d5a-6c23-4ea0-a37c-90d6b8eab4d7","_type":"span","marks":["438ab7f9-4319-425f-a3bc-92ada47b3592"],"text":"sales@isovalent.com"},{"_key":"081609b0-b5c0-4447-93fd-bd3a397263b8","_type":"span","marks":[],"text":" and "},{"_key":"5581140a-0d33-4e75-a6ff-18677e148c5c","_type":"span","marks":["756fb0f3-d446-4ca8-808a-21bef1da190c"],"text":"support@isovalent.com"}],"markDefs":[{"_key":"438ab7f9-4319-425f-a3bc-92ada47b3592","_type":"link","href":"mailto:sales@isovalent.com","openInNewTab":true},{"_key":"756fb0f3-d446-4ca8-808a-21bef1da190c","_type":"link","href":"mailto:support@isovalent.com","openInNewTab":true}],"style":"normal"},{"_key":"4e0e9eb6-2f6f-449c-8bcb-b82da27d9245","_type":"block","children":[{"_key":"6fbaea6f-9c1b-42ef-90d8-53898dc29b0f","_type":"span","marks":["2c2e2ff3-3703-4d38-acdf-5e46b2e5c652"],"text":"Hubble-UI (Enterprise documentation)"},{"_key":"4f5b0854-ae63-4ace-89a5-3d5c1b495e94","_type":"span","marks":[],"text":" is enabled via helm charts. Once the installation is complete, you will notice hubble-ui pods are up and running:"}],"markDefs":[{"_key":"2c2e2ff3-3703-4d38-acdf-5e46b2e5c652","_type":"link","href":"https://docs.isovalent.com/operations-guide/features/hubble-ui/install.html","openInNewTab":true}],"style":"normal"},{"_createdAt":"2024-09-30T11:21:59Z","_id":"0534f97b-a45b-edff-852a-3b2772769f1f","_key":"5e2ff863-b8ca-47a7-a56b-7072caf94186","_ref":"0534f97b-a45b-edff-852a-3b2772769f1f","_rev":"9px8ir0NfLa6aydsXNQyDx","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:32Z","code":"kubectl get pods -n hubble-ui\nNAME READY STATUS RESTARTS AGE\nhubble-ui-6d964f9779-gfqr7 2/2 Running 0 20h","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"e3f436ed-37a4-4fe0-a654-80ecac8df348","_type":"block","children":[{"_key":"656eb5a7-b78a-425c-a9e1-88ed17aea17e","_type":"span","marks":[],"text":"Validate the installation and verify the flows on Hubble"}],"markDefs":[],"style":"h4"},{"_key":"cd33fc56-0564-4c39-90c4-65941d4c88d2","_type":"block","children":[{"_key":"63dd9221-d027-45ca-988e-4a0f5c897957","_type":"span","marks":[],"text":"To access Hubble UI, forward a local port to the Hubble UI service:"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:18:19Z","_id":"7a1e7926-1c04-6868-0703-d5872f8f0fab","_key":"cbf71b64-224a-4362-a308-818d29cc5489","_ref":"7a1e7926-1c04-6868-0703-d5872f8f0fab","_rev":"P5GVFsWfT1LlxauxUA88S2","_type":"codeBlock","_updatedAt":"2024-10-01T11:01:11Z","code":"kubectl port-forward -n hubble-ui svc/hubble-ui 12000:80","language":"bash","title":"bash - \"Enabling Enterprise features for Cilium in Azure Kubernetes Service (AKS)\" Code Block"},{"_key":"70555e48-92f9-49ed-811c-0bfa6531080d","_type":"block","children":[{"_key":"72e1f2e1-4f0e-4b76-bcac-679e178cc0b2","_type":"span","marks":[],"text":"Then, open "},{"_key":"81d20ed156e9","_type":"span","marks":["ab8c9e4e5b1f"],"text":"http://localhost:12000"},{"_key":"c82d40a84d73","_type":"span","marks":[],"text":" in your browser.\n\nYou should be able to see all your flows. To narrow down the results, you can filter based on the pod's name to only see the flows you are interested in."}],"level":1,"listItem":"bullet","markDefs":[{"_key":"ab8c9e4e5b1f","_type":"link","href":"http://localhost:12000","isLink":false,"openInNewTab":true}],"style":"normal"},{"_createdAt":"2024-09-30T11:22:05Z","_id":"874df38f-e7a7-7ae7-36a4-77187fade15e","_key":"7c768cc0-2fb0-49d4-8a8b-5231e8adf732","_ref":"874df38f-e7a7-7ae7-36a4-77187fade15e","_rev":"VC4lbZtSaLGeZxDV0akxoQ","_type":"mediaImage","_updatedAt":"2024-09-30T11:22:05Z","alignment":"center","image":{"_type":"image","asset":{"_ref":"image-402cd7f3a6b77262ccb26f58061649cd2bab7523-1926x793-png","_type":"reference"},"crop":{"_type":"sanity.imageCrop","bottom":0,"left":0,"right":0,"top":0},"hotspot":{"_type":"sanity.imageHotspot","height":1,"width":1,"x":0.5,"y":0.5}},"languages":["en"],"originalFilename":"Screenshot-2024-04-12-at-11.11.44.png","size":"large","title":"Screenshot-2024-04-12-at-11.11.44.png - \"Dual Stack on AKS with Cilium\" Image","url":"https://cdn.sanity.io/images/xinsvxfu/production/402cd7f3a6b77262ccb26f58061649cd2bab7523-1926x793.png"},{"_key":"0b8ed502-cbad-4c6f-a1b1-96b2fa1a9199","_type":"block","children":[{"_key":"86ff5cae-502c-4a08-8564-b6877b6773bc","_type":"span","marks":[],"text":"Monitor IPv6 traffic flows with Hubble CLI"}],"markDefs":[],"style":"h2"},{"_key":"b1989c22-5b54-4660-86b9-597affa597db","_type":"block","children":[{"_key":"eb91719c-8453-4c1c-9e02-1a334562f4a4","_type":"span","marks":["67098583-bd9b-49f4-aef5-d581383b97ad"],"text":"Hubble’s CLI"},{"_key":"c837d741-de73-454e-9322-357e46009d9b","_type":"span","marks":[],"text":" extends the visibility that is provided by standard kubectl commands like "},{"_key":"0df2d209-e2c8-4e25-801b-4fa0f4b15338","_type":"span","marks":["code"],"text":"kubectl get pods"},{"_key":"6a75f3c5-7989-43a6-be5f-1dfdb1e26574","_type":"span","marks":[],"text":" to give you more network-level details about a request, such as its status and the "},{"_key":"6c19d201-8c3d-4f91-8fba-198a5b609a33","_type":"span","marks":["fc466fb3-0e11-4faf-8be1-6f9499b1e2a4"],"text":"security identities"},{"_key":"e70dbc6c-6a38-4cd0-801a-cce063f94066","_type":"span","marks":[],"text":" associated with its source and destination."}],"markDefs":[{"_key":"67098583-bd9b-49f4-aef5-d581383b97ad","_type":"link","href":"/blog/post/cilium-azure-kubernetes-service/#h-hubble-cli","openInNewTab":true},{"_key":"fc466fb3-0e11-4faf-8be1-6f9499b1e2a4","_type":"link","href":"/blog/post/hubble-series-re-introducing-hubble/#h-what-is-hubble","openInNewTab":true}],"style":"normal"},{"_key":"26d493f0-708f-44fd-94bf-574fc6f6d61c","_type":"block","children":[{"_key":"2560c043-465c-4d2f-9b9c-4374143ec038","_type":"span","marks":[],"text":"The Hubble CLI can be leveraged to observe network flows from Cilium agents. Users can observe the flows from their local machine workstation for troubleshooting or monitoring. "}],"markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:18:05Z","_id":"700633aa-a91f-6412-3408-d1d45c6b8215","_key":"b39115fc-6d12-4506-ba44-618699bd5d92","_ref":"700633aa-a91f-6412-3408-d1d45c6b8215","_rev":"be3C7ysj1QqQyrHso4f4SE","_type":"codeBlock","_updatedAt":"2024-10-01T11:00:55Z","code":"kubectl port-forward -n kube-system svc/hubble-relay --address 0.0.0.0 4245:80","language":"bash","title":"bash - \"Enabling Enterprise features for Cilium in Azure Kubernetes Service (AKS)\" Code Block"},{"_key":"93c8d53e-87f9-42eb-895e-e4f0da151d64","_type":"block","children":[{"_key":"14f3bf9f-4ac6-4d80-91f3-e01777dcffc5","_type":"span","marks":[],"text":"Setup Hubble Relay Forwarding"}],"markDefs":[],"style":"h4"},{"_key":"b1330cb9-f7b2-4347-bb70-5646ddaccc23","_type":"block","children":[{"_key":"61eaeef1-b9b5-42eb-9eab-227586db7e6d","_type":"span","marks":[],"text":"Use the kubectl port forward to "},{"_key":"c22e59a7-5f9c-404c-b50a-fe3679cb1ee6","_type":"span","marks":["47d9757d-2699-480f-82ca-7d10f5ad73b1"],"text":"hubble-relay"},{"_key":"79fbc1ef-b2d2-4c93-864d-0f323dda505e","_type":"span","marks":[],"text":", then edit the hubble config to point at the remote hubble server component."}],"markDefs":[{"_key":"47d9757d-2699-480f-82ca-7d10f5ad73b1","_type":"link","href":"https://docs.cilium.io/en/stable/internals/hubble/#hubble-relay","openInNewTab":true}],"style":"normal"},{"_key":"e6e1e640-43ba-4a49-ac32-c63fe3aa980a","_type":"block","children":[{"_key":"39a58116-32d4-4963-9330-81489e4ae984","_type":"span","marks":[],"text":"Hubble Status"}],"markDefs":[],"style":"h4"},{"_key":"0e9abc8b-e930-41c9-b96b-6512d44fd3fd","_type":"block","children":[{"_key":"71305a23-4bd5-41a1-9f30-945389d2eb0d","_type":"span","marks":[],"text":"Hubble status can check the overall health of Hubble within your cluster. If using Hubble Relay, a counter for the number of connected nodes will appear in the last line of the output."}],"markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:22:00Z","_id":"78ff965f-fc3c-6a3b-fade-5a662113dcaa","_key":"8f1e37ed-dbd2-411d-a1a8-b766b432583a","_ref":"78ff965f-fc3c-6a3b-fade-5a662113dcaa","_rev":"be3C7ysj1QqQyrHso4bwu2","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:35Z","code":"hubble status\nHealthcheck (via localhost:4245): Ok\nCurrent/Max Flows: 12,285/12,285 (100.00%)\nFlows/s: 22.37\nConnected Nodes: 3/3","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"1f55dd82-a582-4e57-b887-55699bfa68ef","_type":"block","children":[{"_key":"9d6effd1-d2c6-44ff-b3a8-203961c5242e","_type":"span","marks":[],"text":"View the flows in Hubble CLI"}],"markDefs":[],"style":"h4"},{"_key":"32a03749-2bf3-447a-a6f6-47d55b751b3f","_type":"block","children":[{"_key":"61f5cfda-a0d2-4af6-be4c-409645e381a8","_type":"span","marks":[],"text":"Traffic from "},{"_key":"627fda2ad1c1","_type":"span","marks":["code"],"text":"pod-worker"},{"_key":"be247d49229d","_type":"span","marks":[],"text":" to "},{"_key":"6b76ed0f1038","_type":"span","marks":["code"],"text":"pod1-worker1"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:22:02Z","_id":"e170e5af-7a63-e353-5e97-f90b86809351","_key":"dedf8c9b-d3c1-4750-af6e-4984a6d78345","_ref":"e170e5af-7a63-e353-5e97-f90b86809351","_rev":"9px8ir0NfLa6aydsXNQzvn","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:36Z","code":"hubble observe --ipv6 --from-pod pod-worker\n\nApr 10 09:46:19.860: default/pod-worker (ID:26627) -> default/pod1-worker1 (ID:851) to-overlay FORWARDED (ICMPv6 EchoRequest)\nApr 10 09:46:19.861: default/pod-worker (ID:26627) -> default/pod1-worker1 (ID:851) to-endpoint FORWARDED (ICMPv6 EchoRequest)","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"d006a8aa-6bb6-446b-a5e5-d1decb0a1ec3","_type":"block","children":[{"_key":"074f0174-b669-4982-9e98-98c4be5ceec1","_type":"span","marks":[],"text":"Print the node where the pods are running with the "},{"_key":"6bb1c60094da","_type":"span","marks":["code"],"text":"--print-node-name"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:22:03Z","_id":"319777a0-5403-06ee-c3a5-a23c90036539","_key":"f99c5759-a90e-4d52-82d4-1e65cf3bad1e","_ref":"319777a0-5403-06ee-c3a5-a23c90036539","_rev":"be3C7ysj1QqQyrHso4bz2Z","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:37Z","code":"hubble observe --ipv6 --from-pod pod-worker --print-node-name\n\nApr 10 09:46:19.860 [aks-nodepool1-23195171-vmss000000]: default/pod-worker (ID:26627) -> default/pod1-worker1 (ID:851) to-overlay FORWARDED (ICMPv6 EchoRequest)\nApr 10 09:46:19.861 [aks-nodepool1-23195171-vmss000001]: default/pod-worker (ID:26627) -> default/pod1-worker1 (ID:851) to-endpoint FORWARDED (ICMPv6 EchoRequest)\nApr 10 09:46:25.984 [aks-nodepool1-23195171-vmss000000]: default/pod-worker (ID:26627) -> default/pod1-worker1 (ID:851) to-overlay FORWARDED (ICMPv6 EchoRequest)\nApr 10 09:46:25.984 [aks-nodepool1-23195171-vmss000001]: default/pod-worker (ID:26627) -> default/pod1-worker1 (ID:851) to-endpoint FORWARDED (ICMPv6 EchoRequest)","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"43caeafe-7191-4ad5-bc86-c9ddb193cca3","_type":"block","children":[{"_key":"0bbdcccf-5030-4c80-9abb-4357215bf4a3","_type":"span","marks":[],"text":"View HTTP and ICMPv6 Flows"}],"level":1,"listItem":"bullet","markDefs":[],"style":"normal"},{"_createdAt":"2024-09-30T11:22:04Z","_id":"04345e9b-825a-596d-32e9-6bc114370576","_key":"31e09267-a02f-42a2-aa7b-dec5c8b10ce0","_ref":"04345e9b-825a-596d-32e9-6bc114370576","_rev":"be3C7ysj1QqQyrHso4bzEc","_type":"codeBlock","_updatedAt":"2024-10-01T10:51:38Z","code":"$26","language":"bash","title":"bash - \"Dual Stack on AKS with Cilium\" Code Block"},{"_key":"3a8f4b52-bbde-4665-abc3-b705e22e4f74","_type":"block","children":[{"_key":"a9ca21e4-4ecd-4a28-a22b-8bfa155c0a7e","_type":"span","marks":[],"text":"Conclusion"}],"markDefs":[],"style":"h2"},{"_key":"61b09145-5c43-40c4-bbd6-c0a04cab355f","_type":"block","children":[{"_key":"47b114da-6fa1-45bf-b143-8f528c4afecf","_type":"span","marks":[],"text":"Hopefully, this post gave you a good overview of how to deploy and upgrade an IPv4/IPv6 Dual Stack AKS (Azure Kubernetes Service) cluster with Cilium as the CNI to benefit from its networking, observability, and security capabilities. If you’d like to learn more, you can schedule a demo with our experts:"}],"markDefs":[],"style":"normal"},{"_createdAt":"2024-10-31T13:12:09Z","_id":"da49b7c3-292d-4a94-81d9-ca4c6feb8faf","_key":"5d911a8c4f18","_ref":"da49b7c3-292d-4a94-81d9-ca4c6feb8faf","_rev":"Tfmr3sDtNA1FsW32ix3two","_type":"cta","_updatedAt":"2025-02-25T17:55:21Z","label":{"en":"Request a Demo"},"languages":["en"],"openInNewTab":false,"title":"\"Request a demo\" - Primary Navigation CTA","url":"/request-demo/","variant":"primary"},{"_key":"1ac25d40-96cb-4433-8fcd-563aef6783ff","_type":"block","children":[{"_key":"a8809319-6444-4c70-b769-02d7dcecd4fd","_type":"span","marks":[],"text":"Try it out"}],"markDefs":[],"style":"h2"},{"_key":"ce4705f9-39fc-438c-9115-5fe95500a2b5","_type":"block","children":[{"_key":"28be15a5-de0f-410b-a30b-7ed09ecb1ac9","_type":"span","marks":[],"text":"Start with the IPv6 lab and see how to enable Dual Stack in your enterprise environment."}],"markDefs":[],"style":"normal"},{"_createdAt":"2025-06-04T14:59:38Z","_id":"fc423d6f-82e0-4463-85b2-522125e47112","_key":"c58aed7130f2","_ref":"fc423d6f-82e0-4463-85b2-522125e47112","_rev":"ZjbMTKKCyoKeNu9aEuko21","_type":"bodyCta","_updatedAt":"2025-06-04T15:13:24Z","alignment":"left","backgroundImage":{"_createdAt":"2025-03-21T16:32:00Z","_id":"407c0eb0-2c56-4f47-a80f-c16575dc4009","_rev":"RvKg2H7lodOtU53j0x4e1l","_type":"mediaImage","_updatedAt":"2025-04-04T21:50:43Z","alignment":"center","alt":"body-cta-bg.svg","altText":{"en":"Body CTA BG"},"clickToEnlarge":false,"image":"https://cdn.sanity.io/images/xinsvxfu/production/490d28b2f74ed0292938bd46ac19a151b6fd3b9c-910x239.svg","languages":["en"],"originalFilename":"body-cta-bg.svg","rounded":false,"size":"large","title":"decoration-body-cta-ice"},"ctas":[{"_createdAt":"2025-06-04T15:00:18Z","_id":"af8f8975-8832-4836-a56d-c2ca5fb29a35","_rev":"ZjbMTKKCyoKeNu9aEuX6HB","_type":"cta","_updatedAt":"2025-06-04T15:00:44Z","isLink":false,"label":{"en":"Run our IPv6 lab"},"languages":["en"],"openInNewTab":true,"title":"Run our IPv6 lab","url":"/labs/cilium-ipv6/","variant":"primary"}],"decorated":false,"headline":{"en":"Cilium IPv6 Networking and Observability"},"languages":["en"],"logo":null,"logoReference":null,"logoWhite":null,"shaded":false,"text":{"_type":"content","en":[{"_key":"9c730b737759","_type":"block","children":[{"_key":"59e02681524f","_type":"span","marks":[],"text":"Learn how simple IPv6 can be installed and operated with Cilium and Hubble."}],"markDefs":[],"style":"normal"}]},"theme":"primary","title":"IPv6 lab"},{"_key":"b0b81888-7bf5-4c5c-8298-980a507e789a","_type":"block","children":[{"_key":"3743819b-0e25-44f2-a717-9981d4497d83","_type":"span","marks":[],"text":"Further Reading"}],"markDefs":[],"style":"h2"},{"_key":"d8c051ab7cc6","_type":"block","children":[{"_key":"017d07acf9a9","_type":"span","marks":["791b06a1fc89"],"text":"Isovalent and Azure Kubernetes Service"}],"level":1,"listItem":"bullet","markDefs":[{"_key":"791b06a1fc89","_type":"link","href":"/blog/post/isovalent-aks/","openInNewTab":true}],"style":"normal"},{"_key":"8ae2cf155c11","_type":"block","children":[{"_key":"e2b8b877d8d0","_type":"span","marks":["3a0883c72767"],"text":"Enabling Enterprise features for Isovalent in Azure Kubernetes Service (AKS)"}],"level":1,"listItem":"bullet","markDefs":[{"_key":"3a0883c72767","_type":"link","href":"/blog/post/isovalent-azure-kubernetes-service/","openInNewTab":true}],"style":"normal"},{"_key":"f1085c21fb71","_type":"block","children":[{"_key":"099f076ed2b0","_type":"span","marks":["d0ada7d11a18"],"text":"Try out IPv6"},{"_key":"215d2b8f2a5a","_type":"span","marks":[],"text":"."}],"level":1,"listItem":"bullet","markDefs":[{"_key":"d0ada7d11a18","_type":"link","href":"/labs/cilium-ipv6/","openInNewTab":true}],"style":"normal"},{"_key":"c2472288184b","_type":"block","children":[{"_key":"9e6a984b8b08","_type":"span","marks":["b97295647cf9"],"text":"Upgrade to cilium in Azure"},{"_key":"1315ce4337d6","_type":"span","marks":[],"text":"."}],"level":1,"listItem":"bullet","markDefs":[{"_key":"b97295647cf9","_type":"link","href":"/blog/post/upgrade-cilium-in-azure/","openInNewTab":true}],"style":"normal"},{"_key":"95ba23e19cb1","_type":"block","children":[{"_key":"e89c07eeaf9a","_type":"span","marks":["53772b2085c1"],"text":"Azure and Isovalent main partner page"}],"level":1,"listItem":"bullet","markDefs":[{"_key":"53772b2085c1","_type":"link","href":"/partners/azure/","openInNewTab":true}],"style":"normal"},{"_key":"871a317f9245","_type":"block","children":[{"_key":"45cd2534bc70","_type":"span","marks":["dcfaa25641ce"],"text":"eBPF eCHO show with Duffie Cooley on Kubernetes IPv4/IPv6 Dual Stack with Cilium"}],"level":1,"listItem":"bullet","markDefs":[{"_key":"dcfaa25641ce","_type":"link","href":"https://youtu.be/SwXvGeMy3Wg","openInNewTab":true}],"style":"normal"}],"featuredImage":["$","$L19",null,{"src":"https://cdn.sanity.io/images/xinsvxfu/production/34b30eb32ebe8d8544e1ea58825d2d15b6fd8a6c-2400x1260.png?auto=format&q=80&fit=clip&w=1080","alt":"Image","className":"mx-auto mb-10 w-full max-w-[72.75]","placeholder":"blur","blurDataURL":"data:image/svg+xml;base64,CiAgICA8c3ZnIHdpZHRoPSIxMDgwIiBoZWlnaHQ9IjEwODAiIHZlcnNpb249IjEuMSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KICAgICAgICA8ZGVmcz4KICAgICAgICAgICAgPGxpbmVhckdyYWRpZW50IGlkPSJnIj4KICAgICAgICAgICAgPHN0b3Agc3RvcC1jb2xvcj0iI0Y2RjhGRSIgb2Zmc2V0PSIyMCUiIC8+CiAgICAgICAgICAgIDxzdG9wIHN0b3AtY29sb3I9IiNFRkY1RkYiIG9mZnNldD0iNTAlIiAvPgogICAgICAgICAgICA8c3RvcCBzdG9wLWNvbG9yPSIjRjZGOEZFIiBvZmZzZXQ9IjcwJSIgLz4KICAgICAgICAgICAgPC9saW5lYXJHcmFkaWVudD4KICAgICAgICA8L2RlZnM+CiAgICAgICAgPHJlY3Qgd2lkdGg9IjEwODAiIGhlaWdodD0iMTA4MCIgZmlsbD0iI0Y2RjhGRSIgLz4KICAgICAgICA8cmVjdCBpZD0iciIgd2lkdGg9IjEwODAiIGhlaWdodD0iMTA4MCIgZmlsbD0idXJsKCNnKSIgLz4KICAgICAgICA8YW5pbWF0ZSBocmVmPSIjciIgYXR0cmlidXRlTmFtZT0ieCIgZnJvbT0iLTEwODAiIHRvPSIxMDgwIiBkdXI9IjFzIiByZXBlYXRDb3VudD0iaW5kZWZpbml0ZSIgIC8+CiAgICA8L3N2Zz4=","width":1080,"height":1080,"priority":true}],"articleData":{"title":"Dual Stack on AKS with Cilium","description":"This blog post will walk you through deploying an IPv4/IPv6 Dual Stack AKS cluster with Cilium as the CNI.","url":"https://isovalent.com/blog/post/cilium-dual-stack-aks","download":"$undefined","authors":[{"_createdAt":"2024-09-27T10:02:48Z","_id":"ff5e2eda-05bb-ade9-8831-4dddc66e927d","_rev":"VO3Rz3CKgO8VZQnLmkJbUp","_type":"person","_updatedAt":"2024-09-27T12:06:31Z","bio":{"en":[{"_key":"1995ca31-02b1-49c0-a862-dfc8df0297ff","_type":"block","children":[{"_key":"c78e0e11-f4b0-4342-a5fc-a02e085947fa","_type":"span","marks":[],"text":"Amit Gupta is a senior technical marketing engineer at Isovalent, powering eBPF cloud-native networking and security. Amit has 21+ years of experience in Networking, Telecommunications, Cloud, Security, and Open-Source. He has previously worked with Motorola, Juniper, Avi Networks (acquired by VMware), and Prosimo. He is keen to learn and try out new technologies that aid in solving day-to-day problems for operators and customers.\n\nHe has worked in the Indian start-up ecosystem for a long time and helps new folks in that area outside of work. Amit is an avid runner and cyclist and also spends considerable time helping kids in orphanages."}],"markDefs":[],"style":"normal"}]},"company":{"_ref":"35073912-4894-4a13-89f6-caa5d58ff52d","_type":"reference"},"firstName":{"en":"Amit"},"fullName":{"en":"Amit Gupta"},"headshot":{"_type":"image","asset":{"_ref":"image-19b2e7212433d6c85f9a7cbb62beb590d8044fa0-528x1009-jpg","_type":"reference"},"crop":{"_type":"sanity.imageCrop","bottom":0,"left":0,"right":0,"top":0},"hotspot":{"_type":"sanity.imageHotspot","height":1,"width":1,"x":0.5,"y":0.5}},"image":"https://cdn.sanity.io/images/xinsvxfu/production/19b2e7212433d6c85f9a7cbb62beb590d8044fa0-528x1009.jpg","languages":["en"],"lastName":{"en":"Gupta"},"title":{"en":"Senior Technical Marketing Engineer"}}]}}]}]}]}],"$undefined"]}]]