Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dual Stack subnets - assign_ipv6_address_on_creation attribute doesn't work. #148

Open
SpaghettiKat45 opened this issue Apr 17, 2024 · 1 comment
Open

Dual Stack subnets - assign_ipv6_address_on_creation attribute doesn't work. #148

SpaghettiKat45 opened this issue Apr 17, 2024 · 1 comment

Comments

@SpaghettiKat45
Copy link

SpaghettiKat45 commented Apr 17, 2024
edited
Loading

Changing the 'assign_ipv6_address_on_creation' between true and false has no effect. This means that when trying to build a Fargate backed cluster for EKS I cannot use the dual stack subnet as it is not auto assigning ipv6 addresses to the ENIs.

Additionally, I don't see any setting in the module to enable dns64 for the dual stack subnets which would also be helpful. Let me know if there is something I am missing.

subnets = {
    # Transit gateway subnets (dual-stack)
    transit_gateway = {
      netmask                                         = 28
      assign_ipv6_cidr                                = true
      connect_to_public_natgw                         = false
      transit_gateway_default_route_table_association = false
      transit_gateway_default_route_table_propagation = true
      transit_gateway_appliance_mode_support          = "enable"
      transit_gateway_dns_support = "enable"
    }
    # Node/Pod Network subnets (dual-stack)
    workload = {
      netmask                         = 24
      assign_ipv6_cidr                = true
      assign_ipv6_address_on_creation = true
      connect_to_public_natgw         = false
    }
  }
@SpaghettiKat45
Copy link
Author

Looks like it should be updated to the following in main.tf line 231 - 253

resource "aws_subnet" "private" {
  for_each = toset(try(local.private_per_az, []))

  availability_zone                              = split("/", each.key)[1]
  vpc_id                                         = local.vpc.id
  cidr_block                                     = can(local.calculated_subnets[split("/", each.key)[0]][split("/", each.key)[1]]) ? local.calculated_subnets[split("/", each.key)[0]][split("/", each.key)[1]] : null
  ipv6_cidr_block                                = can(local.calculated_subnets_ipv6[split("/", each.key)[0]][split("/", each.key)[1]]) ? local.calculated_subnets_ipv6[split("/", each.key)[0]][split("/", each.key)[1]] : null
  ipv6_native                                    = contains(local.subnets_with_ipv6_native, split("/", each.key)[0]) ? true : false
  map_public_ip_on_launch                        = contains(local.subnets_with_ipv6_native, split("/", each.key)[0]) ? null : false
  assign_ipv6_address_on_creation                = contains(local.subnets_with_ipv6_native, split("/", each.key)[0]) ? true : try(var.subnets[split("/", each.key)[0]].assign_ipv6_address_on_creation, false)
  enable_resource_name_dns_aaaa_record_on_launch = contains(local.subnets_with_ipv6_native, split("/", each.key)[0]) ? true : try(var.subnets[split("/", each.key)[0]].enable_resource_name_dns_aaaa_record_on_launch, false)
  enable_dns64                                   = try(var.subnets[split("/", each.key)[0]].enable_dns64, false)

  tags = merge(
    { Name = "${local.subnet_names[split("/", each.key)[0]]}-${split("/", each.key)[1]}" },
    module.tags.tags_aws,
    try(module.subnet_tags[split("/", each.key)[0]].tags_aws, {})
  )

  depends_on = [
    aws_vpc_ipv4_cidr_block_association.secondary
  ]
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SpaghettiKat45