aws-appmesh: Add IPv6 support #20737
Assignees
Labels
@aws-cdk/aws-appmesh
Related to AWS App Mesh
effort/small
Small work item – less than a day of effort
feature-request
A feature should be added or improved.
in-progress
This issue is being actively worked on.
p2
Comments
AKBarcenas
added
feature-request
|
Does CloudFormation provide support for this yet @AKBarcenas? I can't find any references to the new feature in the docs or the Cfn changelog. CDK will need CFN support first before we can implement this |
peterwoodworth
added
p2
effort/small
peterwoodworth
added
in-progress
mergify bot
pushed a commit
that referenced
this issue
Jun 28, 2022
App Mesh has released IPv6 support. This has been exposed in the form of IP preferences which have been added to the Mesh and Virtual Node resources. IP preferences are optional for both resources and there is no default IP preference that is applied by App Mesh.
The following are samples of App Mesh resources with IP preferences configured.
```
# Mesh
"spec": {
"serviceDiscovery": {
"ipPreference": "IPv6_PREFERRED"
}
}
```
```
# Virtual Node
"spec": {
"listeners": [
{
"healthCheck": {
"healthyThreshold": 2,
"intervalMillis": 5000,
"path": "/ping",
"protocol": "http",
"timeoutMillis": 2000,
"unhealthyThreshold": 2
},
"portMapping": {
"port": 9080,
"protocol": "http"
}
}
],
"serviceDiscovery": {
"dns": {
"hostname": "colorteller-red.default.svc.cluster.local",
"ipPreference": "IPv4_ONLY"
}
}
}
```
IP preferences on a Mesh apply the preference to all Virtual Nodes contained within that Mesh. IP preferences set on a Virtual Node will only apply to that particular Virtual Node. Additionally, Virtual Node IP preferences will override the Mesh IP preference if there is one present.
There are three areas in which the IP preference impacts how Envoy configuration generation. Firstly, setting any IP preference will change the Envoy's listeners (ingress and egress) to bind to IPv4 and IPv6 allowing the Envoy to serve all traffic from both IP versions. Secondly, the IP version specified in the name of the preference will be the IP version used for sending traffic to the local application for Envoys running as a sidecar to an application. (IPv4_ONLY/PREFERRED - IPv4, IPv6_ONLY/PREFERRED - IPv6) Lastly, it will impact how each service discovery option will be treated. For CloudMap service discovery, ONLY options will only return IPs from CloudMap for the matching version type and PREFERRED options will first used the primary IP version first and fall back to the other IP version for the IPs returned from CloudMap. For DNS service discovery, it will be similar to CloudMap service discovery in terms of only using one IP version or fall back behavior. However, this will come in the form of changing the Envoy's DNS resolver to exhibit this behavior when performing DNS resolution.
This is a summarized version of the feature. For more details, a more thorough write up can be found here: https://github.com/aws/aws-app-mesh-examples/tree/main/walkthroughs/howto-ipv6#ip-preferences-in-meshes-and-virtual-nodes
Closes #20737
### All Submissions:
* [Y] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)
### Adding new Unconventional Dependencies:
* [N] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies)
### New Features
* [Y] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
* [Y] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?
----
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
daschaa
pushed a commit
to daschaa/aws-cdk
that referenced
this issue
Jul 9, 2022
App Mesh has released IPv6 support. This has been exposed in the form of IP preferences which have been added to the Mesh and Virtual Node resources. IP preferences are optional for both resources and there is no default IP preference that is applied by App Mesh.
The following are samples of App Mesh resources with IP preferences configured.
```
# Mesh
"spec": {
"serviceDiscovery": {
"ipPreference": "IPv6_PREFERRED"
}
}
```
```
# Virtual Node
"spec": {
"listeners": [
{
"healthCheck": {
"healthyThreshold": 2,
"intervalMillis": 5000,
"path": "/ping",
"protocol": "http",
"timeoutMillis": 2000,
"unhealthyThreshold": 2
},
"portMapping": {
"port": 9080,
"protocol": "http"
}
}
],
"serviceDiscovery": {
"dns": {
"hostname": "colorteller-red.default.svc.cluster.local",
"ipPreference": "IPv4_ONLY"
}
}
}
```
IP preferences on a Mesh apply the preference to all Virtual Nodes contained within that Mesh. IP preferences set on a Virtual Node will only apply to that particular Virtual Node. Additionally, Virtual Node IP preferences will override the Mesh IP preference if there is one present.
There are three areas in which the IP preference impacts how Envoy configuration generation. Firstly, setting any IP preference will change the Envoy's listeners (ingress and egress) to bind to IPv4 and IPv6 allowing the Envoy to serve all traffic from both IP versions. Secondly, the IP version specified in the name of the preference will be the IP version used for sending traffic to the local application for Envoys running as a sidecar to an application. (IPv4_ONLY/PREFERRED - IPv4, IPv6_ONLY/PREFERRED - IPv6) Lastly, it will impact how each service discovery option will be treated. For CloudMap service discovery, ONLY options will only return IPs from CloudMap for the matching version type and PREFERRED options will first used the primary IP version first and fall back to the other IP version for the IPs returned from CloudMap. For DNS service discovery, it will be similar to CloudMap service discovery in terms of only using one IP version or fall back behavior. However, this will come in the form of changing the Envoy's DNS resolver to exhibit this behavior when performing DNS resolution.
This is a summarized version of the feature. For more details, a more thorough write up can be found here: https://github.com/aws/aws-app-mesh-examples/tree/main/walkthroughs/howto-ipv6#ip-preferences-in-meshes-and-virtual-nodes
Closes aws#20737
### All Submissions:
* [Y] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md)
### Adding new Unconventional Dependencies:
* [N] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies)
### New Features
* [Y] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)?
* [Y] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)?
----
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the feature
AWS App Mesh has released support for IPv6 and new fields have been exposed on the APIs as part of this release.
https://aws.amazon.com/about-aws/whats-new/2022/05/aws-app-mesh-supports-ipv6/
aws/aws-app-mesh-roadmap#314
The proposal here is to add support for App Mesh's newly added IPv6 capabilities.
Use Case
Without this feature, CDK users will be unable to configure IPv6 within App Mesh.
Proposed Solution
The primary changes will be to add an IP preference that covers all of the preference types supported in App Mesh and to expose the new fields where this IP preference can be applied within the mesh and virtual node resources.
Mesh
Virtual Node
Other Information
No response
Acknowledgements
CDK version used
2.28.0
Environment details (OS name and version, etc.)
macOS Catalina, Version 10.15.7 (19H1824)
The text was updated successfully, but these errors were encountered: