With new Morpheus version there is new functionality to use “new” IPv6 technology.
But sadly it lacs some simple core things:
No integration for any IPAM tools (only morpheus local one)
But the main missing piece is that during provisioning there is no option to manage IPv6 manually (IPv6 Override). So basically you are limited to whatever Morpheus decides to assign. This causes issues as there are already clients that use IPv6 and already have set lot of VM’s with IPv6 manually. So now if they try to provision they might come to IPv6 conflicts. Exporting and importing in Morpheus also not viable solution as it is already being tracked in other IPAM tool.
These are key elements that makes this new feature hardly usable.
IPv6 feature was requested 2 years ago, but what was released is still far away from normal usability.
So on item 1, we do integrate with 3rd party IPAM for IPv6. You must present Morpheus with the IPv6 pools to allocate to the networks.
For item 2, the while we do not allow manual entry of your IPv6 based on ICANN recommendations you can still mark the items as reserved / used in your IPAM solution and they will not be allocated. Suggesting Morpheus pools may use a duplicate runs the same risk as allowing an end user to define manually an IPv6 address.
For Option 1. Do you have integration for IPv6 with phpIPAM? I do not see any IPv6 pool from our existing integration.
For Option 2. Adding reservations manually is additional duplicating efforts. This could be mitigated at least by allowing manually specifying IPv6 address (same how it can be done for IPv6)
Ah, I was mistaken specific to phpIPAM plugin, which has not been updated yet to support IPv6. Bluecat and Infoblox has, however.
As for both phpIPAM support and manual entry, I would recommend making both of those an idea and formally voting on them to suggest functionality. That said, if you need IPv6 manual entry, you could add a form field to your instance types and configure a post task in the short term.
Though, with the option 2 ask, once IPv6 support for phpIPAM is added there would be no duplicate effort. You would have to make sure any currently consumed IPs are reserved, but the plugin/integration would handle requesting next available. So still no need to manually enter or manually reserve.
I also had a guy ask me to enable both IPv4 and IPv6 on a network segment (which I did), only to come back and complain that he couldn’t assign an IPv6 on the NIC when deploying. I created a ticket regarding this, and got something regarding ICANN recommendations (which I have not read yet) but essentially telling me it couldn’t be assigned manually. I just assumed it was because the regular expression to parse an IPv6 was a nightmare. ?
Are you looking for manual entry of IPv6 in the instance Wizard? or IP Pool assignment? (Unsure if you are utilizing Catalogs, but same question probably applies)
I’ll be honest, I’m not a developer so not sure on the reasoning of why one route and not the other. I’m probably at fault for any ICANN response, just because manual assignment of IPv6 is frowned upon from a best practices / necessity standpoint.
I am looking for manual entry of IPv6 in the instance wizard (standard provisioning workflow). We just encountered 2-3 folks who are deploying VMs and putting IPv4 and IPv6 on the same nics. Case in point this one guy, he is deploying a Cent7 with a mgmt nic (ifcfg-mgmt) and he has an IPv4 on it, and 2 x IPv6 addresses on it - one fe80:: address, which I think is a link local address, and then a IPv6 2001:: address. On his other interface, he is doing some nic bonding with IPv6.
The other guy, he told me they are sharing the IP space (albeit IPv6) with some other group although I am educating him on the Morpheus Pools and he is starting to consider that idea.
I still think that being able to click on a VMs nic and add x number of addresses of different types would be a nice feature to have as opposed to locking them into a single IP. The single IP just confuses folks and they come to us asking about that limitation - usually before just going in and configuring the IPs on the OS after it’s deployed or with tools like Terraform or Ansible.
JZ>Ok… I’ve notified the T3 team that we’re just going to have to make-do with our current procedure using nmtui. As far as I understand we share our IP pools with other servers that aren’t on Morpheus, so I don’t think that path is going to work for us at this time.
MW>ok. now, if you are sharing the block, and you have a contiguous block that is yours, we can create a Pool for that IPv6 network in Morpheus, and i can show you how the pools work. by default, Morpheus will grab an IP from the pool. but, you can use one, and then “check it in/out” like a library also.
JZ>Interesting, so we could use Morpheus as a psudo-IPAM? I think with some automation, that might a solution that they might go for. I’ll discuss with them.
MW>Yes. You can use Morpheus Pools as an IPAM solution. I have a few pools in use on different environments, usually on the static network segments, so that people don’t key in IPs and collide with one another. I have not set one up for IPv6 yet, but I presume that works the same way with no issues. I can show you how the Pools work. Let me know when you have cycles and I can show that to you. One nice thing about the Pools, too, is that you can chop the cidr up into sub blocks with is. So if you had a /24 network, you could use just, say, .11 to .20 or something like that.
JZ>The main issue is that we currently have a system where we use <ipv6 subnet>:<ipv4 address> as the IPv6 address. I’ll have to talk them out of that first if we want to go down the path of a full IPAM solution.
Is nmtui an eternal IPAM or is there another external IPAM solution utilized? You’re correct you could just define a smaller segment with CIDR as a Morpheus IP Pool, or we can integrate with some of the toolsets out there. Our IPAM integration if you have both IPv4 and IPv6 enabled, we would add both to the NIC. That said, if there is a need for additional IPs, one work around is using the Morpheus Network Pool API endpoint and requesting next available and doing the additional automation to map more IPv4/6 IPs to an interface.
nmtui from what I understand is the curses-based textual “GUI” for Network Manager. I think I remember someone using that to configure interfaces back in the day at a place I worked at prior. But - a lot of people on Cent7 HATED Network Manager and would disable it. So we dissuaded them from using Network Manager to configure interfaces and instead asked them to configure “by hand” or using automation (scripts). There are some things that you absolutely and definitely needed NetworkManager running for though. Network Manager shines on things like transient interfaces like wireless interfaces. And if you are doing fancy things like Link Aggregation, you need Network Manager to do policy-based routing and stuff. But in cases where you’re using just an eth0/eth1 straightforward approach, or even just bridged networking, NetworkManager seemed to “get in the way” and break things by constantly interfering, so we would just disable it.