Epic Goal

This feature enables the deployment of OpenShift Container Platform (OCP) on VMware vSphere in an IPv6 single-stack network configuration. As customer adoption of IPv6 rapidly increases, providing full support is critical for meeting the requirements of modern datacenters. This initial work is an investigation spike to define the scope, identify dependencies, and prepare the QE and Devinfrastructure for full implementation.

Goals

• Primary Goal: To conduct a comprehensive investigation (spike) in OCP 4.21 to identify all technical requirements, code changes, and dependencies needed to fully support IPv6 single-stack deployments on vSphere.
• Persona: The primary user is the Cluster Administrator.
• Expanded Functionality: This work is the first step toward extending all vSphere installation methods—Installer-Provisioned Infrastructure (IPI), User-Provisioned Infrastructure (UPI), Assisted Installer, and Agent-based Installer (ABI)—to support IPv6 single-stack for both Day-1 (installation) and Day-2 (operations). The end state will ensure all Day-2 API endpoints are fully IPv6-capable.

Requirements

The deliverable for this feature is the successful completion of the investigation spike. The spike is considered complete when the following requirements are met:

Functional Requirements:

• Investigation & Documentation:
  • A complete analysis of the required changes across the OCP stack, including the installer, networking components, and relevant operators.
  • A definitive list of any blocking dependencies or API limitations within supported versions of vSphere, vCenter, and VMware Cloud Foundation (VCF).
  • A document detailing the necessary adjustments for core cluster services in an IPv6-only environment, including DNS, MetalLB, Ingress Controller, and egress routing.

• Planning Artifacts:
  • A detailed technical design document outlining the proposed architecture for implementation.
  • A backlog of JIRA Epics and User Stories with preliminary estimates to guide the implementation phase.

• Infrastructure:
  • A stable and functional development and Quality Engineering (QE) lab environment is established, capable of deploying and testing OCP on vSphere using an IPv6 single-stack network.

Non-Functional Requirements:

• Maintainability: The lab infrastructure must be documented and maintainable for long-term use by the engineering and QE teams.
• Reliability: The analysis must account for ensuring the final solution is as reliable and performant as the existing IPv4 implementation.

Use Case

• User Story: As a Cluster Administrator at a large enterprise, I want to deploy and manage an OpenShift cluster on vSphere using only an IPv6 single-stack network configuration so that I can comply with modern networking standards and integrate with our IPv6-only datacenter infrastructure.

Main Success Scenario:

1. The Cluster Administrator provides an install-config.yaml file configured with an IPv6-only network for a vSphere deployment.
2. The OpenShift Installer successfully provisions all cluster resources (control plane, compute nodes) with valid IPv6 addresses on the vSphere platform.
3. The cluster bootstraps successfully, and all cluster operators become available.
4. The administrator can access the cluster via oc and the web console over IPv6.
5. All Day-2 operations, including scaling nodes and managing workloads, function correctly within the IPv6 single-stack environment.

Questions to Answer

The primary purpose of this spike is to provide definitive answers to the following:

• What specific changes are required in the OpenShift Installer (IPI, UPI), Assisted Installer, and Agent-based Installer to handle IPv6-only addressing for vSphere deployments?
• Are there any features, APIs, or limitations in supported vSphere, vCenter, or VCF versions that would block or complicate an IPv6-only deployment?
• What are the full implications for core OpenShift services, including but not limited to:
  • Internal and external DNS resolution?
  • Cluster Ingress (Router/IngressController)?
  • Load balancing services (e.g., MetalLB)?
  • Egress traffic and network policies?

• What is the estimated engineering effort and a proposed timeline for the full implementation based on the findings?

Out of Scope

• Full implementation of IPv6 single-stack support for vSphere. This feature is strictly for the investigation spike.
• Support for dual-stack (IPv4/IPv6) networking, which is considered existing, separate functionality.
• IPv6 support for any platform other than vSphere.

Links

• Strategy Epic: OCPSTRAT-1996: IPv6 Single Stack GA
• Current IPv6 Status Document:[ OCP on vSphere IPv6 Support Status|https://docs.google.com/document/d/1m9KSCbKMnxWWaaN_TjfKijWmC7DPXQyQXAUtPnif0xI/edit?tab=t.0#bookmark=id.uya95dnidvdn]
• Networking Team Strategy:[ OCP Networking - Connected Customer Experience Strategy|https://docs.google.com/presentation/d/1U7oQ0l_e_oYUmoAJsNWL-CXFbnVCLwj7YVE5np0ogA8/edit?slide=id.g31332efe9d6_0_5788]

Done Checklist

• CI - CI is running, tests are automated and merged.
• Release Enablement <link to Feature Enablement Presentation>
• DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
• DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
• DEV - Downstream build attached to advisory: <link to errata>
• QE - Test plans in Polarion: <link or reference to Polarion>
• QE - Automated tests merged: <link or reference to automated tests>
• DOC - Downstream documentation merged: <link to meaningful PR>