From 183f217f08069bdedb7781975f841f80db7b83ec Mon Sep 17 00:00:00 2001
From: John Gardiner Myers <jgmyers@proofpoint.com>
Date: Fri, 28 Oct 2022 10:22:22 -0700
Subject: [PATCH 1/2] ipv6: bastions need to go into dualstack subnets

---
 upup/pkg/fi/cloudup/new_cluster.go | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/upup/pkg/fi/cloudup/new_cluster.go b/upup/pkg/fi/cloudup/new_cluster.go
index 5083e10071..49ce8a18ce 100644
--- a/upup/pkg/fi/cloudup/new_cluster.go
+++ b/upup/pkg/fi/cloudup/new_cluster.go
@@ -1231,6 +1231,13 @@ func setupTopology(opt *NewClusterOptions, cluster *api.Cluster, allZones sets.S
 					PublicName: "bastion." + cluster.Name,
 				}
 			}
+			if opt.IPv6 {
+				for _, s := range cluster.Spec.Subnets {
+					if s.Type == kopsapi.SubnetTypeDualStack {
+						bastionGroup.Spec.Subnets = append(bastionGroup.Spec.Subnets, s.Name)
+					}
+				}
+			}
 			if cluster.Spec.GetCloudProvider() == api.CloudProviderGCE {
 				bastionGroup.Spec.Zones = allZones.List()
 			}

From 63111f662a36c64306415073f8702ebf0ce57d89 Mon Sep 17 00:00:00 2001
From: John Gardiner Myers <jgmyers@proofpoint.com>
Date: Fri, 28 Oct 2022 12:03:43 -0700
Subject: [PATCH 2/2] ipv6: NPE fixes for IPv6-only instances

---
 upup/pkg/fi/cloudup/awsup/aws_cloud.go | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/upup/pkg/fi/cloudup/awsup/aws_cloud.go b/upup/pkg/fi/cloudup/awsup/aws_cloud.go
index fc6691c179..b03c1f09c2 100644
--- a/upup/pkg/fi/cloudup/awsup/aws_cloud.go
+++ b/upup/pkg/fi/cloudup/awsup/aws_cloud.go
@@ -2432,7 +2432,9 @@ func GetInstanceCertificateNames(instances *ec2.DescribeInstancesOutput, useInst
 		addrs = append(addrs, *instance.InstanceId)
 	}
 
-	addrs = append(addrs, *instance.PrivateDnsName)
+	if instance.PrivateDnsName != nil {
+		addrs = append(addrs, *instance.PrivateDnsName)
+	}
 
 	// We only use data for the first interface, and only the first IP
 	for _, iface := range instance.NetworkInterfaces {
@@ -2442,7 +2444,9 @@ func GetInstanceCertificateNames(instances *ec2.DescribeInstancesOutput, useInst
 		if *iface.Attachment.DeviceIndex != 0 {
 			continue
 		}
-		addrs = append(addrs, *iface.PrivateIpAddress)
+		if iface.PrivateIpAddress != nil {
+			addrs = append(addrs, *iface.PrivateIpAddress)
+		}
 		if iface.Ipv6Addresses != nil && len(iface.Ipv6Addresses) > 0 {
 			addrs = append(addrs, *iface.Ipv6Addresses[0].Ipv6Address)
 		}