Installing and configuring metalLB load balancer onto a new Kubernetes cluster.
After configuration we will build a simple nginx service that will use an IP from the metalLB ip pool.
Prepare Kubernetes for MetalLB install
Commands
kubectl edit configmap -n kube-system kube-proxy
ipvs:
strictARP: true
mode: "ipvs"
Explanation
1 - Edit the config map for kubeproxy in the kube-system namespace
3/4 - Find the set the "ipvs"/"strictARP" line to "true"
5 - Find the "mode" line and set it to "ipvs"
Install MetalLB manifest
Commands
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.14.9/config/manifests/metallb-native.yaml
Explanation
1 - This command downloads the manifest file from github.
You should see that the following configmaps, services, deployments, etc are created.
configmap/metallb-excludel2 created
secret/metallb-webhook-cert created
service/metallb-webhook-service created
deployment.apps/controller created
daemonset.apps/speaker created
Check for installation
Commands
kubectl get namespaces
NAME STATUS AGE
default Active 90d
metallb-system Active 2m38s
kubectl get all -n metallb-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/metallb-webhook-service ClusterIP 10.101.112.178 <none> 443/TCP 2m48s
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
daemonset.apps/speaker 3 3 0 3 0 kubernetes.io/os=linux 2m48s
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/controller 1/1 1 1 2m48s
NAME DESIRED CURRENT READY AGE
replicaset.apps/controller-7dcb87658 1 1 1 2m48s
Explanation
1 - Kubectl command will show all namespaces. We should now see one called metallb-system. (I've removed some kube-system namespaces to save space)
6 - kubectl command to list everything in the new metallb-system namespace. You will see the service, daemonset, deployment and replicaset listed here.
Create your Kubernetes CR (custom resource)
Commands
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: first-pool
namespace: metallb-system
spec:
addresses:
- 192.168.1.6-192.168.1.9
Explanation
Create this file.
While you can call it whatever you want mine will be called metalIPPool.yml.
This is for creating the IPAddressPool Kubernetes CR (custom resource). Mine specifies a small list of IP's. 192.168.6 - .9. You can also list address ranges using CIDR notation or a list of addresses and ranges.
Apply the new IPAddressPool CR type.
Commands
kubectl apply -f metalIPPool.yml
Explanation
1 - This is a standard kubectl command to apply any manifest file for kubernetes configs.
Verify IPAddressPool CR type
Commands
kubectl describe IPAddressPool -n metallb-system
Explanation
1 - kubectl command to verify that the manifest was applied correctly. It should show your IP range as well as name, namespace, Kind, etc.
Create metalLB L2 Advertisment
Commands
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: first-pool-l2advert
namespace: metallb-system
Explanation
Create a file with these contents. You can call the file whatever you'd like. Mine is called metalLBL2Advert.yml. This configuration will allow metalLB to answer and forward network requests from outside you cluster.
Apply/Verify L2Advertisment
Commands
kubectl apply -f metalLBL2Advert.yml
kubectl describe L2Advertisement -n metallb-system
Explanation
1 - Applies the L2Advertisment config
2 - Executes a describe of the resource so we can verify it has been applied correctly.
Build nginx Pod config
Commands
apiVersion: v1
kind: Pod
metadata:
name: nginx-pod
labels:
app: nginx
spec:
containers:
- name: nginx-container
image: nginx:latest
ports:
- containerPort: 80
Explanation
This is a simple nginx pod configuration. Write this to a file. Mine will be called nginxPod.yml
Apply/Verify pod config
Commands
kubectl apply -f nginxPod.yml
kubectl get pods nginx-pod
Explanation
1 - Applies the nginx pod configuration.
2 - Shows that the pod is being created. It may take a minute for the Status to show as "running".
Build nginx service config
Commands
apiVersion: v1
kind: Service
metadata:
name: nginx-svc
labels:
app: nginx
spec:
type: LoadBalancer
selector:
app: nginx
ports:
- port: 80
targetPort: 80
Explanation
This is a basic configuration for the nginx services. Note the type is set to LoadBalancer. Write this to a file. Mine will be called nginxSvc.yml
Apply/Verify the nginx service config
Commands
kubectl apply -f nginxSvc.yml
kubectl describe svc nginx-svc
Explanation
1 - Applies the configuration from the previous step.
2 - Describes the new nginx service. Note the "LoadBalancer Ingress:" line. It should contain the first IP from the pool that was specified for metalLB to use.
Final Test
Commands
curl <LoadBalancer Ingress IP>
Explanation
1 - Using the IP address from the kubectl describe command in the previous step, run a curl command, or enter it into a browser. If all was done correctly, you should receive the nginx welcome page.
Leave a Reply