Relay70

Kubernetes – MetalLB

Installing and configuring metalLB load balancer onto a new Kubernetes cluster.
After configuration we will build a simple nginx service that will use an IP from the metalLB ip pool.

Prepare Kubernetes for MetalLB install

Commands
kubectl edit configmap -n kube-system kube-proxy

ipvs:
      strictARP: true
 mode: "ipvs"
Explanation
1 - Edit the config map for kubeproxy in the kube-system namespace
3/4 - Find the set the "ipvs"/"strictARP" line to "true"
5 - Find the "mode" line and set it to "ipvs"

Install MetalLB manifest

Commands
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.14.9/config/manifests/metallb-native.yaml
Explanation
1 - This command downloads the manifest file from github. 
You should see that the following configmaps, services, deployments, etc are created.

configmap/metallb-excludel2 created
secret/metallb-webhook-cert created
service/metallb-webhook-service created
deployment.apps/controller created
daemonset.apps/speaker created

Check for installation

Commands
kubectl get namespaces
NAME              STATUS   AGE
default           Active   90d
metallb-system    Active   2m38s

kubectl get all -n metallb-system
NAME                              TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
service/metallb-webhook-service   ClusterIP   10.101.112.178   <none>        443/TCP   2m48s
NAME                     DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
daemonset.apps/speaker   3         3         0       3            0           kubernetes.io/os=linux   2m48s
NAME                         READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/controller   1/1     1            1           2m48s
NAME                                   DESIRED   CURRENT   READY   AGE
replicaset.apps/controller-7dcb87658   1         1         1       2m48s

Explanation
1 - Kubectl command will show all namespaces.  We should now see one called metallb-system. (I've removed some kube-system namespaces to save space)
6 - kubectl command to list everything in the new metallb-system namespace. You will see the service, daemonset, deployment and replicaset listed here.

Create your Kubernetes CR (custom resource)

Commands
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
  name: first-pool
  namespace: metallb-system
spec:
  addresses:
  - 192.168.1.6-192.168.1.9

Explanation
Create this file.
While you can call it whatever you want mine will be called metalIPPool.yml.
This is for creating the IPAddressPool Kubernetes CR (custom resource). Mine specifies a small list of IP's. 192.168.6 - .9. You can also list address ranges using CIDR notation or a list of addresses and ranges.

Apply the new IPAddressPool CR type.

Commands
kubectl apply -f metalIPPool.yml 

Explanation
1 - This is a standard kubectl command to apply any manifest file for kubernetes configs.

Verify IPAddressPool CR type

Commands
 kubectl describe IPAddressPool -n metallb-system
Explanation
1 - kubectl command to verify that the manifest was applied correctly.  It should show your IP range as well as name, namespace, Kind, etc.

Create metalLB L2 Advertisment

Commands
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
  name: first-pool-l2advert 
  namespace: metallb-system
Explanation
Create a file with these contents. You can call the file whatever you'd like.  Mine is called metalLBL2Advert.yml.  This configuration will allow metalLB to answer and forward network requests from outside you cluster.

Apply/Verify L2Advertisment

Commands
kubectl apply -f metalLBL2Advert.yml
kubectl describe L2Advertisement -n metallb-system
Explanation
1 - Applies the L2Advertisment config
2 - Executes a describe of the resource so we can verify it has been applied correctly.

Build nginx Pod config

Commands
apiVersion: v1
kind: Pod
metadata:
  name: nginx-pod
  labels:
    app: nginx
spec:
  containers:
  - name: nginx-container
    image: nginx:latest
    ports:
      - containerPort: 80
Explanation
This is a simple nginx pod configuration.  Write this to a file.  Mine will be called nginxPod.yml

Apply/Verify pod config

Commands
kubectl apply -f nginxPod.yml
kubectl get pods nginx-pod
Explanation
1 - Applies the nginx pod configuration.
2 - Shows that the pod is being created. It may take a minute for the Status to show as "running".

Build nginx service config

Commands
apiVersion: v1
kind: Service
metadata:
  name: nginx-svc
  labels:
    app: nginx
spec:
  type: LoadBalancer 
  selector:
    app: nginx
  ports:
    - port: 80
      targetPort: 80
Explanation
This is a basic configuration for the nginx services.  Note the type is set to LoadBalancer.  Write this to a file.  Mine will be called nginxSvc.yml

Apply/Verify the nginx service config

Commands
kubectl apply -f nginxSvc.yml
kubectl describe svc nginx-svc
Explanation
1 - Applies the configuration from the previous step.
2 - Describes the new nginx service. Note the "LoadBalancer Ingress:" line. It should contain the first IP from the pool that was specified for metalLB to use.

Final Test

Commands
curl <LoadBalancer Ingress IP>
Explanation
1 - Using the IP address from the kubectl describe command in the previous step, run a curl command, or enter it into a browser.  If all was done correctly, you should receive the nginx welcome page.


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *