Andrew Mercer
Docs
Andrew Mercer

Install MetalLB

  • https://metallb.universe.tf
  • https://github.com/kubernetes/ingress-nginx/blob/main/docs/deploy/baremetal.md#a-pure-software-solution-metallb

Concepts

IP address allocation

  • https://metallb.universe.tf/concepts/#address-allocation

You’ll need IPs to hand out

Layer 2 Mode

  • https://metallb.universe.tf/concepts/layer2

Requirements

  • https://metallb.universe.tf/#requirements

Verify requirements

  • I’ll use 192.168.13.85-90 for IPs to start

Installation

  • https://metallb.universe.tf/installation

Update the kube-proxy configmap

kubectl edit configmap -n kube-system kube-proxy
# add blah blah, it's in the documentation

Create the metallb namespace

kubectl create namespace metallb

or use a manifest file:

cat << EOF > metallb_ns.yaml
kind: Namespace
apiVersion: v1
metadata:
  name: metallb
  labels:
    pod-security.kubernetes.io/enforce: privileged
    pod-security.kubernetes.io/audit: privileged
    pod-security.kubernetes.io/warn: privileged
EOF
kubectl apply -f metallb_ns.yaml

Label

If you didn’t add labels to the metallb namespace at creation:

Test:

kubectl label --dry-run=server --overwrite ns metallb \
    pod-security.kubernetes.io/enforce=privileged \
    pod-security.kubernetes.io/audit=privileged \
    pod-security.kubernetes.io/warn=privileged

Run for real:

kubectl label --overwrite ns metallb \
    pod-security.kubernetes.io/enforce=privileged \
    pod-security.kubernetes.io/audit=privileged \
    pod-security.kubernetes.io/warn=privileged

See also: https://kubernetes.io/docs/tasks/configure-pod-container/enforce-standards-namespace-labels

Install metallb

helm repo add metallb https://metallb.github.io/metallb
helm -n metallb install metallb metallb/metallb

MetalLB Configuration

Configure address pool

ipaddresspool_simple.yml

  • https://github.com/metallb/metallb/blob/main/configsamples/ipaddresspool_simple.yml
cat << EOF > metallb_config.yml
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
  name: example
  namespace: metallb
spec:
  addresses:
  - 192.168.13.85-192.168.13.90
EOF

Layer 2 configuration

  • https://metallb.universe.tf/configuration/#layer-2-configuration

Append to the metallb_config.yml file

apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
  name: example
  namespace: metallb

Full file:

apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
  name: example
  namespace: metallb
spec:
  addresses:
  - 192.168.13.85-192.168.13.90
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
  name: example
  namespace: metallb
cat << EOF > metallb.yml
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
  name: example
  namespace: metallb
spec:
  addresses:
  - 192.168.13.85-192.168.13.90
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
  name: example
  namespace: metallb
EOF
Prev
GitLab runners
Next
Install self-hosted Github