Difference between revisions of "Metallb"

From UVOO Tech Wiki
Jump to navigation Jump to search
Line 73: Line 73:
 
```
 
```
 
kubectl logs -f -l component=speaker -n metallb-system
 
kubectl logs -f -l component=speaker -n metallb-system
 +
```
 +
 +
 +
Pod deployment with service for entry into cluster via bgp advertised ip
 +
```
 +
---
 +
apiVersion: apps/v1
 +
kind: Deployment
 +
metadata:
 +
  name: my-nginx
 +
spec:
 +
  selector:
 +
    matchLabels:
 +
      run: my-nginx
 +
  replicas: 2
 +
  template:
 +
    metadata:
 +
      labels:
 +
        run: my-nginx
 +
    spec:
 +
      containers:
 +
      - name: my-nginx
 +
        image: nginx
 +
        ports:
 +
        - containerPort: 80
 +
      tolerations:
 +
      - key: "node.kubernetes.io/unreachable"
 +
        operator: "Exists"
 +
        effect: "NoExecute"
 +
        tolerationSeconds: 10
 +
      - key: "node.kubernetes.io/not-ready"
 +
        operator: "Exists"
 +
        effect: "NoExecute"
 +
        tolerationSeconds: 10
 +
---
 +
apiVersion: v1
 +
kind: Service
 +
metadata:
 +
  name: my-nginx
 +
  labels:
 +
    run: my-nginx
 +
spec:
 +
  ports:
 +
  - port: 80
 +
    protocol: TCP
 +
  selector:
 +
    run: my-nginx
 +
  type: LoadBalancer
 
```
 
```
  

Revision as of 17:15, 19 December 2021

Get started with Microk8s

If firewall/router in front you can route or dnat form public ip to metallb private address assignment 

sudo ip route add 10.x.x.0/22 via 10.y.y.y (10.y.y.y is k8s instance ip address though usually you would use bgp)

BGP with frr password doesn't seem to work

frr 

frr version 8.1
frr defaults traditional
hostname hm0101
log syslog informational
log file /var/log/frr/frr.log
service integrated-vtysh-config
!
ip router-id 10.x.x.r
!
router bgp 65551
 bgp log-neighbor-changes
 neighbor 10.x.x.x remote-as 65551
 ! neighbor 10.x.x.x password metallb
 neighbor 10.x.x.y remote-as 65551
 ! neighbor 10.x.x.y password metallb
 neighbor 10.x.x.z remote-as 65551
 ! neighbor 10.x.x.z password metallb
exit
!

metallb-system configMap config config.yaml 

apiVersion: v1
kind: ConfigMap
metadata:
  namespace: metallb-system
  name: config
data:
  config: |
    peers:
    - # a test below is router/fw id
      peer-address: 10.x.x.r
      peer-asn: 65551
      my-asn: 65551
      # password: "metallb"
    address-pools:
    - name: my-ip-space
      protocol: bgp
      avoid-buggy-ips: true
      addresses:
      - 192.168.254.0/24

From Linux Router/GW/FW 

ip route | grep bgp
sudo vtysh -c "show bgp sum"
sudo vtysh -c "show bgp neighbor"
sudo vtysh -c "show ip route"
sudo tcpdump -nnpi myint port 179
sudo tail -f /var/log/frr/frr.log

kubectl logs -f -l component=speaker -n metallb-system

Pod deployment with service for entry into cluster via bgp advertised ip 

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-nginx
spec:
  selector:
    matchLabels:
      run: my-nginx
  replicas: 2
  template:
    metadata:
      labels:
        run: my-nginx
    spec:
      containers:
      - name: my-nginx
        image: nginx
        ports:
        - containerPort: 80
      tolerations:
      - key: "node.kubernetes.io/unreachable"
        operator: "Exists"
        effect: "NoExecute"
        tolerationSeconds: 10
      - key: "node.kubernetes.io/not-ready"
        operator: "Exists"
        effect: "NoExecute"
        tolerationSeconds: 10
---
apiVersion: v1
kind: Service
metadata:
  name: my-nginx
  labels:
    run: my-nginx
spec:
  ports:
  - port: 80
    protocol: TCP
  selector:
    run: my-nginx
  type: LoadBalancer

Other options

https://v0-2-1--metallb.netlify.app/tutorial/

arp

https://faun.pub/metallb-configuration-in-minikube-to-enable-kubernetes-service-of-type-loadbalancer-9559739787df

https://link.medium.com/xgtCprRJ0lb

https://manintheit.org/en/posts/kubernetes/kubernetes-metallb-loadbalancer-with-bgp-mode/

Retrieved from "https://tech.uvoo.io/index.php?title=Metallb&oldid=2551"