In modern Kubernetes environments, managing network resources efficiently is crucial for ensuring the seamless operation of applications. Load balancing is a fundamental aspect of distributing incoming network traffic across multiple instances of an application, enhancing performance and ensuring high availability. MetalLB, a widely-used service for Kubernetes, provides a solution for load balancing within the cluster. One of its operational modes, Layer 2 mode, dynamically assigns Layer 2 IP addresses to services, making it suitable for network environments that require Layer 2 functionality.
In this blog post, we will delve into the process of deploying MetalLB in Layer 2 mode. We will walk through the essential steps to set up MetalLB within your Kubernetes cluster and configure it to work efficiently in Layer 2 mode. By the end of this guide, you will have a solid understanding of how to harness MetalLB’s capabilities to optimize load balancing in your Kubernetes environment. So, let’s begin the journey of exploring MetalLB and its Layer 2 deployment mode to enhance the networking aspects of your Kubernetes applications.
Deploy
-
If you’re using kube-proxy in IPVS mode, since Kubernetes v1.14.2 you have to enable strict ARP mode.
kubectl get configmap kube-proxy -n kube-system -o yaml | \ sed -e "s/strictARP: false/strictARP: true/" | \ kubectl apply -f - -n kube-systemNote, you don’t need this if you’re using kube-router as service-proxy because it is enabling strict ARP by default.
-
Apply the MetalLB manifest from the metallb-native.yaml file
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.10/config/manifests/metallb-native.yamlThis will deploy MetalLB to your cluster, under the metallb-system namespace. The components in the manifest are:
-
The metallb-system/controller deployment. This is the cluster-wide controller that handles IP address assignments.
-
The metallb-system/speaker daemonset. This is the component that speaks the protocol(s) of your choice to make the services reachable. Service accounts for the controller and speaker, along with the RBAC permissions that the components need to function.
-
-
Create metallb ip pool and L2Advertisement, change address with range ip in your network subnet.
vim metallb-config.yaml apiVersion: metallb.io/v1beta1 kind: IPAddressPool metadata: name: default namespace: metallb-system spec: addresses: - 20.20.20.30-20.20.20.50 --- apiVersion: metallb.io/v1beta1 kind: L2Advertisement metadata: name: l2adv namespace: metallb-system spec: ipAddressPools: - default -
Apply manifest
kubectl apply -f metallb-config.yaml -
Test create deployment with lb service
vim nginx-lb.yaml apiVersion: apps/v1 kind: Deployment metadata: name: nginx-loadbalancer-deployment spec: replicas: 3 selector: matchLabels: app: nginx template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:latest ports: - containerPort: 80 --- apiVersion: v1 kind: Service metadata: name: nginx-loadbalancer-service spec: selector: app: nginx type: LoadBalancer ports: - name: http port: 80 targetPort: 80 protocol: TCP -
Apply manifest
kubectl apply -f nginx-lb.yaml -
Monitor the resources, now the lb service should be getting an IP.
-
Try to reach assigned ip with arping and curl the service
