Deploy Metallb with Layer2 Mode

Photo by Li Zhang on Unsplash

Deploy Metallb with Layer2 Mode

In modern Kubernetes environments, managing network resources efficiently is crucial for ensuring the seamless operation of applications. Load balancing is a fundamental aspect of distributing incoming network traffic across multiple instances of an application, enhancing performance and ensuring high availability. MetalLB, a widely-used service for Kubernetes, provides a solution for load balancing within the cluster. One of its operational modes, Layer 2 mode, dynamically assigns Layer 2 IP addresses to services, making it suitable for network environments that require Layer 2 functionality.

In this blog post, we will delve into the process of deploying MetalLB in Layer 2 mode. We will walk through the essential steps to set up MetalLB within your Kubernetes cluster and configure it to work efficiently in Layer 2 mode. By the end of this guide, you will have a solid understanding of how to harness MetalLB's capabilities to optimize load balancing in your Kubernetes environment. So, let's begin the journey of exploring MetalLB and its Layer 2 deployment mode to enhance the networking aspects of your Kubernetes applications.

Deploy

  1. If you’re using kube-proxy in IPVS mode, since Kubernetes v1.14.2 you have to enable strict ARP mode.

     kubectl get configmap kube-proxy -n kube-system -o yaml | \
     sed -e "s/strictARP: false/strictARP: true/" | \
     kubectl apply -f - -n kube-system
    

    Note, you don’t need this if you’re using kube-router as service-proxy because it is enabling strict ARP by default.

  2. Apply the MetalLB manifest from the metallb-native.yaml file

      kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.10/config/manifests/metallb-native.yaml
    

    This will deploy MetalLB to your cluster, under the metallb-system namespace. The components in the manifest are:

    • The metallb-system/controller deployment. This is the cluster-wide controller that handles IP address assignments.

    • The metallb-system/speaker daemonset. This is the component that speaks the protocol(s) of your choice to make the services reachable. Service accounts for the controller and speaker, along with the RBAC permissions that the components need to function.

  3. Create metallb ip pool and L2Advertisement, change address with range ip in your network subnet.

     vim metallb-config.yaml
    
     apiVersion: metallb.io/v1beta1
     kind: IPAddressPool
     metadata:
       name: default
       namespace: metallb-system
     spec:
       addresses:
       - 20.20.20.30-20.20.20.50
    
     ---
     apiVersion: metallb.io/v1beta1
     kind: L2Advertisement
     metadata:
       name: l2adv
       namespace: metallb-system
     spec:
       ipAddressPools:
       - default
    
  4. Apply manifest

    kubectl apply -f metallb-config.yaml
    
  5. Test create deployment with lb service

     vim nginx-lb.yaml
    
     apiVersion: apps/v1
     kind: Deployment
     metadata:
       name: nginx-loadbalancer-deployment
     spec:
       replicas: 3
       selector:
         matchLabels:
           app: nginx
       template:
         metadata:
           labels:
             app: nginx
         spec:
           containers:
           - name: nginx
             image: nginx:latest
             ports:
             - containerPort: 80
    
     ---
    
     apiVersion: v1
     kind: Service
     metadata:
       name: nginx-loadbalancer-service
     spec:
       selector:
         app: nginx
       type: LoadBalancer
       ports:
       - name: http
         port: 80
         targetPort: 80
         protocol: TCP
    
  6. Apply manifest

     kubectl apply -f nginx-lb.yaml
    
  7. Monitor the resources, now the lb service should be getting an IP.

  8. Try to reach assigned ip with arping and curl the service