2 Installing the MetalLB Module
This chapter discusses how to install the MetalLB module to set up application load balancers for Kubernetes applications using MetalLB on bare metal Oracle Cloud Native Environment instances.
Prerequisites
This section contains the prerequisite information you need to set up the MetalLB module.
Setting up the Health Check Endpoint Network Ports
When using a Kubernetes LoadBalancer service with the
ServiceInternalTrafficPolicy
set to Cluster
(the
default), a health check endpoint is expected to be available on TCP port 10256.
kube-proxy
creates a listener on this port, which provides access to the
LoadBalancer service to verify that kube-proxy
is healthy on the nodes. The
LoadBalancer service decides which nodes can have traffic routed to them using this policy.
To allow traffic on this port, you must open TCP port 10256 on all Kubernetes nodes. On each
Kubernetes node, run:
sudo firewall-cmd --zone=public --add-port=10256/tcp
sudo firewall-cmd --zone=public --add-port=10256/tcp --permanent
sudo systemctl restart firewalld.service
For more information on the ServiceInternalTrafficPolicy
, see the upstream
Kubernetes documentation.
Ensure traffic is allowed for TCP port 10256 in the network security list.
Setting up the Network Ports
You must open the following ports on Kubernetes worker nodes. On each worker node, run:
sudo firewall-cmd --zone=public --add-port=7946/tcp --permanent
sudo firewall-cmd --zone=public --add-port=7946/udp --permanent
sudo systemctl restart firewalld.service
Creating a MetalLB Configuration File
You must provide a MetalLB configuration file on the operator node to configure your
MetalLB instance. In the configuration file, which must be in the YAML
custom resource definition (CRD) file format, you can configure MetalLB using options such
as IPAddressPools
, BGPPeer
,
BGPAdvertisement
, and L2Advertisement
.
The Platform API Server uses the information contained in the configuration file when creating the MetalLB module.
For information on the options available to use in the configuration file, see the upstream MetalLB documentation.
The following example configuration file uses a MetalLB Layer 2 configuration and provides
the IP address range from 192.168.1.240 to 192.168.1.250 to MetalLB to create load balancer
IPs for Kubernetes applications. This example file is named
metallb-config.yaml
and contains:
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
creationTimestamp: null
name: default
namespace: metallb
spec:
addresses:
- 192.168.1.240-192.168.1.250
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
creationTimestamp: null
name: l2advertisement1
namespace: metallb
spec:
ipAddressPools:
- default
Deploying the MetalLB Module
You can deploy all the modules required to set up MetalLB for a Kubernetes cluster using a
single olcnectl module create
command. This method might be useful to deploy
the MetalLB module at the same time as deploying a Kubernetes cluster.
If you have an existing deployment of the Kubernetes module, you can specify that instance when deploying the MetalLB module.
This section guides you through installing each component required to deploy the MetalLB module.
For the full list of the Platform CLI command options available when creating modules, see
the olcnectl module create
command in Platform Command-Line Interface.
To deploy the MetalLB module:
-
If you don't already have an environment set up, create one into which the modules can be deployed. For information on setting up an environment, see Getting Started. The name of the environment in this example is
myenvironment
. -
If you don't already have a Kubernetes module set up or deployed, set one up. For information on adding a Kubernetes module to an environment, see Kubernetes Module. The name of the Kubernetes module in this example is
mycluster
. -
Create a MetalLB module and associate it with the Kubernetes module named
mycluster
using the--metallb-kubernetes-module
option. In this example, the MetalLB module is namedmymetallb
.olcnectl module create \ --environment-name myenvironment \ --module metallb \ --name mymetallb \ --metallb-kubernetes-module mycluster \ --metallb-config metallb-config.yaml
The
--module
option sets the module type to create, which ismetallb
. You define the name of the MetalLB module using the--name
option, which in this case ismymetallb
.The
--metallb-kubernetes-module
option sets the name of the Kubernetes module.The
--metallb-config
option sets the location for the MetalLB configuration file. This file must be available on the operator node under the provided path. For information on creating this configuration file, see Creating a MetalLB Configuration File.If you do not include all the required options when adding the module, you're prompted to provide them.
-
Use the
olcnectl module install
command to install the MetalLB module. For example:olcnectl module install \ --environment-name myenvironment \ --name mymetallb
The MetalLB module is deployed into the Kubernetes cluster.
Verifying the MetalLB Module Deployment
You can verify the MetalLB module is deployed using the olcnectl module
instances
command on the operator node. For example:
olcnectl module instances \
--environment-name myenvironment
The output looks similar to:
INSTANCE MODULE STATE
mymetallb metallb installed
mycluster kubernetes installed
...
Note the entry for metallb
in the MODULE
column is in the
installed
state.
In addition, use the olcnectl module report
command to review information
about the module. For example, use the following command to review the MetalLB module
named mymetallb
in myenvironment
:
olcnectl module report \
--environment-name myenvironment \
--name mymetallb \
--children
For more information on the syntax for the olcnectl module report
command,
see Platform Command-Line Interface.