2 Installing the MetalLB Module

This chapter discusses how to install the MetalLB module to set up application load balancers for Kubernetes applications using MetalLB on bare metal Oracle Cloud Native Environment instances.

Prerequisites

This section contains the prerequisite information you need to set up the MetalLB module.

Setting up the Health Check Endpoint Network Ports

When using a Kubernetes LoadBalancer service with the ServiceInternalTrafficPolicy set to Cluster (the default), a health check endpoint is expected to be available on TCP port 10256. kube-proxy creates a listener on this port, which provides access to the LoadBalancer service to verify that kube-proxy is healthy on the nodes. The LoadBalancer service decides which nodes can have traffic routed to them using this policy. To allow traffic on this port, you must open TCP port 10256 on all Kubernetes nodes. On each Kubernetes node, run:

sudo firewall-cmd --zone=public --add-port=10256/tcp
sudo firewall-cmd --zone=public --add-port=10256/tcp --permanent
sudo systemctl restart firewalld.service

For more information on the ServiceInternalTrafficPolicy, see the upstream Kubernetes documentation.

Ensure traffic is allowed for TCP port 10256 in the network security list.

Setting up the Network Ports

You must open the following ports on Kubernetes worker nodes. On each worker node, run:

sudo firewall-cmd --zone=public --add-port=7946/tcp --permanent
sudo firewall-cmd --zone=public --add-port=7946/udp --permanent
sudo systemctl restart firewalld.service

Creating a MetalLB Configuration File

You must provide a MetalLB configuration file on the operator node to configure your MetalLB instance. In the configuration file, which must be in the YAML custom resource definition (CRD) file format, you can configure MetalLB using options such as IPAddressPools, BGPPeer, BGPAdvertisement, and L2Advertisement.

The Platform API Server uses the information contained in the configuration file when creating the MetalLB module.

For information on the options available to use in the configuration file, see the upstream MetalLB documentation.

The following example configuration file uses a MetalLB Layer 2 configuration and provides the IP address range from 192.168.1.240 to 192.168.1.250 to MetalLB to create load balancer IPs for Kubernetes applications. This example file is named metallb-config.yaml and contains:

apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
  creationTimestamp: null
  name: default
  namespace: metallb
spec:
  addresses:
  - 192.168.1.240-192.168.1.250
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
  creationTimestamp: null
  name: l2advertisement1
  namespace: metallb
spec:
  ipAddressPools:
  - default 

Deploying the MetalLB Module

You can deploy all the modules required to set up MetalLB for a Kubernetes cluster using a single olcnectl module create command. This method might be useful to deploy the MetalLB module at the same time as deploying a Kubernetes cluster.

If you have an existing deployment of the Kubernetes module, you can specify that instance when deploying the MetalLB module.

This section guides you through installing each component required to deploy the MetalLB module.

For the full list of the Platform CLI command options available when creating modules, see the olcnectl module create command in Platform Command-Line Interface.

To deploy the MetalLB module:

1. If you don't already have an environment set up, create one into which the modules can be deployed. For information on setting up an environment, see Getting Started. The name of the environment in this example is myenvironment.

2. If you don't already have a Kubernetes module set up or deployed, set one up. For information on adding a Kubernetes module to an environment, see Kubernetes Module. The name of the Kubernetes module in this example is mycluster.

3. Create a MetalLB module and associate it with the Kubernetes module named mycluster using the --metallb-kubernetes-module option. In this example, the MetalLB module is named mymetallb.

   olcnectl module create \
   --environment-name myenvironment \
   --module metallb \
   --name mymetallb \
   --metallb-kubernetes-module mycluster \
   --metallb-config metallb-config.yaml

   The --module option sets the module type to create, which is metallb. You define the name of the MetalLB module using the --name option, which in this case is mymetallb.

   The --metallb-kubernetes-module option sets the name of the Kubernetes module.

   The --metallb-config option sets the location for the MetalLB configuration file. This file must be available on the operator node under the provided path. For information on creating this configuration file, see Creating a MetalLB Configuration File.

   If you do not include all the required options when adding the module, you're prompted to provide them.

4. Use the olcnectl module install command to install the MetalLB module. For example:

   olcnectl module install \
   --environment-name myenvironment \
   --name mymetallb

   The MetalLB module is deployed into the Kubernetes cluster.

Verifying the MetalLB Module Deployment

You can verify the MetalLB module is deployed using the olcnectl module instances command on the operator node. For example:

olcnectl module instances \
--environment-name myenvironment

The output looks similar to:

INSTANCE                  MODULE        STATE  
mymetallb                 metallb       installed 
mycluster                 kubernetes    installed
...

Note the entry for metallb in the MODULE column is in the installed state.

In addition, use the olcnectl module report command to review information about the module. For example, use the following command to review the MetalLB module named mymetallb in myenvironment:

olcnectl module report \
--environment-name myenvironment \
--name mymetallb \
--children

For more information on the syntax for the olcnectl module report command, see Platform Command-Line Interface.