MetalLB as TCP/UDP Load Balancer for RKE2
This guide explains how to set up MetalLB as a Layer2 TCP/UDP load balancer for an RKE2 cluster.
For details on configuring ingress within RKE2, refer to the Ingress NGINX Controller on RKE2 Guide.
Overview
What is MetalLB?
MetalLB is a load balancer implementation for bare-metal Kubernetes clusters. In Layer2 mode, MetalLB assigns a virtual IP (VIP) to a service by broadcasting ARP requests to the local network.
Key Features
- Layer2 ARP-Based VIP Management: Ideal for bare-metal and on-prem environments.
- Supports TCP/UDP Traffic: Load balances both TCP and UDP traffic.
- High Availability: Ensures failover between nodes for VIPs.
For more details, visit the MetalLB Documentation.
Setup Instructions
Step 1: Install MetalLB
Deploy the MetalLB Manifest:
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.13.7/manifests/metallb.yamlVerify the Installation: Ensure that the
metallbpods are running in themetallb-systemnamespace:kubectl get pods -n metallb-system
Step 2: Configure the MetalLB ConfigMap
Example: Static IP Pool Configuration
Create the ConfigMap: Define a pool of IP addresses for MetalLB to use:
apiVersion: v1 kind: ConfigMap metadata: namespace: metallb-system name: config data: config: | address-pools: - name: default protocol: layer2 addresses: - 192.168.1.240-192.168.1.250Apply the ConfigMap:
kubectl apply -f metallb-config.yaml
Example: DHCP Configuration
For environments where DHCP is preferred, MetalLB can integrate with external DHCP servers. Update the configuration as follows:
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: dhcp
protocol: layer2
auto-assign: true
Step 3: Test MetalLB
Create a Service with LoadBalancer Type:
apiVersion: v1 kind: Service metadata: name: nginx-service namespace: default spec: selector: app: nginx ports: - protocol: TCP port: 80 targetPort: 80 type: LoadBalancerValidate the Assigned IP:
kubectl get svc nginx-serviceExpected output:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE nginx-service LoadBalancer 10.96.0.1 192.168.1.240 80:30001/TCP 2m
Deploying MetalLB via ArgoCD
For environments leveraging ArgoCD for GitOps, you can deploy MetalLB with the following manifest:
ArgoCD Application Manifest
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: metallb
namespace: argocd
spec:
destination:
namespace: metallb-system
server: https://kubernetes.default.svc
project: load-balancers
source:
repoURL: https://github.com/metallb/metallb
targetRevision: v0.13.7
path: manifests
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
Customizing Load Balancers
MetalLB supports custom TCP/UDP load balancer configurations. For example, to create a dedicated load balancer for ingress traffic:
Example ConfigMap Entry for Ingress Traffic
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: ingress
protocol: layer2
addresses:
- 192.168.1.200-192.168.1.210
Then, create a service with type: LoadBalancer that uses this pool:
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
spec:
selector:
app.kubernetes.io/name: ingress-nginx
type: LoadBalancer
ports:
- port: 80
targetPort: 80
- port: 443
targetPort: 443
Integration with RKE2
MetalLB integrates seamlessly with RKE2 clusters to provide load balancing for Kubernetes services, including the control plane and ingress traffic. For more details, refer to the Ingress NGINX Controller on RKE2 Guide.