In this guide we present paths to install MetalLB both via Helm Charts and Kubespray. Please follow only the path applicable, ideal to your environment.
Sections within this guide:
- New MetalLB Deployment via Helm
- New MetalLB Deployment via Kubespray
- Migration of MetalLB Version 0.12.X to 0.13.x
NOTE - If you plan to upgrade your MetalLB Helm-Chart in the future, ensure the metallb release notes are followed.
helm repo add metallb https://metallb.github.io/metallb
helm -n metallb-system install metallb metallb/metallb --version 0.13.11
kubectl -n metallb-system expose deployment metallb-controller --name=controller --overrides='{"spec":{"ports":[{"protocol":"TCP","name":"monitoring","port":7472}]}}'
NOTE - make sure you replace the example addresses with your IP ranges
cat > metallb-config.yaml << EOF
---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: default
namespace: metallb-system
spec:
addresses:
- 144.217.30.192/28
- 198.50.185.112/28
- 66.70.218.96/28
- 194.28.98.217/32
- 194.28.98.219-194.28.98.222
autoAssign: true
avoidBuggyIPs: false
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
creationTimestamp: null
name: l2advertisement1
namespace: metallb-system
spec:
ipAddressPools:
- default
EOF
kubectl apply -f metallb-config.yaml
If you are using MetalLB with a kubernetes version that enforces Pod Security Admission (which is beta in k8s 1.23), make sure to label the metallb-system namespace with the following labels:
labels:
pod-security.kubernetes.io/enforce: privileged
pod-security.kubernetes.io/audit: privileged
pod-security.kubernetes.io/warn: privileged
Based on MetalLB via Kubespray guidance documented here
The Kubespray flags provided bellow should go into your Provider's Kubespray inventory file and under the vars section. Our reference Provider Kubespray inventory file - used during initial Provider Kubernetes cluster build - is located here.
# akash provider needs metallb pool name set to `default` - https://github.com/akash-network/provider/blob/v0.1.0-rc13/cluster/kube/metallb/client.go#L43
metallb_pool_name: default
metallb_enabled: true
metallb_speaker_enabled: true
#metallb_avoid_buggy_ips: true
metallb_protocol: layer2
kube_proxy_strict_arp: true
# set your IP ranges here
metallb_ip_range:
- 144.217.30.192/28
- 198.50.185.112/28
- 66.70.218.96/28
- Kubespray your cluster with this config and then expose your MetalLB controller for the Akash IP Operator access it
kubectl -n metallb-system expose deployment controller --overrides='{"spec":{"ports":[{"protocol":"TCP","name":"monitoring","port":7472}]}}'
Perform the following only if you have upgraded your MetalLB from 0.12 (or prior) to 0.13 (or higher) version.
Based on https://metallb.universe.tf/configuration/migration_to_crds/
1). Save the old v0.12 configmap-based metallb config to a config.yaml file
kubectl -n metallb-system get cm config -o yaml > config.yaml
2). Use this command to migrate it to v0.13 (CRD-based format) - (resources.yaml)
docker run -d -v $(pwd):/var/input quay.io/metallb/configmaptocrs
This will produce a new config file - resources.yaml.
3). Apply the new config
kubectl apply -f resources.yaml
4). Remove the old config
kubectl -n metallb-system delete cm config
config.yaml
apiVersion: v1
data:
config: |
address-pools:
- name: default
protocol: layer2
addresses:
- 194.28.98.216/29
kind: ConfigMap
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","data":{"config":"address-pools:\n- name: default\n protocol: layer2\n addresses:\n - 194.28.98.216/29\n"},"kind":"ConfigMap","metadata":{"annotations":{},"name":"config","namespace":"metallb-system"}}
creationTimestamp: "2023-02-20T10:35:36Z"
name: config
namespace: metallb-system
resourceVersion: "150026"
uid: fd35767f-2f35-4792-b4fd-01b1d9ce2cb8
resources.yaml
# This was autogenerated by MetalLB's custom resource generator.
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
creationTimestamp: null
name: default
namespace: metallb-system
spec:
addresses:
- 194.28.98.216/29
status: {}
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
creationTimestamp: null
name: l2advertisement1
namespace: metallb-system
spec:
ipAddressPools:
- default
status: {}
---