metallb 为私有Kubernetes集群创建LoadBalancer服务-不支持IPVS
Metallb给私有 Kubernetes 用户带来了一个方便、可用的LoadBalancer软件解决方案。
官网 https://metallb.universe.tf/
项目主页 https://github.com/google/metallb
官方文档 https://kubernetes.github.io/ingress-nginx/deploy/baremetal/
安装(会生成自己的命名空间以及 RBAC 配置)
[root@node01 ~]# kubectl apply -f kubectl apply -f https://raw.githubusercontent.com/google/metallb/v0.7.3/manifests/metallb.yaml
namespace/metallb-system created
serviceaccount/controller created
serviceaccount/speaker created
clusterrole.rbac.authorization.k8s.io/metallb-system:controller created
clusterrole.rbac.authorization.k8s.io/metallb-system:speaker created
role.rbac.authorization.k8s.io/config-watcher created
clusterrolebinding.rbac.authorization.k8s.io/metallb-system:controller created
clusterrolebinding.rbac.authorization.k8s.io/metallb-system:speaker created
rolebinding.rbac.authorization.k8s.io/config-watcher created
daemonset.apps/speaker created
deployment.apps/controller created
创建config.yaml提供IP池
wget https://raw.githubusercontent.com/google/metallb/v0.7.3/manifests/example-layer2-config.yaml
vim example-layer2-config.yaml
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
address-pools:
- name: my-ip-space
protocol: layer2
addresses:
#根据不同配置,Metallb 会以二层(ARP/NDP)或者 BGP 的方式进行地址的广播。
#用户需要在配置中提供一个地址池,Metallb 将会在其中选取地址分配给服务。
#修改ip地址池和集群节点网段相同
#- 192.168.2.1/24
- 192.168.2.20-192.168.2.140
kubectl apply -f example-layer2-config.yaml
使用 kubectl apply 命令应用之后,使用 kubectl logs -f [metallb-controller-pod] 会看到配置更新过程
创建后端应用和服务测试
vim tutorial-2.yaml
[centos@k8s-master ~]$ vim tutorial-2.yaml
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: nginx
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:1
ports:
- name: http
containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
type: LoadBalancer
LoadBalancer 类型的服务,分配到了我们地址池中的第一个 IP 192.168.2.21。
可以看到,同时申请了nodeport 30100 ,用curl集群外测试
[root@node01 ~]# curl http://192.168.2.21
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>