If your environment is not currently equipped with a load balancer, you can use MetalLB. Otherwise, your own load balancer will work and you can proceed to vSphere FIPS: Install Kommander and continue the installation process.

To use MetalLB, create a MetalLB configMap for your vSphere infrastructure. MetalLB uses one of two protocols for exposing Kubernetes services:

  • Layer 2, with Address Resolution Protocol (ARP)

  • Border Gateway Protocol (BGP

Select one of the following procedures to create your MetalLB manifest for further editing.

Create a MetalLB configMap for your vSphere infrastructure. MetalLB uses one of two protocols for exposing Kubernetes services:

  • Layer 2, with Address Resolution Protocol (ARP)

  • Border Gateway Protocol (BGP)

Select one of the following procedures to create your MetalLB manifest for further editing and deployment.

Layer 2 configuration

Layer 2 mode is the simplest to configure: in many cases, you don’t need any protocol-specific configuration, only IP addresses.

Layer 2 mode does not require the IPs to be bound to the network interfaces of your worker nodes. It works by responding to Address Resolution Protocol (ARP) requests on your local network directly, to give the machine’s MAC address to clients.

For example, the following configuration gives MetalLB control over IPs from 192.168.1.240 to 192.168.1.250, and configures Layer 2 mode:

The following values are generic, enter your specific values into the fields where applicable.

  1. Create a metallb-conf.yaml file for editing with the command:

    cat << EOF > metallb-conf.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: metallb-system
  name: config
data:
  config: |
    address-pools:
    - name: default
      protocol: layer2
      addresses:
      - 192.168.1.240-192.168.1.250
EOF
    CODE

  2. Edit the file to contain values specific to your environment, then run the following kubectl command:

    kubectl apply -f metallb-conf.yaml
    CODE

BGP configuration

For a basic configuration featuring one BGP router and one IP address range, you need four pieces of information:

  • The router IP address to which MetalLB should connect

  • The router’s AS number

  • The AS number MetalLB should use

  • An IP address range expressed as a CIDR prefix

For example, if you want to give MetalLB the range 192.168.10.0/24 and AS number 64500, and connect it to a router at 10.0.0.1 with AS number 64501, your configuration will look like the code snippet below.

The following example values are generic, enter your specific values into the fields where applicable.

  1. Extract the kubeconfig for your cluster and deploy a configMap for MetalLB using the following command:

    dkp get kubeconfig -c ${DKP_CLUSTER_NAME} > ${DKP_CLUSTER_NAME}.conf
    CODE

  2. Create a metallb-conf.yaml file for editing with the command:

    cat << EOF > metallb-conf.yaml
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: metallb-system
  name: config
data:
  config: |
    peers:
    - peer-address: 10.0.0.1
      peer-asn: 64501
      my-asn: 64500
    address-pools:
    - name: default
      protocol: bgp
      addresses:
      - 192.168.10.0/24
EOF
    CODE

  3. Edit the file to contain values specific to your environment, then run the following kubectl command:

    kubectl apply -f metallb-conf.yaml
    CODE

Next Step:

vSphere FIPS: Install Kommander