- A k8s cluster deployed on Packet with 2 worker nodes.
- BGP enabled on both worker nodes.
- An IPv4 block allocated on Packet. A single address is enough for a single exposed service.
kubectl apply -f https://raw.githubusercontent.com/google/metallb/v0.7.3/manifests/metallb.yaml
Verify with kubectl -n metallb-system get pods
.
We assume the following configuration for the hosts:
- Worker 1: IP
10.80.166.9/31
GW10.80.166.8/31
- Worker 2: IP
10.80.166.11/31
GW10.80.166.10/31
- IPv4 pool:
147.75.85.132/30
- Cluster BGP ASN:
65000
- Packet BGP ASN:
65530
The above information can be obtained by looking at the BGP configuration for each host or by querying the Packet API.
Create a YAML file with the following content and apply it to the cluster.
apiVersion: v1
kind: ConfigMap
metadata:
namespace: metallb-system
name: config
data:
config: |
peers:
- peer-address: 10.80.166.8
peer-asn: 65530
my-asn: 65000
node-selectors:
- match-labels:
kubernetes.io/hostname: johannes-test-worker-0
- peer-address: 10.80.166.10
peer-asn: 65530
my-asn: 65000
node-selectors:
- match-labels:
kubernetes.io/hostname: johannes-test-worker-1
address-pools:
- name: default
protocol: bgp
addresses:
- 147.75.85.132/30
Verify BGP sessions are established on Packet as well as on MetalLB:
kubectl -n metallb-system logs speaker-mdmg2
kubectl -n metallb-system logs speaker-xfgb9
Create a YAML file with the following contents and apply it to the cluster:
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: httpbin
labels:
app: httpbin
spec:
replicas: 3
selector:
matchLabels:
app: httpbin
template:
metadata:
labels:
app: httpbin
spec:
containers:
- name: httpbin
image: kennethreitz/httpbin
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: httpbin
spec:
selector:
app: httpbin
type: LoadBalancer
ports:
- protocol: TCP
port: 80
targetPort: 80
Verify the service's pods are running:
kubectl get pods
Verify a public IP address has been allocated to the service:
kubectl describe services httpbin
LoadBalancer Ingress
should display the first IP address from the configured pool.
Verify the service is working:
curl -X GET "http://147.75.85.132/get" -H "accept: application/json"