一、MetalLB 安装¶
1.3.1 前提条件¶
已准备kuberntes集群:v1.26.9,已准备网络插件:calico等。
[root@master01 ~]# kg node -owide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
master01 Ready control-plane 12d v1.26.9 10.0.0.60 <none> CentOS Linux 7 (Core) 4.19.12-1.el7.elrepo.x86_64 containerd://1.6.24
master02 Ready control-plane 12d v1.26.9 10.0.0.63 <none> CentOS Linux 7 (Core) 4.19.12-1.el7.elrepo.x86_64 containerd://1.6.24
master03 Ready control-plane 12d v1.26.9 10.0.0.64 <none> CentOS Linux 7 (Core) 4.19.12-1.el7.elrepo.x86_64 containerd://1.6.24
node01 Ready <none> 12d v1.26.9 10.0.0.61 <none> CentOS Linux 7 (Core) 4.19.12-1.el7.elrepo.x86_64 containerd://1.6.24
node02 Ready <none> 12d v1.26.9 10.0.0.62 <none> CentOS Linux 7 (Core) 4.19.12-1.el7.elrepo.x86_64 containerd://1.6.24
如果在 IPVS 模式下使用 kube-proxy,从 Kubernetes v1.14.2 开始,必须启用严格的 ARP模式。
可以通过在当前集群中编辑 kube-proxy 配置来实现这一点,执行一下命令:
#修改成IPVS模式:
[root@master01 ~]# kubectl edit configmap -n kube-system kube-proxy
...
...
kind: KubeProxyConfiguration
metricsBindAddress: ""
mode: "ipvs"
...
...
#设置kubernetes的kube-proxy的ARP模式为true
[root@master01 ~]# kubectl get configmap kube-proxy -n kube-system -o yaml | \
sed -e "s/strictARP: false/strictARP: true/" | \
kubectl apply -f - -n kube-system
#验证
[root@master01 4]# kubectl get configmap kube-proxy -n kube-system -o yaml |grep strictARP
strictARP: true
1.3.2 MetalLB 安装¶
Metallb 支持 yaml文件、Kustomize、Helm 和 MetalLB Operator多种安装方法,这里 使用yaml方式进行安装。
下载release版本
[root@master01 ~]# cd 4
[root@master01 4]# wget https://github.com/metallb/metallb/archive/refs/tags/v0.13.12.tar.gz
[root@master01 4]# tar -zxvf metallb-0.13.12.tar.gz
执行yaml文件进行安装
##修改metallb-native.yaml文件,将namespace命名空间替换成devops
# 如果没有devops命名空间
[root@master01 ~]# k create ns devops
# 将namespace命名空间替换成devops
[root@master01 ~]# cd /root/4/metallb-0.13.12/config/manifests/
[root@master01 manifests]# vim metallb-native.yaml
:%s/namespace: metallb-system/namespace: devops/g
##修改metallb-native.yaml文件,将国外镜像替换成国内镜像
[root@master01 ~]# cd /root/4/metallb-0.13.12/config/manifests/
[root@master01 manifests]# vim metallb-native.yaml
#替换前的镜像
image: quay.io/metallb/controller:v0.13.12
image: quay.io/metallb/speaker:v0.13.12
#替换后的镜像
registry.cn-hangzhou.aliyuncs.com/abroad_images/controller:v0.13.12
registry.cn-hangzhou.aliyuncs.com/abroad_images/speaker:v0.13.12
##应用
[root@master01 ~]# cd /root/4/metallb-0.13.12/config/manifests/
[root@master01 manifests]# kubectl apply -f metallb-native.yaml
查看运行的pods,metalLB包含两个部分: a cluster-wide controller, and a per- machine protocol speaker.
[root@master01 manifests]# kgp -n devops
NAME READY STATUS RESTARTS AGE
controller-6b44dbf99b-qhhkv 1/1 Running 0 13m
speaker-dzxrv 1/1 Running 0 13m
speaker-kv52n 1/1 Running 0 13m
speaker-lmn6t 1/1 Running 0 13m
speaker-mtkvd 1/1 Running 0 13m
speaker-nvbvl 1/1 Running 0 13m
[root@master01 manifests]# kubectl -n devops get deploy
NAME READY UP-TO-DATE AVAILABLE AGE
controller 1/1 1 1 14m
[root@master01 manifests]# kubectl -n devops get ds
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
speaker 5 5 5 5 5 kubernetes.io/os=linux 15m
1.3.3 配置 Layer2 模式¶
复制模板文件进行修改
[root@master01 ~]# cd /root/4/metallb-0.13.12/configsamples
[root@master01 configsamples]# cp deployment_l2.yaml l2.yaml
[root@master01 configsamples]# vim l2.yaml
#修改ns为devops
#修改地址池地址为10.0.0.10-10.0.0.14,说明这个地址范围必须和宿主机在同一网段
#修改nginx镜像地址为registry.cn-hangzhou.aliyuncs.com/zq-demo/nginx:1.21.6
修改后的内容
[root@master01 ~]# cd /root/6/metallb-0.13.12/configsamples
[root@master01 configsamples]# vim l2.yaml
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: example
namespace: devops
spec:
addresses:
- 10.0.0.10-10.0.0.14
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: empty
namespace: devops
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: registry.cn-hangzhou.aliyuncs.com/zq-demo/nginx:1.21.6
ports:
- name: http
containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
type: LoadBalancer
创建测试后端应用和服务
[root@master01 ~]# cd /root/4/metallb-0.13.12/configsamples
[root@master01 configsamples]# kaf l2.yaml
查看service分配的EXTERNAL-IP
[root@master01 configsamples]# kg svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 192.168.0.1 <none> 443/TCP 186d
nginx LoadBalancer 192.168.115.168 10.0.0.10 80:30700/TCP 19s
从集群外访问该IP地址10.0.0.10
