基本介绍
MetalLB是使用标准路由协议的裸机Kubernetes集群的负载均衡器实现。
Kubernetes没有为裸机集群提供网络负载平衡器的实现(服务类型为LoadBalancer)。Kubernetes附带的Network LB的实现都是调用各种IaaS平台(GCP,AWS,Azure等)的粘合代码。如果您不在支持的IaaS平台(GCP,AWS,Azure等)上运行,则LoadBalancers在创建时将无限期保持“待处理”状态。
裸机集群运营商只剩下两个较小的工具,即“ NodePort”和“ externalIPs”服务,可将用户流量引入其集群。这两个选项在生产用途上都有很大的缺点,这使裸金属集群成为Kubernetes生态系统中的二等公民。
MetalLB旨在通过提供与标准网络设备集成的Network LB实现来解决这种不平衡问题,从而使裸机群集上的外部服务也尽可能“正常运行”。
条件
MetalLB需要以下功能才能运行:
1、一个Kubernetes集群,运行Kubernetes 1.13.0或更高版本,还没有网络负载平衡功能。
2、群集的网络配置可以与MetalLB共存。
3、MetalLB目前只支持IPv4地址。
根据操作模式,您可能需要一个或多个能够说BGP的路由器 。
Metallb基本原理
Metallb 会在 Kubernetes 内运行,监控服务对象的变化,一旦察觉有新的LoadBalancer 服务运行,并且没有可申请的负载均衡器之后,
就会完成两部分的工作: 1.地址分配 用户需要在配置中提供一个地址池,Metallb 将会在其中选取地址分配给服务。 2.地址广播 根据不同配置,Metallb 会以二层(ARP/NDP)或者 BGP 的方式进行地址的广播。
基本原理图
部署
使用helm 进行部署 metallb
helm repo add metallb https://metallb.github.io/metallb
helm install metallb metallb/metallb
编辑配置文件指定地址段
vim values.yaml
configInline:
# The address-pools section lists the IP addresses that MetalLB is
# allowed to allocate, along with settings for how to advertise
# those addresses over BGP once assigned. You can have as many
# address pools as you want.
address-pools:
- # A name for the address pool. Services can request allocation
# from a specific address pool using this name, by listing this
# name under the 'metallb.universe.tf/address-pool' annotation.
name: default
# Protocol can be used to select how the announcement is done.
# Supported values are bgp and layer2.
protocol: layer2
# A list of IP address ranges over which MetalLB has
# authority. You can list multiple ranges in a single pool, they
# will all share the same settings. Each range can be either a
# CIDR prefix, or an explicit start-end range of IPs.
addresses:
- 10.0.32.71-10.0.32.90
helm install metallb metallb/metallb -f values.yaml
service的yaml配置示例
配置自动生成地址
[centos@k8s-master ~]$ vim tutorial-2.yaml
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: nginx
spec:
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx
ports:
- name: http
containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: nginx
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 80
selector:
app: nginx
type: LoadBalancer
配置指定IP地址:
apiVersion: v1
kind: Service
metadata:
name: nginx
annotations:
#metallb.universe.tf/address-pool: production-public-ips #指定地址池
metallb.universe.tf/loadBalancerIPs: 10.0.32.75 #指定IP地址
spec:
ports:
- port: 80
targetPort: 80
selector:
app: nginx
type: LoadBalancer
配置共享IP地址:
apiVersion: v1
kind: Service
metadata:
name: dns-service-tcp
namespace: default
annotations:
metallb.universe.tf/allow-shared-ip: "key-to-share-1.2.3.4"
spec:
type: LoadBalancer
loadBalancerIP: 1.2.3.4
ports:
- name: dnstcp
protocol: TCP
port: 53
targetPort: 53
selector:
app: dns
---
apiVersion: v1
kind: Service
metadata:
name: dns-service-udp
namespace: default
annotations:
metallb.universe.tf/allow-shared-ip: "key-to-share-1.2.3.4"
spec:
type: LoadBalancer
loadBalancerIP: 1.2.3.4
ports:
- name: dnsudp
protocol: UDP
port: 53
targetPort: 53
selector:
app: dns
