MetalLB 为内网裸机(Bare Metal)集群补齐了缺失的 云能力
metallb#
核心概括:
- 自动化派发 IP(Address Allocation): 它就像集群内部的 DHCP 服务器。当你创建一个 type: LoadBalancer 的服务时,MetalLB 会从你预设的本地内网地址池中自动分配一个可用的 IP 给该服务。
- 对外宣告(External Announcement): 分配好 IP 后,MetalLB 需要让局域网内的其他设备(如交换机或其他服务器)知道:这个 IP 现在由我的某个 K8s 节点承载。它通常通过 ARP (Layer 2 模式) 或 BGP (三层路由模式) 协议来广播这一信息,从而实现流量的精准引导。
部署安装#
- 安装
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.15.3/config/manifests/metallb-native.yaml
- 验证
root@kubernetes01:~/metallb# kubectl get pods -n metallb-system
NAME READY STATUS RESTARTS AGE
controller-9c6cff498-bg8fz 1/1 Running 0 14h
speaker-5v59w 1/1 Running 0 14h
speaker-92fdj 1/1 Running 0 14h
speaker-mw7jk 1/1 Running 0 14h
speaker-mzm6j 1/1 Running 0 14h
speaker-nbvwc 1/1 Running 0 14h
speaker-qtpgk 1/1 Running 0 14h
配置地址#
- 创建 metallb-config.yaml
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: istio-pool
namespace: metallb-system
spec:
addresses:
- 10.64.69.151-10.64.69.200
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: istio-advert
namespace: metallb-system
spec:
ipAddressPools:
- istio-pool
运行: kubectl apply -f metallb-config.yaml
- 验证服务
#
root@kubernetes01:~/metallb# kubectl get ipaddresspools.metallb.io -n metallb-system
NAME AUTO ASSIGN AVOID BUGGY IPS ADDRESSES
istio-pool true false ["10.64.69.151-10.64.69.200"]
#
root@kubernetes01:~/metallb# kubectl get l2advertisements.metallb.io -n metallb-system
NAME IPADDRESSPOOLS IPADDRESSPOOL SELECTORS INTERFACES
istio-advert ["istio-pool"]
- 检查 EXTERNAL-IP
root@kubernetes01:~/metallb# kubectl get svc -n istio-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
istio-ingressgateway LoadBalancer 10.97.215.9 10.64.69.151 15021:31696/TCP,80:32060/TCP,443:31509/TCP 14h
istiod ClusterIP 10.101.77.37 <none> 15010/TCP,15012/TCP,443/TCP,15014/TCP 14h
knative-local-gateway ClusterIP 10.98.2.124 <none> 80/TCP,443/TCP 14h
结语#
参考:
