Libiticum.nl

kubernetes, networking

Metallb and ingress-nginx

sander

Goal: Have one of my LAN IP assigned to my ingress-nginx controller. In this way i can expose pods by using url on an ip of choice without the requirement of using NodePorts or external loadbalancers like HAproxy.

Install metallb either by helm chart of by manifest: https://metallb.universe.tf/installation/. Please make sure when you define one ip to do it in cidr format: 10.10.10.10/32

Get the nodeport manifest file for ingress-nginx from here: https://kubernetes.github.io/ingress-nginx/deploy/#bare-metal. In that manifest file go to the service named: ingress-nginx-controller and change type to LoadBalancer

kubectl -n ingress-nginx get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ingress-nginx-controller LoadBalancer 10.111.124.66 10.10.10.10 80:32267/TCP,443:31997/TCP 22m
ingress-nginx-controller-admission ClusterIP 10.110.79.196 443/TCP 22m

Below are the commands:

curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
helm repo add metallb https://metallb.github.io/metallb
helm install metallb metallb/metallb

Create a values.yaml file with the following content: 
configInline:
  address-pools:
   - name: default
     protocol: layer2
     addresses:
     - your ip address

helm install metallb metallb/metallb -f values.yaml

wget https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.48.1/deploy/static/provider/baremetal/deploy.yaml

Edit the service named: ingress-nginx-controller

You ll endup with a service definition like this: 


# Source: ingress-nginx/templates/controller-service.yaml
apiVersion: v1
kind: Service
metadata:
  annotations:
  labels:
    helm.sh/chart: ingress-nginx-3.23.0
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/version: 0.44.0
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/component: controller
  name: ingress-nginx-controller
  namespace: ingress-nginx
spec:
  type: LoadBalancer <----------------------- THIS IS THE VOODOO
  externalTrafficPolicy: Local
  ports:
    - name: http
      port: 80
      protocol: TCP
      targetPort: http
    - name: https
      port: 443
      protocol: TCP
      targetPort: https
  selector:
    app.kubernetes.io/name: ingress-nginx
    app.kubernetes.io/instance: ingress-nginx
    app.kubernetes.io/component: controller
Back to top