Available with limitations in: SE, SE+, CSE Lite (1.67)
Available without limitations in: EE
The module lifecycle stage: General Availability
The module has 7 alerts.
The module is not enabled by default in any bundles.
How to explicitly enable the module…
You may explicitly enable or disable the module in one of the following ways:
-
Via Deckhouse web UI. In the “System” → “System Management” → “Deckhouse” → “Modules” section, open the
metallbmodule and enable (or disable) the “Module enabled” toggle. Save changes.Example:
-
Via Deckhouse CLI (d8).
Use the d8 system module enable command for enabling, or d8 system module disable command for disabling the module (you need Deckhouse CLI (d8), configured to work with the cluster).
Example of enabling the module:
d8 system module enable metallb -
Using ModuleConfig
metallb.Set
spec.enabledtotrueorfalsein ModuleConfigmetallb(create it if necessary);Example of a manifest to enable module
metallb:apiVersion: deckhouse.io/v1alpha1 kind: ModuleConfig metadata: name: metallb spec: enabled: true
You can configure the module in one of the following ways:
-
Via Deckhouse web UI.
In the “System” → “System Management” → “Deckhouse” → “Modules” section, open the
metallbmodule and enable the “Advanced Settings” switch. Fill in the required fields in the “Configuration” tab or specify the module settings in YAML format on the “YAML” tab, excluding the settings section. Save the changes.Example:
You can also edit the ModuleConfig object
metallbon the “YAML” tab in the module settings window (“System” → “System Management” → “Deckhouse” → “Modules”, open the modulemetallb) by specifying the schema version in thespec.versionparameter and the necessary module parameters in thespec.settingssection. -
Via Deckhouse CLI (d8) (requires Deckhouse CLI (d8) configured to work with the cluster).
Edit the existing ModuleConfig
metallb(for more details on configuring Deckhouse, see the documentation) by executing the following command:d8 k edit mc metallbMake the necessary changes in the
spec.settingssection. If necessary, specify the schema version in thespec.versionparameter. Save the changes.You can also create a file with manifest for ModuleConfig
metallbusing the example below. Fill in thespec.settingssection with the required module parameters. If necessary, specify the schema version in thespec.versionparameter.Apply the manifest using the following command (indicate the manifest file name):
d8 k apply -f <FILENAME>Example of a manifest for ModuleConfig
metallb:apiVersion: deckhouse.io/v1alpha1 kind: ModuleConfig metadata: name: metallb spec: version: 2 enabled: true settings: # Module parameters from the "Parameters" section below.
Conversions
The module is configured using the ModuleConfig resource, the schema of which contains a version number. When you apply an old version of the ModuleConfig schema in a cluster, automatic transformations are performed. To manually update the ModuleConfig schema version, the following steps must be completed sequentially for each version :
- Updates from version 1 to 2:
Remove all
addressPoolelements with thelayer2protocol.
Parameters
Schema version: 2
Example:
bgpPeers:
- peer-address: 192.168.1.1
peer-asn: 1111
my-asn: 2222
source-address: 192.168.1.2
hold-time: 10s
node-selector:
matchLabels:
node: test
addressPools:
- name: my-pool-bgp
protocol: bgp
addresses:
- 192.168.100.1-192.168.100.10
- 192.168.101.0/24
bgp-advertisements:
- aggregation-length: 32
localpref: 100
communities:
- no-advertise
bgpCommunities:
no-advertise: 65535:65282
speaker:
nodeSelector:
mylabel: speaker
- objectsettings
- array of objectssettings.addressPools
Required value
A list of IP ranges to assign to services.
Format — a data array similar to that of MetalLB’s.
Default:
[]- array of stringssettings.addressPools.addresses
Required value
A list of ranges, where each range can look like a subnet/mask or a numeric address range (with “-“ as a delimiter).
- booleansettings.addressPools.auto-assign
Auto-assign flag used to prevent metallb from automatic allocation for a pool.
Default:
true - booleansettings.addressPools.avoid-buggy-ips
Prevents addresses ending with
.0and.255to be used by a pool.Default:
false - array of objectssettings.addressPools.bgp-advertisements
Defines BGP advertisements.
- integersettings.addressPools.bgp-advertisements.aggregation-length
The aggregation-length advertisement option lets you “roll up” prefix into a larger one.
Works for IPv4 addresses.
Default:
32Allowed values:
1 <= X - array of stringssettings.addressPools.bgp-advertisements.communities
Keys from the bgpCommunities parameter to be associated with the announcement.
Example:
communities: - no-advertise - integersettings.addressPools.bgp-advertisements.localpref
The
BGP LOCAL_PREFattribute which is used by BGP best path algorithm.Path with higher localpref is preferred over one with lower localpref.
- stringsettings.addressPools.name
Required value
The name of the pool. It should conform to RFC 1123: dot-separated parts in lowercase, consists of alphanumeric characters, ‘-‘. Each part must start and end with an alphanumeric character.
Pattern:
^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - stringsettings.addressPools.protocol
Required value
The protocol used by the speaker to announce services.
Allowed values:
bgp,layer2
- objectsettings.bgpCommunities
Available in editions: EE
The BGP communities list.
Example:
bgpCommunities: no-advertise: 65535:65282 - array of objectssettings.bgpPeers
Available in editions: EE
A list of external BGP routers to use with the module.
Format — a data array similar to that of MetalLB’s.
Default:
[]- integer or stringsettings.bgpPeers.hold-time
The timeout after which the neighboring BGP peer is considered dead. This value is divided by three to get the keep-alive interval.
The recommended value is
3s(i.e., keep-alive packets are sent once per second). Note that the BGP protocol does not support values lower than this. By default, the parameter is set to90s(i.e., keep-alive packets are sent every 30 seconds).Pattern:
^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$ - integersettings.bgpPeers.my-asn
Required value
The AS number in the cluster.
Allowed values:
0 <= X <= 4294967295 - objectsettings.bgpPeers.node-selector
The additional pseudo-selector implemented by the speaker application. It selects nodes that are allowed to connect to external BGP routers. Do not confuse it with
speaker.nodeSelectorandnodeSelector.An optional parameter.
The format is
matchLabelsormatchExpressions.- array of objectssettings.bgpPeers.node-selector.matchExpressions
- stringsettings.bgpPeers.node-selector.matchExpressions.key
- stringsettings.bgpPeers.node-selector.matchExpressions.operator
- array of stringssettings.bgpPeers.node-selector.matchExpressions.values
- objectsettings.bgpPeers.node-selector.matchLabels
- stringsettings.bgpPeers.password
Authentication password for BGP-routers enforcing TCP MD5 authenticated sessions.
- stringsettings.bgpPeers.peer-address
Required value
The IP address of the external BGP router.
Pattern:
^([0-9]{1,3}\.){3}[0-9]{1,3}$ - integersettings.bgpPeers.peer-asn
Required value
The AS number on the external BGP router.
Allowed values:
0 <= X <= 4294967295 - integersettings.bgpPeers.peer-port
Port to dial when establishing the session.
Default:
179Allowed values:
0 <= X <= 16384 - stringsettings.bgpPeers.router-id
BGP router ID to advertise to the peer.
- stringsettings.bgpPeers.source-address
The source IP address for outbound connections.
Pattern:
^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$
- stringsettings.loadBalancerClass
An optional field describing the LoadBalancer class. The LoadBalancerClass field should be used in L2 LoadBalancer mode to specify the MetalLoadBalancerClass that defines the balancer parameters for the Service.
- objectsettings.nodeSelector
A selector for the main controller. It is the same as the Pod’s
spec.nodeSelectorparameter in Kubernetes.If the parameter is omitted or
false, it will be determined automatically. - objectsettings.speaker
Settings for the
speakercomponent that implements the LoadBalancer’s IPs publishing protocol for external infrastructure.- objectsettings.speaker.nodeSelector
Required value
A selector for the speaker DaemonSet. It is the same as the Pod’s
spec.nodeSelectorparameter in Kubernetes.If the parameter is omitted or
false, it will be determined automatically. - array of objectssettings.speaker.tolerations
Tolerations for the speaker DaemonSet. They are the same as the Pod’s
spec.tolerationsparameter in Kubernetes.If the parameter is omitted or
false, it will be determined automatically.- stringsettings.speaker.tolerations.effect
- stringsettings.speaker.tolerations.key
- stringsettings.speaker.tolerations.operator
- integersettings.speaker.tolerations.tolerationSeconds
- stringsettings.speaker.tolerations.value
- array of objectssettings.tolerations
Tolerations for the main controller. They are the same as the Pod’s
spec.tolerationsparameter in Kubernetes.If the parameter is omitted or
false, it will be determined automatically.- stringsettings.tolerations.effect
- stringsettings.tolerations.key
- stringsettings.tolerations.operator
- integersettings.tolerations.tolerationSeconds
- stringsettings.tolerations.value