home.social

#metallb — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #metallb, aggregated by home.social.

  1. Балансировка входящего трафика на железе: как надёжно вывести K8s наружу с MetalLB, BGP и L2 (подход от Deckhouse)

    На bare metal внешний доступ к Kubernetes часто становится головной болью: NodePort с рандомными нестандартными портами не для продакшена, а облачного балансировщика нет. MetalLB превращает обычные узлы кластера в полноценный балансировщик с автоматическим failover. Разбираем режимы BGP и L2, а ещё показываем фишку Deckhouse Kubernetes Platform, которая спасает активные соединения при падении узла.

    habr.com/ru/companies/flant/ar

    #nodeport #kubernetes #bgp #metallb #deckhouse_kubernetes_platform #baremetal #балансировка_нагрузки #l2 #nlb #loadbalancer

  2. Балансировка входящего трафика на железе: как надёжно вывести K8s наружу с MetalLB, BGP и L2 (подход от Deckhouse)

    На bare metal внешний доступ к Kubernetes часто становится головной болью: NodePort с рандомными нестандартными портами не для продакшена, а облачного балансировщика нет. MetalLB превращает обычные узлы кластера в полноценный балансировщик с автоматическим failover. Разбираем режимы BGP и L2, а ещё показываем фишку Deckhouse Kubernetes Platform, которая спасает активные соединения при падении узла.

    habr.com/ru/companies/flant/ar

    #nodeport #kubernetes #bgp #metallb #deckhouse_kubernetes_platform #baremetal #балансировка_нагрузки #l2 #nlb #loadbalancer

  3. Балансировка входящего трафика на железе: как надёжно вывести K8s наружу с MetalLB, BGP и L2 (подход от Deckhouse)

    На bare metal внешний доступ к Kubernetes часто становится головной болью: NodePort с рандомными нестандартными портами не для продакшена, а облачного балансировщика нет. MetalLB превращает обычные узлы кластера в полноценный балансировщик с автоматическим failover. Разбираем режимы BGP и L2, а ещё показываем фишку Deckhouse Kubernetes Platform, которая спасает активные соединения при падении узла.

    habr.com/ru/companies/flant/ar

    #nodeport #kubernetes #bgp #metallb #deckhouse_kubernetes_platform #baremetal #балансировка_нагрузки #l2 #nlb #loadbalancer

  4. Балансировка входящего трафика на железе: как надёжно вывести K8s наружу с MetalLB, BGP и L2 (подход от Deckhouse)

    На bare metal внешний доступ к Kubernetes часто становится головной болью: NodePort с рандомными нестандартными портами не для продакшена, а облачного балансировщика нет. MetalLB превращает обычные узлы кластера в полноценный балансировщик с автоматическим failover. Разбираем режимы BGP и L2, а ещё показываем фишку Deckhouse Kubernetes Platform, которая спасает активные соединения при падении узла.

    habr.com/ru/companies/flant/ar

    #nodeport #kubernetes #bgp #metallb #deckhouse_kubernetes_platform #baremetal #балансировка_нагрузки #l2 #nlb #loadbalancer

  5. I've been working on the infrastructure for Launchpad023. Everything declaratively configured because servers should be cattle not pets.

    I've put it up on Codeberg if anyone wants to take a look.
    codeberg.org/launchpad023/laun

    @launchpad023

    #kluctl #kustomize #metallb #talosLinux #selfhosting #kubernetes #envoy_gateway #externalsecrets #stalwart #JMAIL #haarlem

  6. I've been working on the infrastructure for Launchpad023. Everything declaratively configured because servers should be cattle not pets.

    I've put it up on Codeberg if anyone wants to take a look.
    codeberg.org/launchpad023/laun

    @launchpad023

    #kluctl #kustomize #metallb #talosLinux #selfhosting #kubernetes #envoy_gateway #externalsecrets #stalwart #JMAIL #haarlem

  7. I've been working on the infrastructure for Launchpad023. Everything declaratively configured because servers should be cattle not pets.

    I've put it up on Codeberg if anyone wants to take a look.
    codeberg.org/launchpad023/laun

    @launchpad023

    #kluctl #kustomize #metallb #talosLinux #selfhosting #kubernetes #envoy_gateway #externalsecrets #stalwart #JMAIL #haarlem

  8. I've been working on the infrastructure for Launchpad023. Everything declaratively configured because servers should be cattle not pets.

    I've put it up on Codeberg if anyone wants to take a look.
    codeberg.org/launchpad023/laun

    @launchpad023

    #kluctl #kustomize #metallb #talosLinux #selfhosting #kubernetes #envoy_gateway #externalsecrets #stalwart #JMAIL #haarlem

  9. I've been working on the infrastructure for Launchpad023. Everything declaratively configured because servers should be cattle not pets.

    I've put it up on Codeberg if anyone wants to take a look.
    codeberg.org/launchpad023/laun

    @launchpad023

    #kluctl #kustomize #metallb #talosLinux #selfhosting #kubernetes #envoy_gateway #externalsecrets #stalwart #JMAIL #haarlem

  10. So edge nginx > proxy_pass > tunnel > routed into the compute network. proxy_pass and any other method im aware of needs an IP target, which means using #metalLb or something else that implements LoadBalancer and manages IPAM.

    MetalLb last time I used it was actually v nice and worked well by giving it an ip range to work with.

    Keeping the nginx config in sync with the services can probably be mostly set and forget but that feels like dumpster fire kindling

    2/2

    #homelab

  11. Катастрофоустойчивый Kubernetes: как использовать балансировщик MetalLB с BGP-anycast

    Клиенты часто спрашивают, как построить геораспределенный и катастрофоустойчивый

    habr.com/ru/companies/selectel

    #k8s #metallb #anycast #frrouting #selectel

  12. Катастрофоустойчивый Kubernetes: как использовать балансировщик MetalLB с BGP-anycast

    Клиенты часто спрашивают, как построить геораспределенный и катастрофоустойчивый

    habr.com/ru/companies/selectel

    #k8s #metallb #anycast #frrouting #selectel

  13. Катастрофоустойчивый Kubernetes: как использовать балансировщик MetalLB с BGP-anycast

    Клиенты часто спрашивают, как построить геораспределенный и катастрофоустойчивый

    habr.com/ru/companies/selectel

    #k8s #metallb #anycast #frrouting #selectel

  14. Катастрофоустойчивый Kubernetes: как использовать балансировщик MetalLB с BGP-anycast

    Клиенты часто спрашивают, как построить геораспределенный и катастрофоустойчивый

    habr.com/ru/companies/selectel

    #k8s #metallb #anycast #frrouting #selectel

  15. Had an incredible session with #ClaudeCode yesterday debugging why my #homelab #k8s ingress was having trouble after every restart.
    It went through my #argo/#helm config, used cli tools like arp etc, ran #netshoot on specific nodes etc to finally diagnose it as an #metallb stale arp cache problem.

    Just watching it go through the diagnostics was sometimes so educative!
    Using claude code (or any llm client agent for that matter) for infra troubleshooting is underrated!

  16. Had an incredible session with #ClaudeCode yesterday debugging why my #homelab #k8s ingress was having trouble after every restart.
    It went through my #argo/#helm config, used cli tools like arp etc, ran #netshoot on specific nodes etc to finally diagnose it as an #metallb stale arp cache problem.

    Just watching it go through the diagnostics was sometimes so educative!
    Using claude code (or any llm client agent for that matter) for infra troubleshooting is underrated!

  17. Had an incredible session with #ClaudeCode yesterday debugging why my #homelab #k8s ingress was having trouble after every restart.
    It went through my #argo/#helm config, used cli tools like arp etc, ran #netshoot on specific nodes etc to finally diagnose it as an #metallb stale arp cache problem.

    Just watching it go through the diagnostics was sometimes so educative!
    Using claude code (or any llm client agent for that matter) for infra troubleshooting is underrated!

  18. Had an incredible session with #ClaudeCode yesterday debugging why my #homelab #k8s ingress was having trouble after every restart.
    It went through my #argo/#helm config, used cli tools like arp etc, ran #netshoot on specific nodes etc to finally diagnose it as an #metallb stale arp cache problem.

    Just watching it go through the diagnostics was sometimes so educative!
    Using claude code (or any llm client agent for that matter) for infra troubleshooting is underrated!

  19. Had an incredible session with #ClaudeCode yesterday debugging why my #homelab #k8s ingress was having trouble after every restart.
    It went through my #argo/#helm config, used cli tools like arp etc, ran #netshoot on specific nodes etc to finally diagnose it as an #metallb stale arp cache problem.

    Just watching it go through the diagnostics was sometimes so educative!
    Using claude code (or any llm client agent for that matter) for infra troubleshooting is underrated!

  20. Updated #Orked, my collection of scripts to help set up a production-ready #RKE2 #Kubernetes cluster in your #homelab. This update brings general improvements to the scripts, improved documentation, #HAProxy load balancer support for load balancing multiple Master nodes, and upgraded all components including RKE2, #Longhorn, #Nginx Ingress, #Cert-manager, #MetalLB, #Rancher, etc. to their latest versions.

    I still hope someday to support more Kubernetes
    distributions like #k3s, but haven't gotten around to it. I've also been planning to support more #Linux distros as the base too, instead of only #RockyLinux/#RHEL, but that'll have to wait as well for now. Regardless, I am quite happy with how mature and stable these scripts have turned out to be. If you'd like to set up a cluster of your own, maybe check it out!

    🔗 https://github.com/irfanhakim-as/orked

    🔗 https://github.com/irfanhakim-as/orked/pull/41

  21. Updated #Orked, my collection of scripts to help set up a production-ready #RKE2 #Kubernetes cluster in your #homelab. This update brings general improvements to the scripts, improved documentation, #HAProxy load balancer support for load balancing multiple Master nodes, and upgraded all components including RKE2, #Longhorn, #Nginx Ingress, #Cert-manager, #MetalLB, #Rancher, etc. to their latest versions.

    I still hope someday to support more Kubernetes
    distributions like #k3s, but haven't gotten around to it. I've also been planning to support more #Linux distros as the base too, instead of only #RockyLinux/#RHEL, but that'll have to wait as well for now. Regardless, I am quite happy with how mature and stable these scripts have turned out to be. If you'd like to set up a cluster of your own, maybe check it out!

    🔗 https://github.com/irfanhakim-as/orked

    🔗 https://github.com/irfanhakim-as/orked/pull/41

  22. Updated #Orked, my collection of scripts to help set up a production-ready #RKE2 #Kubernetes cluster in your #homelab. This update brings general improvements to the scripts, improved documentation, #HAProxy load balancer support for load balancing multiple Master nodes, and upgraded all components including RKE2, #Longhorn, #Nginx Ingress, #Cert-manager, #MetalLB, #Rancher, etc. to their latest versions.

    I still hope someday to support more Kubernetes
    distributions like #k3s, but haven't gotten around to it. I've also been planning to support more #Linux distros as the base too, instead of only #RockyLinux/#RHEL, but that'll have to wait as well for now. Regardless, I am quite happy with how mature and stable these scripts have turned out to be. If you'd like to set up a cluster of your own, maybe check it out!

    🔗 https://github.com/irfanhakim-as/orked

    🔗 https://github.com/irfanhakim-as/orked/pull/41

  23. Updated #Orked, my collection of scripts to help set up a production-ready #RKE2 #Kubernetes cluster in your #homelab. This update brings general improvements to the scripts, improved documentation, #HAProxy load balancer support for load balancing multiple Master nodes, and upgraded all components including RKE2, #Longhorn, #Nginx Ingress, #Cert-manager, #MetalLB, #Rancher, etc. to their latest versions.

    I still hope someday to support more Kubernetes
    distributions like #k3s, but haven't gotten around to it. I've also been planning to support more #Linux distros as the base too, instead of only #RockyLinux/#RHEL, but that'll have to wait as well for now. Regardless, I am quite happy with how mature and stable these scripts have turned out to be. If you'd like to set up a cluster of your own, maybe check it out!

    🔗 https://github.com/irfanhakim-as/orked

    🔗 https://github.com/irfanhakim-as/orked/pull/41

  24. Updated #Orked, my collection of scripts to help set up a production-ready #RKE2 #Kubernetes cluster in your #homelab. This update brings general improvements to the scripts, improved documentation, #HAProxy load balancer support for load balancing multiple Master nodes, and upgraded all components including RKE2, #Longhorn, #Nginx Ingress, #Cert-manager, #MetalLB, #Rancher, etc. to their latest versions.

    I still hope someday to support more Kubernetes
    distributions like #k3s, but haven't gotten around to it. I've also been planning to support more #Linux distros as the base too, instead of only #RockyLinux/#RHEL, but that'll have to wait as well for now. Regardless, I am quite happy with how mature and stable these scripts have turned out to be. If you'd like to set up a cluster of your own, maybe check it out!

    🔗 https://github.com/irfanhakim-as/orked

    🔗 https://github.com/irfanhakim-as/orked/pull/41

  25. TIL #Mikrotik won't ECMP iBGP learned routes. So using layer-3 BGP mode on #MetalLB has no advantage over layer-2 ARP-based mode. #homelab

  26. Kubernetes: шестимесячный марафон по прокачке dBrain.cloud

    За последние полгода наши инженеры проделали значительную работу по развитию и оптимизации платформы dBrain.cloud , ключевым инструментом которой является Kubernetes. В этой статье мы подробно расскажем об изменениях, произошедших в инфраструктуре, о внедрении новых функций и фишках, которые, мы надеемся, будут интересны DevOps-сообществу.

    habr.com/ru/companies/dbraincl

    #gpu #slicing #s3 #cilium #metallb #ipam #cgroup_v2 #kubernetes #dbrain #devops

  27. Kubernetes: шестимесячный марафон по прокачке dBrain.cloud

    За последние полгода наши инженеры проделали значительную работу по развитию и оптимизации платформы dBrain.cloud , ключевым инструментом которой является Kubernetes. В этой статье мы подробно расскажем об изменениях, произошедших в инфраструктуре, о внедрении новых функций и фишках, которые, мы надеемся, будут интересны DevOps-сообществу.

    habr.com/ru/companies/dbraincl

    #gpu #slicing #s3 #cilium #metallb #ipam #cgroup_v2 #kubernetes #dbrain #devops

  28. Kubernetes: шестимесячный марафон по прокачке dBrain.cloud

    За последние полгода наши инженеры проделали значительную работу по развитию и оптимизации платформы dBrain.cloud , ключевым инструментом которой является Kubernetes. В этой статье мы подробно расскажем об изменениях, произошедших в инфраструктуре, о внедрении новых функций и фишках, которые, мы надеемся, будут интересны DevOps-сообществу.

    habr.com/ru/companies/dbraincl

    #gpu #slicing #s3 #cilium #metallb #ipam #cgroup_v2 #kubernetes #dbrain #devops

  29. Kubernetes: шестимесячный марафон по прокачке dBrain.cloud

    За последние полгода наши инженеры проделали значительную работу по развитию и оптимизации платформы dBrain.cloud , ключевым инструментом которой является Kubernetes. В этой статье мы подробно расскажем об изменениях, произошедших в инфраструктуре, о внедрении новых функций и фишках, которые, мы надеемся, будут интересны DevOps-сообществу.

    habr.com/ru/companies/dbraincl

    #gpu #slicing #s3 #cilium #metallb #ipam #cgroup_v2 #kubernetes #dbrain #devops

  30. #TIL that #metallb service announcement via #BGP4 not only is not recommend when using #calico in bgp mesh mode (which is default) but just plain does not work. If I had read the docs properly I would have known that. So for anyone building their own #kubernetes cluster: you HAVE TO configure callico to handle the routing, otherwise the routes to your nodes will show up in your external router, but your cluster will not receive any routes from the nodes to rest of your network. #homelab #k8s

  31. Well that was an interesting one to debug... My blocky DNS service was down after a cluster restart

    A given #metallb speaker won’t advertise the service if:
    - the service has externalTrafficPolicy=local and there are no running endpoints on the speaker’s node

    To use externalTrafficPolicy=local, the tolerations on metallb pods must match the tolerations on the destination pods

    For once it wasn't DNS!

    metallb.universe.tf/troublesho

    #homelab

  32. @arichtman yeah using overlay at scale does work it just requires a lot of planning and design. Ideally with some network engineers. My last experience was contrail, years ago, and it was not great.

    I’ve used flannel and cilium for one-off personal things without issue. In fact #metallb worked really really well for me with #k3s in the past as well.

  33. #Talos #kubernetes single node cluster up and running with #Calico, #MetalLB, #Traefik and a test #whoami deployment

    In no way scientific but it feels much more responsive that #microk8s

    Next step to rebuild a clean node and then migrate some services

  34. #Talos #kubernetes single node cluster up and running with #Calico, #MetalLB, #Traefik and a test #whoami deployment

    In no way scientific but it feels much more responsive that #microk8s

    Next step to rebuild a clean node and then migrate some services

  35. #Talos #kubernetes single node cluster up and running with #Calico, #MetalLB, #Traefik and a test #whoami deployment

    In no way scientific but it feels much more responsive that #microk8s

    Next step to rebuild a clean node and then migrate some services

  36. #Talos #kubernetes single node cluster up and running with #Calico, #MetalLB, #Traefik and a test #whoami deployment

    In no way scientific but it feels much more responsive that #microk8s

    Next step to rebuild a clean node and then migrate some services

  37. #Talos #kubernetes single node cluster up and running with #Calico, #MetalLB, #Traefik and a test #whoami deployment

    In no way scientific but it feels much more responsive that #microk8s

    Next step to rebuild a clean node and then migrate some services

  38. Note to self: When converting a Kubernetes cluster with Cilium as CNI to replace MetalLB with Cilium's new L2 announcements, you need to tweak some settings in your Cilium installation. Especially enabling Cilium to act as a kube-proxy replacement (if you are not already doing so) and enabling the l2 announcements. Which means kube-proxy needs to be disabled in k3s.

    In other words: k3s on my Raspi4 is now providing a loadbalancer to blocky using Cilium's L2 announcements...

    #kubernetes #k3s #cilium #homelab #metalLB #loadbalancer #dns #blocky #hellyeah

  39. Those who've been reading my toots, might have picked up on the fact that I'm building a #kubernetes cluster from scratch (yes, I like pain). After figuring out #cri_o #calico #certmanager #metallb #traefik and #cloudnativepg I finally deployed my first actual application: #nextcloud ! Wueeh! Extremely stocked! Now I need to figure out how I rope in my ZFS box for persistence, and then I'm ready for a deployment in testing! #k8s #selfhosting

  40. Those who've been reading my toots, might have picked up on the fact that I'm building a #kubernetes cluster from scratch (yes, I like pain). After figuring out #cri_o #calico #certmanager #metallb #traefik and #cloudnativepg I finally deployed my first actual application: #nextcloud ! Wueeh! Extremely stocked! Now I need to figure out how I rope in my ZFS box for persistence, and then I'm ready for a deployment in testing! #k8s #selfhosting

  41. Those who've been reading my toots, might have picked up on the fact that I'm building a #kubernetes cluster from scratch (yes, I like pain). After figuring out #cri_o #calico #certmanager #metallb #traefik and #cloudnativepg I finally deployed my first actual application: #nextcloud ! Wueeh! Extremely stocked! Now I need to figure out how I rope in my ZFS box for persistence, and then I'm ready for a deployment in testing! #k8s #selfhosting

  42. Those who've been reading my toots, might have picked up on the fact that I'm building a #kubernetes cluster from scratch (yes, I like pain). After figuring out #cri_o #calico #certmanager #metallb #traefik and #cloudnativepg I finally deployed my first actual application: #nextcloud ! Wueeh! Extremely stocked! Now I need to figure out how I rope in my ZFS box for persistence, and then I'm ready for a deployment in testing! #k8s #selfhosting

  43. Those who've been reading my toots, might have picked up on the fact that I'm building a #kubernetes cluster from scratch (yes, I like pain). After figuring out #cri_o #calico #certmanager #metallb #traefik and #cloudnativepg I finally deployed my first actual application: #nextcloud ! Wueeh! Extremely stocked! Now I need to figure out how I rope in my ZFS box for persistence, and then I'm ready for a deployment in testing! #k8s #selfhosting

  44. @vwbusguy I am curious about what you use as #Kubernetes Stack, especially which load balancer you prefer for Pods that need their unique IP address. We played around with #k3s and #MetalLB, but I would like to know if you prefer other options.

  45. I have this ~weird intermittent issue accessing services on my #k3s box over #tailscale w/ Subnet routing. I'm running #metallb as the Service type: LoadBalancer. But like sometimes things are fine, others not. If I SSH into the server and use SOCKS all works fine. I can access other services via the subnet router fine too.

    Mostly rambling for when I figure out wtf is going on and either fix or replace it.

    Tbh, metallb might be replaced soon with Cilium's L2 Annoucements

  46. Has anyone used #talos #kubernetes with #cilium as #CNI and successfully gotten the IPAM part of cilium working? This basically should do what #metallb does, announce "additional" IPs via L2 or BGP and provide them as loadbalancer IPs inside the cluster.

    I have the machine running, cilium is running, I defined the Cilium IPPool and my #traefik service got an external IP address from the ippool's range. I have ingressroutes ready and DNS set up for the ingressroute hostnames to point to that IP address.

    But I cannot reach anything on that IP, curl tells me that it could not connect to the server...

    Looks like nothing is listening on that IP.

  47. The good news is that my core problem seems to be fixed: powering down the k8s nodes and powering them back up will not break MetalLB. All the pods (eventually) become healthy in their own sequence and pass traffic.

    #homelab #kubernetes #metallb #networking

  48. Found the easy way to fix this sequencing issue since Kubernetes is an orchestration engine after all. By using a priority class for each piece, I can ask Kubernetes to run the controller first followed by the speaker pods.

    That being said, I think the scope for these priorities is on a per-node basis. If other nodes are ready to run the DaemonSet pods, they'll run. I might have accidentally got it working by having the controller start before a speaker node for whichever node is running both of them.

    Scheduling info: kubernetes.io/docs/tasks/admin

    #homelab #kubernetes #metallb #networking