MetalLB, Kubernetes, and node.kubernetes.io/exclude-from-external-load-balancers
Categories: tech
Tags: kubernetes networking bgp metallb
I upgraded MetalLB from 0.12 to 0.14 finally. I hit two issues: (1) PodSecruityPolicies
have been removed as apart of
the upgrade problem, and (2) BGP routes were not being advertised. PodSecruityPolicies
I resolved by using
helm uninstall
then installing the chart.
(2) BGP routes advertisement was a bigger problem since it involved failing over DNS at home and various (low traffic)
websites being knocked offline for about 2 hours. Luckily Family Acceptance Factor is still high due to the failover.
I am the only one who used most of the knocked off websites. I cranked up the log levels for both the speaker and
controller log levels using [1]
:
controller:
logLevel: 'debug' #[1]
priorityClassName: "net-critical"
speaker:
logLevel: 'debug' #[1]
priorityClassName: "net-critical"
frr:
enabled: false
The speakers noted they will not announce the route because they are excluded from external load balancers. After some
searching I ventured across node.kubernetes.io/exclude-from-external-load-balancers
.
Effectively this notes a node should not export load balancers, which was done at some point with kubeadm
. Once this
was removed from my edge nodes the MetalLB speakers announced the routes.