Stream of Consciousness

Mark Eschbach's random writings on various topics.

MetalLB, Kubernetes, and node.kubernetes.io/exclude-from-external-load-balancers

Categories: tech

Tags: kubernetes networking bgp metallb

I upgraded MetalLB from 0.12 to 0.14 finally. I hit two issues: (1) PodSecruityPolicies have been removed as apart of the upgrade problem, and (2) BGP routes were not being advertised. PodSecruityPolicies I resolved by using helm uninstall then installing the chart.

(2) BGP routes advertisement was a bigger problem since it involved failing over DNS at home and various (low traffic) websites being knocked offline for about 2 hours. Luckily Family Acceptance Factor is still high due to the failover. I am the only one who used most of the knocked off websites. I cranked up the log levels for both the speaker and controller log levels using [1]:

controller:
  logLevel: 'debug' #[1]
  priorityClassName: "net-critical"
speaker:
  logLevel: 'debug' #[1]
  priorityClassName: "net-critical"
  frr:
    enabled: false

The speakers noted they will not announce the route because they are excluded from external load balancers. After some searching I ventured across node.kubernetes.io/exclude-from-external-load-balancers. Effectively this notes a node should not export load balancers, which was done at some point with kubeadm. Once this was removed from my edge nodes the MetalLB speakers announced the routes.