This message was deleted.
# rke2a
adamant-kite-43734
06/17/2023, 6:49 AMThis message was deleted.
a
abundant-plastic-29088
06/17/2023, 6:50 AM Copy code
apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
kind: NetworkPolicy
metadata:
creationTimestamp: '2023-06-15T20:26:47Z'
generation: 5
managedFields:
- apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
fieldsType: FieldsV1
fieldsV1:
f:spec:
f:ingress: {}
f:policyTypes: {}
manager: agent
operation: Update
time: '2023-06-15T21:52:00Z'
name: test
namespace: default
resourceVersion: '1056223'
uid: 720a6828-aad9-46b6-9296-6bef9924e2f4
spec:
ingress:
- from:
- ipBlock:
cidr: 0.0.0.0/0
ports:
- port: 80
protocol: TCP
podSelector: {}
policyTypes:
- Ingress
status: {}abundant-plastic-29088
06/17/2023, 6:51 AMI tried to add a network policy but that did not solve the issue
abundant-plastic-29088
06/17/2023, 6:52 AMI tried with both calico and cilium
c
creamy-pencil-82913
06/17/2023, 7:18 AMyou said you’re seeing an arp request, but didn’t mention if there’s a response? If there’s no response, then something might be wrong with the metallb configuration. Do you see a response coming from the metallb speaker pods?
a
abundant-plastic-29088
06/17/2023, 7:21 AMHi, not sure but I don't see any response from speakers
abundant-plastic-29088
06/17/2023, 7:25 AMI think I got it
abundant-plastic-29088
06/17/2023, 7:25 AMI created an L2advertissement and it worked
abundant-plastic-29088
06/17/2023, 7:28 AMbut why it work out of box with k3s with metallb but not rke2
abundant-plastic-29088
06/17/2023, 7:28 AMis it due to ip was assigned by metallb in k3s while klipper did the advertissment ?
c
creamy-pencil-82913
06/17/2023, 7:43 AMhard to say. you really shouldn’t use metallb and servicelb side by side, you generally only want one loadbalancer controller active in a cluster unless you’re careful about it.
a
abundant-plastic-29088
06/17/2023, 7:44 AMI'm pretty new to kube 😅
abundant-plastic-29088
06/17/2023, 7:45 AMfrom what I understood service of type loadbalancer is to get an external ip from loadbalancer
c
creamy-pencil-82913
06/17/2023, 8:27 AMyes, but metallb and servicelb are both loadbalancers
creamy-pencil-82913
06/17/2023, 8:28 AMit doesn’t have to be external; both of the ones you’re working with here are not external
a
abundant-plastic-29088
06/17/2023, 8:30 AMI don't get it 😅
abundant-plastic-29088
06/17/2023, 8:30 AMwithout metal lb how could I access to service of type load balancer from outside the cluster
abundant-plastic-29088
06/17/2023, 8:33 AM Copy code
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: whoami-daemonset
spec:
selector:
matchLabels:
app: whoami
template:
metadata:
labels:
app: whoami
spec:
containers:
- name: whoami
image: traefik/whoami
---
apiVersion: v1
kind: Service
metadata:
name: whoami
spec:
selector:
app: whoami
ports:
- protocol: TCP
port: 80
targetPort: 80
type: LoadBalancerabundant-plastic-29088
06/17/2023, 8:33 AMas example ?
c
creamy-pencil-82913
06/17/2023, 8:37 AMYou mentioned that you were previously using k3s, which comes with servicelb, If you didn’t disable that when deploying metallb, then you had two loadbalancer controllers running, which can cause problems.
a
abundant-plastic-29088
06/17/2023, 8:37 AMah ok
c
creamy-pencil-82913
06/17/2023, 8:38 AMOn RKE2. you need to either manually enable servicelb, or deploy something else like metallb. It doesn’t have a loadbalancer controller by default
a
abundant-plastic-29088
06/17/2023, 8:39 AMin fact I had no issue with 2 lb in k3s (but not optimal) while with only metallb on rke2 I have (solved since ~1 hour)
abundant-plastic-29088
06/17/2023, 8:40 AMthanks for the extra advice 🙂
11 Views