Jump to: navigation, search

StarlingX/Features Around Kubernetes

< StarlingX
Revision as of 15:57, 10 July 2020 by Yatindra.shashi (talk | contribs) (Changes to enable metalLB with Ingress controller)

Additional Functionalities around STX Kubernetes cluster

MetalLB as Network Load balancer with NGINX-Ingress controller

To undestand about MetalLB Network load balancer for Bare metal and NGINX-Ingress controller for service routing, please visit Baremetal LB for NGINX Ingress page to know more about it.

Installing MetalLB Load Balancer

Install MetalLB load balancers as specified in the MetalLB Installation Page. We are considering here the Layer 2 configuration setting of MetalLB as it is simplest and doesnot bout to the network interfaces of the node.It works by responding to ARP requests on your local network directly, to give the machine’s MAC address to clients. Create configmap with IP range of your local NW. If you want to have a separate data network for the MetalLB/Ingress controller than the OAM IP subnet, you can assign that data NW subnet IP address range in configmap and connect one of the NIC to that data subnet. As MetalLB is configured on Layer 2 mode,MetalLB automatically listens/advertises on all interfaces.

Ingress controller in StarlingX

There are two NGINX Ingress controller on STX of which the ingress.class are named differently as “nginx” within openstack namespace and “nginx-cluster” within kube-system namespace.

Changes to enable metalLB with Ingress controller

Modify the Nginx ingress controller of Kube-system namespace as loadbalancer type.

$kubectl edit svc ingress -n kube-system


   type: LoadBalancer

Create ingress resource with your application and ingress.class as "nginx-cluster" in the annotation as below:

 apiVersion: networking.k8s.io/v1beta1

kind: Ingress metadata:

 name: my-ingress-res
 namespace: nginx-test
   kubernetes.io/ingress.class: "nginx-cluster"


 - host: my-nginx-lb.example.com
     - backend:
         serviceName: my-nginx
         servicePort: 80


Do the arping to the Ingress controller service to check if it is replying the arp reqest

 $ arping -I ens3

Can do T=tcpdump as well

$ tcpdump -n -i ens3 arp src host