Skip to content

Instructions for IPPool Use

Cluster default IPPool

If the IPPool is not specified through Annotations: metallb.universe.tf/address-pool or Annotation: metallb.universe.tf/loadBalancerIPs when creating LoadBalancer Service, addresses will be allocated from the existing address pool with autoAssign=true.

Note

The created IPPool must be in the same namespace as MetalLb component, otherwise MetalLb cannot recognize it.

Specify IPPool

When creating LoadBalancer Service, you can specify the IPPool through Annotations: metallb.universe.tf/address-pool:

apiVersion: v1
kind: Service
metadata:
  name: metallb-ippool3
  labels:
    name: metallb-ippool3
  annotations:
    metallb.universe.tf/address-pool: default # default must be in the same namespace as metallb components
spec:
  type: LoadBalancer
  ...

Create LoadBalancer Service, please refer to creating Service.

MetalLB IPPool: The IPs in the IPPool configured when deploying MetalLB are real and available physical IP addresses. LoadBalancer IP: The LoadBalancer IP is an address randomly allocated or manually specified from the IPPool, used to expose services externally.

MetalLb IPPool

Specify the IP address

When creating LoadBalancer Service, you can specify the IP through Annotations: metallb.universe.tf/loadBalancerIPs:

apiVersion: v1
kind: Service
metadata:
  name: metallb-ippool3
  labels:
    name: metallb-ippool3
  annotations:
    metallb.universe.tf/loadBalancerIPs: 172.16.13.210 # This IP address must exist in an existing IPPool
spec:
  type: LoadBalancer
  ...

specify IP

Shared IP address

Before k8s v1.20, LoadBalancer Service does not support configuring multiple protocols (v1.24 supports it, it has become a Beta function), refer to #issue 23880.

MetalLb indirectly supports this feature by creating different Services and sharing the Service IPs.

Create two Services:

apiVersion: v1
kind: Service
metadata:
  name: dns-service-tcp
  namespace: default
  annotations:
    metallb.universe.tf/allow-shared-ip: "key-to-share-1.2.3.4"
spec:
  type: LoadBalancer
  loadBalancerIP: 1.2.3.4
  ports:
    - name: dnstcp
      protocol: TCP
      port: 53
      targetPort: 53
  selector:
    app: dns
---
apiVersion: v1
kind: Service
metadata:
  name: dns-service-udp
  namespace: default
  annotations:
    metallb.universe.tf/allow-shared-ip: "key-to-share-1.2.3.4"
spec:
  type: LoadBalancer
  loadBalancerIP: 1.2.3.4
  ports:
    - name: dnsudp
      protocol: UDP
      port: 53
      targetPort: 53
  selector:
    app: dns

Note

As long as the key and value of Annotations(metallb.universe.tf/allow-shared-ip) are the same, different LoadBalancer Service will have the same IP address (ipv4/ipv6). Of course, you can also specify ipv4/ipv6 addresses through Annotations (metallb.universe.tf/loadBalancerIPs) or specify through .spec.loadBalancerIP (only supports ipv4). Editing an Annotation after creation has no effect.

Another feature of shared IP is that the LoadBalancer IP address is insufficient, and multiple Services need to share the same IP, but note that the protocols and ports of different Services should be different, otherwise the connection cannot be distinguished.

Comments