Kubernetes Metal LB for Docker for Mac/Windows in 10 Minutes

In this quickstart with Metal LB we will quickly get an on-prem / bare metal load balancer running on Kubernetes (k8s) with the Docker CE edition for Windows or Mac version of Kubernetes. This will give us a good dev environment for testing.

Pre-Reqs:

1. Docker CE for Mac / Windows installed (https://docs.docker.com/v17.12/docker-for-mac/install/ , https://docs.docker.com/v17.12/docker-for-windows/install/)
2. Kubernetes-cli program or kubectl. For mac you should be able to get this with the homebrew package manager and the command line command brew install kubernetes-cli. Or if you are on Windows and have the chocolatey package manager you can use choco install kubernetes-cli. You can also use this guide as well https://kubernetes.io/docs/tasks/tools/install-kubectl/.
3. Kubernetes enabled on your Docker CE for your desktop. (https://docs.docker.com/docker-for-mac/#kubernetes, https://docs.docker.com/docker-for-windows/#kubernetes). Follow the instructions completely for enabling k8s, as this will also help to configure your kubectl program as well.

Optional:

Check out the docs and github repo for MetalLB for more in depth study https://metallb.universe.tf/, https://github.com/google/metallb.

Now that we have the pre-reqs out of the way let’s get started.

First we need to apply the MetalLB manifest.

kubectl apply -f https://raw.githubusercontent.com/google/metallb/v0.7.3/manifests/metallb.yaml

Next we want to check that the controller and the speaker are running. we can do this by using this command.

kubectl get pods -n metallb-system

Once those pods are running we can deploy our MetalLB configuration.

Next we want to deploy a configuration that will work with Docker CE. Typically we would deploy the MetalLB to communicate with a router with dhcp enabled or BGP router. But for purposes of the Docker CE enviroment for Mac and Windows we will deploy it to work with the localhost environment of our Desktop. This will help us if we are wanting to test MetalLB behind a corporate firewall and don’t have access to BGP routing or ARP routing policies. For more on check out the docs on the MetalLB site https://metallb.universe.tf/concepts/. For this quickstart we will be using the layer 2 configuration as it is the easiest to get started with.

So next we will look at our configuration.

apiVersion: v1
kind: ConfigMap
metadata:
  namespace: metallb-system
  name: config
data:
  config: |
    address-pools:
    - name: my-ip-space
      protocol: layer2
      addresses:
      - 127.0.0.240/28

You will notice the addresses will only be local to our Desktop. The reason for this, is due to DockerCE being NATed as a virtual machine on Mac and Windows. Even if you had everything properly configure on your network for using layer 2 and DHCP, your work or home router would not even know how to reach DockerCE as it is being NATed which makes any services only available on the localhost. In a more standard deployment your addresses would look more like this 10.0.1.240/28 or something similar.

That being said, you can access this exact configuration here https://raw.githubusercontent.com/JockDaRock/metallb-testing/master/layer2-dockerce.yml and download and modify if you need to. If not we can apply this configuration as is.

kubectl apply -f https://raw.githubusercontent.com/JockDaRock/metallb-testing/master/layer2-dockerce.yml

Once we have deployed our configuration we are ready to apply our deployment and service manifest.

Note: Since these k8s deployments are using your localhost IP address scheme for your applications, please be sure to note the port you are applying to to make sure you are not trying to map to a port where are service is currently being used.

apiVersion: apps/v1beta2
kind: Deployment
metadata:
  name: nginx
spec:
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1
        ports:
        - name: http
          containerPort: 80

---
apiVersion: v1
kind: Service
metadata:
  name: nginx
spec:
  ports:
  - name: http
    port: 8080
    protocol: TCP
    targetPort: 80
  selector:
    app: nginx
  type: LoadBalancer

The above configuration is what we are using to deploy our first application. I changed this slightly from the tutorial on the main docs site. This will deploy an nginx app/service to kubernetes that we will be able to access. You can download and change this file as needed (https://raw.githubusercontent.com/JockDaRock/metallb-testing/master/nginxlb.yml) or use as is.

Use the following command kubectl apply -f https://raw.githubusercontent.com/JockDaRock/metallb-testing/master/nginxlb.yml

We can verify the IP address is assigned by using the kubectl get services command.

Once the service is up and running we can go to it on a browser of our choice at http://127.0.0.1:8080.

Even though your address will come back as 127.0.0.240, it will all be accessible through your local host address. On Mac this will only be routable by visiting either 127.0.0.1:8080 or localhost:8080. On Windows you should be able to access Nginx on 127.0.0.240:8080 as well as 127.0.0.1:8080.

You are now ready to go forth to use your new LoadBalancing skills. Let me know how your experience