Just started learning Kubernetes and this is the most clear/concise explanation on services I've seen. Thanks for helping me get MetalLB running in my local test cluster. Great content Morris!
dude you are really the first person to explain exactly what we need. Layed it all out perfectly, in nice detail and flow! Great job. First time see your vid. already subscribed and liked the video!
Thank you for this video, it has been very useful for me. I have been trying to configure Metallb in my Kubernetes cluster for more than 15 days and I needed to create the L2Advertisement. Without this video it would never have worked for me. Thank you very much for the help.
Thank you! I've been stuck with the problem for a couple of days. Came out that I had no L2 Advertisement applied to my MetalLB. Worked like a charm! :)
Thanks for the great content and explanation. I would have expected a lot more views and likes on your videos. Hopefully your channel will grow with time;))
Hi Morris, I just wanted to say my sincere thank you for your outstanding tutorial -- it's saved me a lot of time and helped me better understand cluster networking. I appreciate your calm and evenly-paced dictation and I'll certainly stay tuned for more. I've now deployed metallb on my home cluster and honestly I'm just happy to stop port-forwarding every little service!
Nice and crisp. I usually see training videos at 1.25 to 1.5 x speed. But As our freind Morris is so fast, this is the first time I slowed the video to .75 x😂. Solution worked for me
Hi Morris, your video made my day! I was stuck for a long time on how a load balancer assigns an external IP to my ingress controller. Most youtube resources just briefly mentioned this flow but without showing an actual example like you did. Your diagrams are really helpful to explain how things fit together. A suggestion if you don't mind - if you can share the commands and files you used on github, it will help beginners like me a lot. Hope to see more videos from you.
Hi suntenslp3315, thanks for watching I am very glad you liked the video. Thanks for the suggestion too, and I will definitely make it a goal to do better documentation for the videos.
thanks for the video Morris. I have a doubt - i see external Ip is assigned to the load balancer. but when i curl-ed it, it doesn't reach. how should i troubleshoot this?
Hi thanks a lot. I am not entirely sure as I have not yet tested it in such an environment. One thing to keep in mind though is that with this configuration mode MetalLB is working in Layer 2 mode and is doing a lot of stuff with ARP, so if your environment does not support ARP that might be an issue. MetalLB does also have a Layer 3 Mode where it uses BGP which you might want to check out as well.
Nice video. Please i'd like to ask a question. please how do we come about those range of IP addresses? i reckon public IP addresses are not free and that range could clash with some existing public IP somewhere. Thnx
Hi Morris, thank you for the excellent video!! The first one that finally explains Load Balancer + Ingress nginx + example to test locally for Bare metal. I followed the same installation as you but I'm not able to curl my service. Since the installation and services are set up the same, I wonder if it could be the network add-on that I'm using (Calico) seems like it requires additional IPPool manifest to be applied. Could you please share the network add-on you're using, and if any additional configuration was required? Much appreciated!
Forgot to add additional information in my setup: 1 controller and 1 worker node (both set up in different computers) I'm using Kubernetes 1.28 Calico v3.25.0
Hi thanks for watching, I really appreciate the support. I am using Calico as well which I set up as part of the Kubernetes install(you can checkout my other videos on setting up Kubernetes). I do have a default ippool(kubectl get ippool) configured and if you don't perhaps that is where the problem is. So might want to create an ippool. You might also want to try setting the ExternalTrafficPolicy on your metallb services to Cluster
Great explanation of the relationship between nginx and ingress! Previously I'd missed the point that needed to set the service back to clusterip. Am I right in thinking nginx is implicitly using metallb? I've been struggling to conceptualise that after reading the documentation.
Hi Alexander, thanks for watching. It is not absolutely necessary to revert the web app's service back to type ClusterIP in order for the web app to use NGINX Ingress. In such a scenario, access to the web app will be facilitated both through the external IP address(assigned by MetalLB) and the domain name which is pointing to NGINX Ingress' own LoadBalancer service external IP(also assigned by MetalLB). The reason for reverting back to ClusterIP is to conserve external IPs by freeing up the one used up by the web app.
I love your style of teaching. I have been having a hard time trying to install metalLB in my local k8s cluster. I used PROXMOX as my hypervisor for my bare metal. Do you have any ideas that can help me resolve this issue?
Hi Morris, thanks for efforts in creating this tutorial. Would it be possible to show the same using CSP LB (AWS/AZure) to work with NGINX Ingress Controller in Kubernetes for any K8s running as Services (EKS/AKS) or K8s running on EC2 or nodes on CSP. Thanks in advance.
how can I apply this tutorial to a cluster deployed in ec2 instance....I can access deployed app as load balancer but I cannot access it using ingress...what Ip should I give to cloudflare dns...?
Wonderful video! Thank you! I do have one question. Everything works great, but I am not clear on how I would be able to reach my services from a public URL or IP address. Without using an ingress and metallb, I would use nodeport. However, I am not seeing where or how to expose the ingress to internet connections. Any guidance would be most appreciated.
Hi, thanks for watching. You can use any IP address range with MetalLB even a publicly routable IP range as long as it is accessible on the node's ethernet segment. Another way to do it is to map an upstream public IP address range to the private range provisioned to MetalLB with port forwarding. This might require some extra configuration(probably through a custom mutating webhook admission controller) for the the public IP to show up as an externalIP on your LoadBalancer service.
If your nodes have static ips, can't you attach external HaProxy load balancer instead of all this? .. where all Haproxy sends traffic to either node at say port 31111 (where you have the ingress-controller running)? Is this is a much simpler solution than metallb?
Confusing - Does MetalLB load-balance across multiple nodes OR multiple services? If i have 5 raspberry Pis running Service#1 of type load balancer, does metalLB load balance across nodes?
Hi, I have pfsense router at home and K8S bare metal running on ubuntu with 2 master 2 worker setup.. I configured BGP on pfsense and I am hoping it's good, the logs are showing the assigned LoadBalancer IPs but somehow I can't resolve them on browser... I tried multiple times but something somewhere missing, any clue where should I be looking at? I have External IPs assigned correctly on get service output and on pfsense. It does show external ip in BGP logs that the next hop if worker nodes but when I put them in browser, it's bad gateway!!
This video makes it look so simple and I think I am really close but I am still having some trouble understanding this setup / it's not working on my small home cluster. I have 3 nodes, 1 control-plane and 2 rasp pi nodes. I followed all this same setup but nothing seems to be spinning up. For the IP pool, is that my home IP address or the IP address of the device on my network that is listening on ports 80,443? In my case only 1 device on my network has port forwarding setup for them (The control-plane node).
I am assuming you are able to reach your k8s cluster network, meaning you can ping either a control-plane node or a worker node from your machine. For example if your cluster network is 192.168.1.0/24 and your nodes use the range say from 192.168.1.10 - 192.168.1.20, then you should choose a metallb ip pool in the same network like say 192.168.1.30 - 192.168.1.50. Just ensure no other devices are using these reserved ips.
iam anticipating a high volume of incoming traffic to my Kubernetes cluster through Ingress controller, and iam worried about potential damage to cluster due to the heavy load. i want to scale, unfortunately i have no idea about what will i scale ? ingress or node or control plane ? ingress controller where will be run ? please reply this
What happens if the node that was running the ingress controller pod goes down? You would need to change the host ip mapping to thew ip of the new node that runs the controller right? There should be a better way?
Hi, the MetalLB load balancer ips are not statically configured on any node, but are instead advertised out from an appropriate node. So in the event a node goes down the ip will simply be advertised through another node maintaining connectivity to your service. This is done automatically by MetalLB no need for manual intervention.
Hi, I mostly use 1.27 and later. I have done a couple of videos on cluster setup you can check out below: K3S Lightweight Kubernetes Cluster Kubernetes at Home with Kubespray and Ansible
Everything worked beautifully until I changed the deployment.yml file to remove the "Type: LoadBalancer" off. Now it won't connect to my container. I guess I'll have to plan around that limitation on my setup (RKE2). Thanks!
Hi, thanks for watching. The end user does not need to be on the same subnet as long a they have a route to that subnet. The default gateway on that subnet will receive the ARP messages and will be aware of all metallb assigned addresses.
Hi @@EngineeringWithMorris I converted my service to CluterIP but it has an external IP address assigned from creation which matches the external IP address of the service/ingress-nginx-controller LoadBalancer. Comparing with the video, the ingress for the web-app doesn't have an IPAddress assign, it shows up empty. Which one's correct? When I do a curl to my host it doesn't show up anything.
Thank you for watching. Sorry about not including the instructions to the video before. I have added a link in the description to the GitHub project with all the manifests and setup instructions.
Great explanation but you should clearly state that this isn’t a production deployment plus metal lb shouldn’t be used in cloud but instead to be only leveraged in local or bare metal , unless I am mistaken. Please correct me
You are correct, the setup is for virtualisation environments where there are no cloud like load balancers to be leveraged like we have in AWS or GCP. For such virtualisation environments like Proxmox or VSphere MetalLB is a great solution and works perfectly well with home lab and production size clusters alike.
I had to to use the below CLI to change the ingress-nginx-controller-admission type from ClusterIP to LoadBalancer so that Metallb could assign an external IP to the NGINX controller. kubectl patch service ingress-nginx-controller-admission -p '{"spec":{"type": "LoadBalancer", "externalTrafficPolicy":"Cluster"}}' -n ingress-nginx
Hi, thanks for watching. That’s is true! In some Kubernetes clusters you might need to set the external traffic policy to cluster for services of type LoadBalancer for ARP advertisement to work.
GitHub project with all the manifests and setup instructions is linked in the description.
Nice and crisp.
I usually see training videos at 1.25 to 1.5 x speed. But this is the first time I slowed the video to .75 x😂
Its the only video I got on youtube explaining this, Thank you But I had to play it in 0.5x
This is the best kubernetes Load balancer and Ingress controllers explainer video I have seen
agree, simple and to the point
Thank you for making a clear and crisp video explaining a hard topic along with neat demos in 10 minutes
Just started learning Kubernetes and this is the most clear/concise explanation on services I've seen. Thanks for helping me get MetalLB running in my local test cluster. Great content Morris!
Thanks a lot for watching, and for the positive feedback, I am glad it was helpful.
dude you are really the first person to explain exactly what we need. Layed it all out perfectly, in nice detail and flow! Great job. First time see your vid. already subscribed and liked the video!
I've been struggling with these concepts for a bit, this really helped make it click. Thanks!
Great video, helped when configuring Metallb & Ingress Nginx Controller. I wish there were more such detailed video tutorials
Excelent explanation about loadbalancer and metallb!
Nice, calm and concise explanation. I've been searching this for a whole day. Thank you.
An outstanding video. Your overview and detailed step thru is clear and thorough! Keep up the great work!
Thank you for this video, it has been very useful for me. I have been trying to configure Metallb in my Kubernetes cluster for more than 15 days and I needed to create the L2Advertisement. Without this video it would never have worked for me. Thank you very much for the help.
Nice job in explaining concept and getting started in a very clear and crisp manner.👍
Outstanding overview that not only covers service types but load balancers and how to set up MetalLB. Thanks for making the video! 😊🙏
Glad you enjoyed it!
Thank you! I've been stuck with the problem for a couple of days. Came out that I had no L2 Advertisement applied to my MetalLB. Worked like a charm! :)
Thx man, this is the first video I found, that explained all the process from metallb setup to ingress configuration
Super simple and straight to the point. Incredibly clear. Well done!
You explain the contents so simply and understandably that it is impossible not to learn.
Thanks bro.
Dude, this video is a work of art. Seriously. Thank you. It really nails the explanation.
I appreciate you mate, thanks for watching.
Clear explanation and good tutorial, actually works!
Thanks Morris, super simple and complete explanation! Now I have a MetalLB installed on my bare-metal. Awesome 👏👏👏
I skipped over this the first time, when I came back and stayed with it I learned a bit, thanks!
This video was SUPER helpful for me. Thanks, man!
I was having a nightmare trying to find a video that explained what I was trying to do - this nailed it
Thank you
Best video on metallb and ingress i have seen. Thanks for the work
Glad you enjoyed it!
Thanks for the great content and explanation.
I would have expected a lot more views and likes on your videos.
Hopefully your channel will grow with time;))
Thanks for watching Oleg, fingers crossed mate.
I have been blessed with this video. Wow! Thanks a lot.
Awesome, brother! Please keep on sharing! Love your accent!
Thanks a lot for watching mate. Will keep them coming.
Wow, It's amazing, bro! Спасибо, теперь я понял, что я делал не правильно, и понял как надо!
Hi Morris, I just wanted to say my sincere thank you for your outstanding tutorial -- it's saved me a lot of time and helped me better understand cluster networking. I appreciate your calm and evenly-paced dictation and I'll certainly stay tuned for more.
I've now deployed metallb on my home cluster and honestly I'm just happy to stop port-forwarding every little service!
Thanks a lot, glad you liked it.
Nice and crisp.
I usually see training videos at 1.25 to 1.5 x speed. But As our freind Morris is so fast, this is the first time I slowed the video to .75 x😂. Solution worked for me
Hi Morris, your video made my day! I was stuck for a long time on how a load balancer assigns an external IP to my ingress controller. Most youtube resources just briefly mentioned this flow but without showing an actual example like you did. Your diagrams are really helpful to explain how things fit together.
A suggestion if you don't mind - if you can share the commands and files you used on github, it will help beginners like me a lot.
Hope to see more videos from you.
Hi suntenslp3315, thanks for watching I am very glad you liked the video. Thanks for the suggestion too, and I will definitely make it a goal to do better documentation for the videos.
Same!!! Thank you Morris.
Nice video! Very informative.
Great explanation Morris!
Thank you kindly!
Amazing explanation, thank you!
Glad you enjoyed it!
Great explanation. Just subbed!
Many thanks!
You saved me a lot of time!!!
Good, succinct information. Thanks for the video
Glad it was helpful!
great job man! you made my day
what a clear explanation in 10 minutes, can we get more videos with projects
Sure. What kind of projects would like to see more of?
Great explanation .. Thanks
Great content! Subscribed.
Thank you. it was best video.
great video mate
Great explanation!
Glad it was helpful! Thanks for watching.
very nice presentation, subbed
Much appreciated!
Very helpful! thank you!
nice vid, congrats
Clear explanations
Great video are you using Linux box or windows vm?
Thank you very much 🎉
You're welcome 😊
very good!
thanks for the video Morris.
I have a doubt - i see external Ip is assigned to the load balancer. but when i curl-ed it, it doesn't reach. how should i troubleshoot this?
Great explantion Morris. Will metalLB work in a hyper-scaler environment. And what if I need to have support for SCTP
Hi thanks a lot. I am not entirely sure as I have not yet tested it in such an environment. One thing to keep in mind though is that with this configuration mode MetalLB is working in Layer 2 mode and is doing a lot of stuff with ARP, so if your environment does not support ARP that might be an issue. MetalLB does also have a Layer 3 Mode where it uses BGP which you might want to check out as well.
Nice video. Please i'd like to ask a question. please how do we come about those range of IP addresses? i reckon public IP addresses are not free and that range could clash with some existing public IP somewhere. Thnx
Hi Morris, thank you for the excellent video!! The first one that finally explains Load Balancer + Ingress nginx + example to test locally for Bare metal. I followed the same installation as you but I'm not able to curl my service. Since the installation and services are set up the same, I wonder if it could be the network add-on that I'm using (Calico) seems like it requires additional IPPool manifest to be applied. Could you please share the network add-on you're using, and if any additional configuration was required? Much appreciated!
Forgot to add additional information in my setup:
1 controller and 1 worker node (both set up in different computers)
I'm using Kubernetes 1.28
Calico v3.25.0
Hi thanks for watching, I really appreciate the support. I am using Calico as well which I set up as part of the Kubernetes install(you can checkout my other videos on setting up Kubernetes). I do have a default ippool(kubectl get ippool) configured and if you don't perhaps that is where the problem is. So might want to create an ippool. You might also want to try setting the ExternalTrafficPolicy on your metallb services to Cluster
Great explanation of the relationship between nginx and ingress! Previously I'd missed the point that needed to set the service back to clusterip. Am I right in thinking nginx is implicitly using metallb? I've been struggling to conceptualise that after reading the documentation.
Hi Alexander, thanks for watching. It is not absolutely necessary to revert the web app's service back to type ClusterIP in order for the web app to use NGINX Ingress. In such a scenario, access to the web app will be facilitated both through the external IP address(assigned by MetalLB) and the domain name which is pointing to NGINX Ingress' own LoadBalancer service external IP(also assigned by MetalLB). The reason for reverting back to ClusterIP is to conserve external IPs by freeing up the one used up by the web app.
@@EngineeringWithMorris thanks for the fast response and clarification!
Thank you
A little question, how do you make the presentation?... Is dynamic, is cool!.
Hi, I use Adobe After Effects
I love your style of teaching. I have been having a hard time trying to install metalLB in my local k8s cluster. I used PROXMOX as my hypervisor for my bare metal. Do you have any ideas that can help me resolve this issue?
That depend on where the issue is, where do you seem to be stuck.
@@EngineeringWithMorris when i try to install metalLB, i get crashloop Backoff for my speaker pods.
question, because there is ingress, should the load balancer pool need to be only one specific value? because all the other svc are using clusterIp
Hi Morris, thanks for efforts in creating this tutorial. Would it be possible to show the same using CSP LB (AWS/AZure) to work with NGINX Ingress Controller in Kubernetes for any K8s running as Services (EKS/AKS) or K8s running on EC2 or nodes on CSP. Thanks in advance.
Hi, thanks for watching. I definitely do have some videos on cloud Kubernetes planned soon. Watch this space.
how can I apply this tutorial to a cluster deployed in ec2 instance....I can access deployed app as load balancer but I cannot access it using ingress...what Ip should I give to cloudflare dns...?
Wonderful video! Thank you! I do have one question. Everything works great, but I am not clear on how I would be able to reach my services from a public URL or IP address. Without using an ingress and metallb, I would use nodeport. However, I am not seeing where or how to expose the ingress to internet connections. Any guidance would be most appreciated.
Hi, thanks for watching. You can use any IP address range with MetalLB even a publicly routable IP range as long as it is accessible on the node's ethernet segment. Another way to do it is to map an upstream public IP address range to the private range provisioned to MetalLB with port forwarding. This might require some extra configuration(probably through a custom mutating webhook admission controller) for the the public IP to show up as an externalIP on your LoadBalancer service.
Thanks I will give it a try. @@EngineeringWithMorris
sir what version of kubernetes are you using? 1.28?
If your nodes have static ips, can't you attach external HaProxy load balancer instead of all this? .. where all Haproxy sends traffic to either node at say port 31111 (where you have the ingress-controller running)? Is this is a much simpler solution than metallb?
Confusing - Does MetalLB load-balance across multiple nodes OR multiple services? If i have 5 raspberry Pis running Service#1 of type load balancer, does metalLB load balance across nodes?
Hello! Thank you all works well but i have a problem! when i try to access the link via my browser it doesn't work any idea ??
Hi, I have pfsense router at home and K8S bare metal running on ubuntu with 2 master 2 worker setup.. I configured BGP on pfsense and I am hoping it's good, the logs are showing the assigned LoadBalancer IPs but somehow I can't resolve them on browser... I tried multiple times but something somewhere missing, any clue where should I be looking at? I have External IPs assigned correctly on get service output and on pfsense. It does show external ip in BGP logs that the next hop if worker nodes but when I put them in browser, it's bad gateway!!
This video makes it look so simple and I think I am really close but I am still having some trouble understanding this setup / it's not working on my small home cluster. I have 3 nodes, 1 control-plane and 2 rasp pi nodes. I followed all this same setup but nothing seems to be spinning up. For the IP pool, is that my home IP address or the IP address of the device on my network that is listening on ports 80,443? In my case only 1 device on my network has port forwarding setup for them (The control-plane node).
I am assuming you are able to reach your k8s cluster network, meaning you can ping either a control-plane node or a worker node from your machine. For example if your cluster network is 192.168.1.0/24 and your nodes use the range say from 192.168.1.10 - 192.168.1.20, then you should choose a metallb ip pool in the same network like say 192.168.1.30 - 192.168.1.50. Just ensure no other devices are using these reserved ips.
iam anticipating a high volume of incoming traffic to my Kubernetes cluster through Ingress controller, and iam worried about potential damage to cluster due to the heavy load. i want to scale, unfortunately i have no idea about what will i scale ? ingress or node or control plane ? ingress controller where will be run ? please reply this
thank u subscribed
Thanks for the sub!
Hello Moris !
Thank for you video !
Can we know how to do those animations please ? we are doing content creation too and we really love your style
Hi Tech-Ness, thanks for watching. I use Adobe After Effects for the animations.
Please help. I created the IP Pool and L2Advert. The pools all the nodes (masters and workers). Now my Kubernetes cluster is not accessible
What happens if the node that was running the ingress controller pod goes down? You would need to change the host ip mapping to thew ip of the new node that runs the controller right?
There should be a better way?
Hi, the MetalLB load balancer ips are not statically configured on any node, but are instead advertised out from an appropriate node. So in the event a node goes down the ip will simply be advertised through another node maintaining connectivity to your service. This is done automatically by MetalLB no need for manual intervention.
Possible use only IP for multiples pods, see external? Nodeport no work Fine for redirect
What if you want all services to share the same IP?
Hi which cluster version your have used
Have you created your cluster with kubeadm then please share your config
Hi, I mostly use 1.27 and later. I have done a couple of videos on cluster setup you can check out below:
K3S Lightweight Kubernetes Cluster
Kubernetes at Home with Kubespray and Ansible
Hi guys, I am looking for some clues. L2 is not working for me, curl with host ip and port works buy the ip assigned on for loadbalancer doesn’t
👍
can i do this with a public ip @ please !!
Everything worked beautifully until I changed the deployment.yml file to remove the "Type: LoadBalancer" off. Now it won't connect to my container. I guess I'll have to plan around that limitation on my setup (RKE2). Thanks!
Hi, could be that RKE2 does not like it when you switch a service from type LB to clusterIP. You could try deleting the service and recreating it.
If the end user is in different subnet it won't work becaus he won't receive the ARP packets. That the scenario in production environment.
Hi, thanks for watching. The end user does not need to be on the same subnet as long a they have a route to that subnet. The default gateway on that subnet will receive the ARP messages and will be aware of all metallb assigned addresses.
How can I allow access only by domain and not by IP?
Hi, you need to set the service type to clusterIP, it will not be assigned a metallb IP. Then you can use ingress to access your service.
Hi @@EngineeringWithMorris I converted my service to CluterIP but it has an external IP address assigned from creation which matches the external IP address of the service/ingress-nginx-controller LoadBalancer. Comparing with the video, the ingress for the web-app doesn't have an IPAddress assign, it shows up empty. Which one's correct?
When I do a curl to my host it doesn't show up anything.
Hello! Very good video. But it will be better with examples. It's difficult to reproduce.
Thank you anyway!!!!!!!!
Thank you for watching. Sorry about not including the instructions to the video before. I have added a link in the description to the GitHub project with all the manifests and setup instructions.
@@EngineeringWithMorris thank you!
when you want to acces with url not curl you need bgp protocol !!
Thank you, but you go too fast for me
you have such nice content, but instead of explaining everything, you are just reading like a newsreader :-( Why are you rushing?
lv u from india
Great explanation but you should clearly state that this isn’t a production deployment plus metal lb shouldn’t be used in cloud but instead to be only leveraged in local or bare metal , unless I am mistaken. Please correct me
You are correct, the setup is for virtualisation environments where there are no cloud like load balancers to be leveraged like we have in AWS or GCP. For such virtualisation environments like Proxmox or VSphere MetalLB is a great solution and works perfectly well with home lab and production size clusters alike.
I had to to use the below CLI to change the ingress-nginx-controller-admission type from ClusterIP to LoadBalancer so that Metallb could assign an external IP to the NGINX controller.
kubectl patch service ingress-nginx-controller-admission -p '{"spec":{"type": "LoadBalancer", "externalTrafficPolicy":"Cluster"}}' -n ingress-nginx
Hi, thanks for watching. That’s is true! In some Kubernetes clusters you might need to set the external traffic policy to cluster for services of type LoadBalancer for ARP advertisement to work.