0

I’ve been running metallb for over a year now but after a botched upgrade I reinstalled the whole thing from scratch. After reinstalling metallb it was able to assign external IPs to services, but those services were unreachable. On further inspection I saw that the speaker was not responding to ARP requests at all, and dug further and saw that the IP address was never bound to the node's network interface. When I bound the IP address manually by running ip addr add 192.168.1.29/24 dev enp10s0, the address immediately started working and I was able to access the service.

I'm not sure why this isn't getting bound automatically though, I assume the speaker should be doing this? My environment is a 2 node Talos 1.9.4 cluster running kubernetes 1.32.2. Using a fresh install of metallb 0.14.9 with helm and all default values, then added the following l2advertisement and ipaddresspool:

apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
  name: default
spec:
  addresses:
  - 192.168.1.20-192.168.1.99
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
  name: default
  namespace: metallb
spec:
  ipAddressPools:
  - default

I'm using pretty bleeding edge versions of kubernetes and metallb, so possibly a bug? I'm looking at the speaker code on GitHub but I don't speak golang

jamzsabb
  • 131

1 Answers1

0

Turns out metallb doesn't bind the address to the interface at all normally, though in my case doing that did cause the node to respond to ARP requests, it was not correct.

The issue actually turned out to be much simpler. Newer versions of Talos add the node.kubernetes.io/exclude-from-external-load-balancers label to control plane nodes automatically, which excluded metallb from running on any of my nodes out of the box.

The fix is to either remove the labels or add .speaker.ignoreExcludeLB=true to the helm values.yaml

jamzsabb
  • 131