Install Kubernetes Cluster - Configuring Ingress and Load Balancing with MetalLB (Part 3)

Your Kubernetes cluster is monitoring, meshing, and looking good—but let’s be honest, it’s a little isolated. In this part, we’ll roll out the red carpet for external traffic with ingress, then sprinkle on some load-balancing magic with MetalLB. Why? Because nothing says “production-ready” like an open (yet secure) path for requests. Let’s get into the good stuff!

Install Ingress-Nginx Controller

Again we will use helm to install ingress-nginx

helm upgrade --install ingress-nginx ingress-nginx \
  --repo https://kubernetes.github.io/ingress-nginx \
	--set controller.kind=DaemonSet \
  --namespace ingress-nginx --create-namespace

helm upgrade --install ingress-nginx ingress-nginx \  --repo https://kubernetes.github.io/ingress-nginx \	--set controller.kind=DaemonSet \  --namespace ingress-nginx --create-namespace

Inject linkerd if you want to

kubectl get ds ingress-nginx-controller -o yaml -n ingress-nginx | \
linkerd inject --ingress - | kubectl apply -f -

kubectl get ds ingress-nginx-controller -o yaml -n ingress-nginx | \linkerd inject --ingress - | kubectl apply -f -

Setting up MetalLB for Loading Balancing

Because we install k8s cluster on bare-metal servers (VMs, local servers), not in cloud providers (aws, azure, gce, ...), we need a solution for load balancing that isn’t built into the infrastructure.

will step in to offer the crucial IP address management we need to expose services to the outside world. In this section, we’ll configure MetalLB, set up IP pools, and connect it to our ingress controller so we can finally let external traffic in with style and stability.

First we need to enable strict ARP mode

kubectl get configmap kube-proxy -n kube-system -o yaml | \
sed -e "s/strictARP: false/strictARP: true/" | \
kubectl diff -f - -n kube-system

kubectl get configmap kube-proxy -n kube-system -o yaml | \sed -e "s/strictARP: false/strictARP: true/" | \kubectl diff -f - -n kube-system

kubectl get configmap kube-proxy -n kube-system -o yaml | \
sed -e "s/strictARP: false/strictARP: true/" | \
kubectl apply -f - -n kube-system

kubectl get configmap kube-proxy -n kube-system -o yaml | \sed -e "s/strictARP: false/strictARP: true/" | \kubectl apply -f - -n kube-system

Then install it using helm

helm repo add metallb https://metallb.github.io/metallb
helm install metallb metallb/metallb --namespace metallb-system --create-namespace

helm repo add metallb https://metallb.github.io/metallbhelm install metallb metallb/metallb --namespace metallb-system --create-namespace

Configure the metallb

yaml

---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
  name: default
  namespace: metallb-system
spec:
  addresses:
  - 192.168.20.200-192.168.20.205     #<-- Change this to match with node ip range
  autoAssign: true
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
  name: default
  namespace: metallb-system
spec:
  ipAddressPools:
  - default

---apiVersion: metallb.io/v1beta1kind: IPAddressPoolmetadata:  name: default  namespace: metallb-systemspec:  addresses:  - 192.168.20.200-192.168.20.205     #<-- Change this to match with node ip range  autoAssign: true---apiVersion: metallb.io/v1beta1kind: L2Advertisementmetadata:  name: default  namespace: metallb-systemspec:  ipAddressPools:  - default

Replace line 9 in file ingress/metallb-config.yaml with your ip range (same range with your node ip and not use).

You can find the file above in ingress/ folder, create those objects by running this command

 kubectl create -f ingress/metallb-config.yaml

 kubectl create -f ingress/metallb-config.yaml

you should see EXTERNAL-IP value for ingress-nginx-controller

 kubectl get svc -n ingress-nginx

 kubectl get svc -n ingress-nginx

Testing

As you know in , we have to change grafana and linkerd service to NodePort so we can access it.

Now we create ingress rules for grafana and linkerd dashboard

yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: prometheus-ingress
  annotations:
    nginx.ingress.kubernetes.io/service-upstream: "true"
  namespace: monitoring

spec:
  ingressClassName: nginx
  rules:
  - host: dev.grafana.local
    http:
      paths:
      - backend:
          service:
            name: prometheus-grafana
            port:
              number: 80
        path: /
        pathType: ImplementationSpecific
  - host: dev.prometheus.local
    http:
      paths:
      - backend:
          service:
            name: prometheus-kube-prometheus-prometheus
            port:
              number: 9090
        path: /
        pathType: ImplementationSpecific
status:
  loadBalancer: {}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: linkerd-ingress
  annotations:
    nginx.ingress.kubernetes.io/service-upstream: "true"
  namespace: linkerd-viz

spec:
  ingressClassName: nginx
  rules:
  - host: dev.linkerd.local
    http:
      paths:
      - backend:
          service:
            name: web
            port:
              number: 8084
        path: /
        pathType: ImplementationSpecific
status:
  loadBalancer: {}

apiVersion: networking.k8s.io/v1kind: Ingressmetadata:  name: prometheus-ingress  annotations:    nginx.ingress.kubernetes.io/service-upstream: "true"  namespace: monitoringspec:  ingressClassName: nginx  rules:  - host: dev.grafana.local    http:      paths:      - backend:          service:            name: prometheus-grafana            port:              number: 80        path: /        pathType: ImplementationSpecific  - host: dev.prometheus.local    http:      paths:      - backend:          service:            name: prometheus-kube-prometheus-prometheus            port:              number: 9090        path: /        pathType: ImplementationSpecificstatus:  loadBalancer: {}---apiVersion: networking.k8s.io/v1kind: Ingressmetadata:  name: linkerd-ingress  annotations:    nginx.ingress.kubernetes.io/service-upstream: "true"  namespace: linkerd-vizspec:  ingressClassName: nginx  rules:  - host: dev.linkerd.local    http:      paths:      - backend:          service:            name: web            port:              number: 8084        path: /        pathType: ImplementationSpecificstatus:  loadBalancer: {}

 kubectl create -f ingress/ingress-rules.yaml

 kubectl create -f ingress/ingress-rules.yaml

Edit hosts file (C:\WINDOWS\system32\drivers\etc\hosts in Windows, /etc/hosts in Linux)

 EXTERNAL_IP dev.prometheus.local
 EXTERNAL_IP dev.grafana.local
 EXTERNAL_IP dev.linkerd.local

 EXTERNAL_IP dev.prometheus.local EXTERNAL_IP dev.grafana.local EXTERNAL_IP dev.linkerd.local

EXTERNAL_IP can get from:

 kubectl get svc -n ingress-nginx

 kubectl get svc -n ingress-nginx

Now you can access Grafana in your local machine (same network with your cluster) using dev.grafana.local.

Conclusion

Congratulations—you’ve just added ingress and load balancing to your Kubernetes cluster! Now it’s accessible, load-ready, and almost pretending it’s a cloud-native rockstar. With ingress and MetalLB in place, your cluster can handle anything you (or a surprise spike in traffic) throw at it. Give yourself a high-five; your setup is ready for the big leagues (or at least to impress the team)!

And again you can find the script .

Install Kubernetes Cluster - Configuring Ingress and Load Balancing with MetalLB (Part 3)-

Install Ingress-Nginx Controller

Setting up MetalLB for Loading Balancing

Configure the metallb

Testing

Conclusion

On this page