KubeVip
Setup
To install Kubevip we need 2 things
- the Network interface thats going to be used
- The Ip address we want to use
Network Interface
To find the network interface you can ssh into your server and run
ip a
...
2: wlp0s20f3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 94:e2:3c:1c:b2:09 brd ff:ff:ff:ff:ff:ff
inet 10.10.4.200/24 metric 600 brd 10.10.4.255 scope global dynamic wlp0s20f3
valid_lft 65619sec preferred_lft 65619sec
inet6 fe80::96e2:3cff:fe1c:b209/64 scope link
valid_lft forever preferred_lft forever
....
or
ifconfig
....
wlp0s20f3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.10.4.200 netmask 255.255.255.0 broadcast 10.10.4.255
inet6 fe80::96e2:3cff:fe1c:b209 prefixlen 64 scopeid 0x20<link>
ether 94:e2:3c:1c:b2:09 txqueuelen 1000 (Ethernet)
RX packets 1087088 bytes 817273311 (817.2 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 649067 bytes 150471394 (150.4 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
The first thing you see is the name of the interface then the ip thats using it should follow somewhere.
In this case mine I'm using is wlp0s20f3
VIP Ip
This is just the IP address you want to use for the HA kube api server.
Example 10.10.4.205
Install
first we need to make the daeomon set
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kube-vip-ds
namespace: kube-system
spec:
selector:
matchLabels:
name: kube-vip-ds
template:
metadata:
labels:
name: kube-vip-ds
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/master
operator: Exists
- matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: Exists
containers:
- args:
- manager
env:
- name: vip_arp
value: "true"
- name: port
value: "6443"
- name: vip_interface
value: wlp0s20f3 ###### NETWORK INTERFACE
- name: vip_cidr
value: "32"
- name: cp_enable
value: "true"
- name: cp_namespace
value: kube-system
- name: vip_ddns
value: "false"
- name: svc_enable
value: "true"
- name: vip_leaderelection
value: "true"
- name: vip_leaseduration
value: "5"
- name: vip_renewdeadline
value: "3"
- name: vip_retryperiod
value: "1"
- name: address
value: 10.10.4.205 ### KUBEVIP IP
image: ghcr.io/kube-vip/kube-vip:v0.4.0
imagePullPolicy: Always
name: kube-vip
securityContext:
capabilities:
add:
- NET_ADMIN
- NET_RAW
- SYS_TIME
hostNetwork: true
serviceAccountName: kube-vip
tolerations:
- effect: NoSchedule
operator: Exists
- effect: NoExecute
operator: Exists
updateStrategy: {}
And a cluster role
apiVersion: v1
kind: ServiceAccount
metadata:
name: kube-vip
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
name: system:kube-vip-role
rules:
- apiGroups: [""]
resources: ["services/status"]
verbs: ["update"]
- apiGroups: [""]
resources: ["services", "endpoints"]
verbs: ["list","get","watch", "update"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["list","get","watch", "update", "patch"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["list", "get", "watch", "update", "create"]
- apiGroups: ["discovery.k8s.io"]
resources: ["endpointslices"]
verbs: ["list","get","watch", "update"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: system:kube-vip-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:kube-vip-role
subjects:
- kind: ServiceAccount
name: kube-vip
namespace: kube-system
Apply the files
sudo kubectl apply -f ./
You can now use this ip for the kubernetes api in your kube config.