Merge pull request #34728 from mikemckiernan/feat-metallb

OSDOCS-2174: MetalLB Operator and load balancer

Author: mikemckiernan

_topic_map.yml

@@ -1089,6 +1089,17 @@ Topics:
   Distros: openshift-enterprise,openshift-origin
 - Name: Load balancing on OpenStack
   File: load-balancing-openstack
+- Name: Load balancing with MetalLB
+  Dir: metallb
+  Topics:
+  - Name: About MetalLB and the MetalLB Operator
+    File: about-metallb
+  - Name: Installing the MetalLB Operator
+    File: metallb-operator-install
+  - Name: Configuring MetalLB address pools
+    File: metallb-configure-address-pools
+  - Name: Configuring services to use MetalLB
+    File: metallb-configure-services
 - Name: Associating secondary interfaces metrics to network attachments
   File: associating-secondary-interfaces-metrics-to-network-attachments
 ---

images/nw-metallb-layer2.png

@@ -0,0 +1,69 @@
+[id="nw-metallb-addresspool-cr_{context}"]
+= About the address pool custom resource
+
+The fields for the address pool custom resource are described in the following table.
+
+.MetalLB address pool custom resource
+[cols="1,1,3", options="header"]
+|===
+
+|Field
+|Type
+|Description
+
+|`metadata.name`
+|`string`
+|Specifies the name for the address pool.
+When you add a service, you can specify this pool name in the `metallb.universe.tf/address-pool` annotation to select an IP address from a specific pool.
+The names `doc-example`, `silver`, and `gold` are used throughout the documentation.
+
+|`metadata.namespace`
+|`string`
+|Specifies the namespace for the address pool.
+Specify the same namespace that the MetalLB Operator uses.
+
+|`spec.protocol`
+|`string`
+|Specifies the protocol for announcing the load balancer IP address to peer nodes.
+The only supported value is `layer2`.
+
+|`spec.autoAssign`
+|`boolean`
+|Optional: Specifies whether MetalLB automatically assigns IP addresses from this pool.
+Specify `false` if you want explicitly request an IP address from this pool with the `metallb.universe.tf/address-pool` annotation.
+The default value is `true`.
+
+|`spec.addresses`
+|`array`
+|Specifies a list of IP addresses for MetalLB to assign to services.
+You can specify multiple ranges in a single pool.
+Specify each range in CIDR notation or as starting and ending IP addresses separated with a hyphen.
+
+|===
+
+////
+.Address pool object
+[source,yaml]
+----
+apiVersion: metallb.io/v1alpha1
+kind: AddressPool
+metadata:
+  name: <pool_name>  <.>
+  namespace: metallb-system  <.>
+spec:
+  protocol: <protocol_type>  <.>
+  autoAssign: true  <.>
+  addresses:  <.>
+  - <range_or_CIDR>
+  ...
+----
+<.> Specify the name for the address pool. When you add a service, you can specify this pool name in the `metallb.universe.tf/address-pool` annotation to select an IP address from a specific pool.
+
+<.> Specify the namespace for the address pool.
+
+<.> Specify the protocol for announcing the load balancer IP address to peer nodes. The only supported value is `layer2`.
+
+<.> Optional: Specify whether MetalLB automatically assigns IP addresses from this pool. Specify `false` if you want explicitly request an IP address from this pool with the `metallb.universe.tf/address-pool` annotation. The default value is `true`.
+
+<.> Specify a list of IP addresses for MetalLB to assign to services. You can specify multiple ranges in a single pool. Specify each range in CIDR notation or as starting and ending IP addresses separated with a hyphen.
+////

modules/nw-metallb-addresspool-cr.adoc

@@ -0,0 +1,66 @@
+[id="nw-metallb-configure-address-pool_{context}"]
+= Configuring an address pool
+
+As a cluster administrator, you can add address pools to your cluster to control the IP addresses that MetaLLB can assign to load-balancer services.
+
+.Prerequisites
+
+* Install the OpenShift CLI (`oc`).
+
+* Log in as a user with `cluster-admin` privileges.
+
+.Procedure
+
+. Create a file, such as `addresspool.yaml`, with content like the following example:
++
+[source,yaml]
+----
+apiVersion: metallb.io/v1alpha1
+kind: AddressPool
+metadata:
+  namespace: metallb-system
+  name: doc-example
+spec:
+  protocol: layer2
+  addresses:
+  - 203.0.113.1-203.0.113.10
+  - 203.0.113.65-203.0.113.75
+----
+
+. Apply the configuration for the address pool:
++
+[source,terminal]
+----
+$ oc apply -f addresspool.yaml
+----
+
+.Verification
+
+* View the address pool:
++
+[source,terminal]
+----
+$ oc describe -n metallb-system addresspool doc-example
+----
++
+.Example output
+[source,terminal]
+----
+Name:         doc-example
+Namespace:    metallb-system
+Labels:       <none>
+Annotations:  <none>
+API Version:  metallb.io/v1alpha1
+Kind:         AddressPool
+Metadata:
+  ...
+Spec:
+  Addresses:
+    203.0.113.1-203.0.113.10
+    203.0.113.65-203.0.113.75
+  Auto Assign:  true
+  Protocol:     layer2
+Events:         <none>
+----
+
+Confirm that the address pool name, such as `doc-example`, and the IP address ranges appear in the output.

modules/nw-metallb-configure-address-pool.adoc

@@ -0,0 +1,72 @@
+[id="nw-metallb-configure-svc_{context}"]
+= Configuring a service with MetalLB
+
+You can configure a load-balancing service to use an external IP address from an address pool.
+
+.Prerequisites
+
+* Install the OpenShift CLI (`oc`).
+
+* Install the MetalLB Operator and start MetalLB.
+
+* Configure at least one address pool.
+
+* Configure your network to route traffic from the clients to the host network for the cluster.
+
+.Procedure
+
+. Create a `<service_name>.yaml` file. In the file, ensure that the `spec.type` field is set to `LoadBalancer`.
++
+Refer to the examples for information about how to request the external IP address that MetalLB assigns to the service.
+
+. Create the service:
++
+[source,terminal]
+----
+$ oc apply -f <service_name>.yaml
+----
++
+.Example output
+[source,terminal]
+----
+service/<service_name> created
+----
+
+.Verification
+
+* Describe the service:
++
+[source,terminal]
+----
+$ oc describe service <service_name>
+----
++
+.Example output
+----
+Name:                     <service_name>
+Namespace:                default
+Labels:                   <none>
+Annotations:              metallb.universe.tf/address-pool: doc-example  <.>
+Selector:                 app=service_name
+Type:                     LoadBalancer  <.>
+IP Family Policy:         SingleStack
+IP Families:              IPv4
+IP:                       10.105.237.254
+IPs:                      10.105.237.254
+LoadBalancer Ingress:     192.168.100.5  <.>
+Port:                     <unset>  80/TCP
+TargetPort:               8080/TCP
+NodePort:                 <unset>  30550/TCP
+Endpoints:                10.244.0.50:8080
+Session Affinity:         None
+External Traffic Policy:  Cluster
+Events:  <.>
+  Type    Reason        Age                From             Message
+  ----    ------        ----               ----             -------
+  Normal  nodeAssigned  32m (x2 over 32m)  metallb-speaker  announcing from node "<node_name>"
+----
+<.> The annotation is present if you request an IP address from a specific pool.
+<.> The service type must indicate `LoadBalancer`.
+<.> The load-balancer ingress field indicates the external IP address if the service is assigned correctly.
+<.> The events field indicates the node name that is assigned to announce the external IP address.
+If you experience an error, the events field indicates the reason for the error.

modules/nw-metallb-configure-svc.adoc

@@ -0,0 +1,61 @@
+[id="nw-metallb-example-addresspool_{context}"]
+= Example address pool configurations
+
+== Example: IPv4 and CIDR ranges
+
+You can specify a range of IP addresses in CIDR notation.
+You can combine CIDR notation with the notation that uses a hyphen to separate lower and upper bounds.
+
+[source,yaml]
+----
+apiVersion: metallb.io/v1beta1
+kind: AddressPool
+metadata:
+  name: doc-example-cidr
+  namespace: metallb-system
+spec:
+  protocol: layer2
+  addresses:
+  - 192.168.100.0/24
+  - 192.168.200.0/24
+  - 192.168.255.1-192.168.255.5
+----
+
+== Example: Reserve IP addresses
+
+You can set the `autoAssign` field to `false` to prevent MetalLB from automatically assigning the IP addresses from the pool.
+When you add a service, you can request a specific IP address from the pool or you can specify the pool name in an annotation to request any IP address from the pool.
+
+
+[source,yaml]
+----
+apiVersion: metallb.io/v1beta1
+kind: AddressPool
+metadata:
+  name: doc-example-reserved
+  namespace: metallb-system
+spec:
+  protocol: layer2
+  addresses:
+  - 10.0.100.0/28
+  autoAssign: false
+----
+
+== Example: IPv6 address pool
+
+You can add address pools that use IPv6.
+The following example shows a single IPv6 range.
+However, you can specify multiple ranges in the `addresses` list, just like several IPv4 examples.
+
+[source,yaml]
+----
+apiVersion: metallb.io/v1beta1
+kind: AddressPool
+metadata:
+  name: doc-example-ipv6
+  namespace: metallb-system
+spec:
+  protocol: layer2
+  addresses:
+  - 2002:2:2::1-2002:2:2::100
+----

modules/nw-metallb-example-addresspool.adoc

@@ -0,0 +1,16 @@
+[id="nw-metallb-infra-considerations_{context}"]
+= Infrastructure considerations for MetalLB
+
+MetalLB is primarily useful for on-premise, bare metal installations because these installations do not include a native load-balancer capability.
+In addition to bare metal installations, installations of {product-title} on some infrastructures might not include a native load-balancer capability.
+For example, the following infrastructures might benefit from adding the MetalLB Operator:
+
+* Bare metal
+
+* VMware vSphere
+
+* {rh-virtualization-first}
+
+* {rh-openstack-first} when it is installed without Octavia
+
+MetalLB Operator and MetalLB are supported with the OpenShift SDN and OVN-Kubernetes network providers.