MetalLB

Overview

MetalLB is a load-balancer implementation for on-prem Kubernetes clusters, using standard routing protocols. It allows you to expose services in your Kubernetes cluster to external clients by assigning them external IP addresses.

Use Case

In this guide, we will configure MetalLB to assign the IP address 127.0.0.1 to the external Ingress NGINX load balancer service. ExternalDNS will then create the appropriate DNS records for your public domains in your public DNS provider automatically. This setup can be extended to more complex scenarios in on-prem Kubernetes clusters.

Configure MetalLB

Create the IPAddressPool and L2Advertisement resources to assign the IP address 127.0.0.1:

# IPAddressPool.yaml
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
  name: first-pool
spec:
  addresses:
  - 127.0.0.1-127.0.0.1

# L2Advertisement.yaml
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
  name: l2-advert
spec:
  ipAddressPools:
  - first-pool

These files already exist in the repository at templates/metallb/templates

With this setup, MetalLB assigns the IP address 127.0.0.1 to the external Ingress NGINX load balancer service, and ExternalDNS automatically creates the appropriate DNS records for your public domains in your public DNS provider. This configuration can be extended to more complex scenarios in on-prem Kubernetes clusters.

It is also possible to set the external IP address of the ingress nginx service by using the helm chart value: controller.service.loadBalancerIP

ArgoCD Image Updater

ArgoCD Image Updater automates updating container images in Kubernetes applications managed by ArgoCD. It detects new image versions and updates Kubernetes manifests, ensuring applications run the latest versions. This is especially useful in dynamic development environments with frequent updates.

Team Setup

Manage Kubernetes RBAC with the team-setup Helm chart using groups and users in `values.yaml`. Integrates with Keycloak for OIDC authentication.