Update 14-03-2021
Metallb LoadBalancer IP 192.168.0.21
accessible from Cluster (Master/Nodes) Only.
root@C271-KUBE-NODE-0-04:~# curl -s -I -HHost:httpbin.example.com "http://192.168.0.21:80/status/200"
HTTP/1.1 200 OK
server: istio-envoy
date: Sun, 14 Mar 2021 17:32:36 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 0
x-envoy-upstream-service-time: 2
Issue
Trying to get istio working with metallb on Vmware ESXI.
Intalled MetalLb with helm install metallb bitnami/metallb -n metallb-system -f metallb-config.yaml
configInline:
address-pools:
- name: prod-k8s-pool
protocol: layer2
addresses:
- 192.168.0.21
Used https://istio.io/latest/docs/setup/install/helm/ to install istio.
helm install istio-base manifests/charts/base --set global.jwtPolicy=first-party-jwt -n istio-system
helm install istiod manifests/charts/istio-control/istio-discovery --set global.jwtPolicy=first-party-jwt -n istio-system
helm install istio-ingress manifests/charts/gateways/istio-ingress --set global.jwtPolicy=first-party-jwt -n istio-system
helm install istio-egress manifests/charts/gateways/istio-egress --set global.jwtPolicy=first-party-jwt -n istio-system
❯ k get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
httpbin LoadBalancer 10.104.32.168 <none> 8000:32483/TCP 16m
istio-egressgateway ClusterIP 10.107.11.137 <none> 80/TCP,443/TCP,15443/TCP 20m
istio-ingressgateway LoadBalancer 10.109.199.203 192.168.0.21 15021:32150/TCP,80:31977/TCP,443:30960/TCP,15012:30927/TCP,15443:31439/TCP 31m
istiod ClusterIP 10.96.10.193 <none> 15010/TCP,15012/TCP,443/TCP,15014/TCP 33m
At the same time, metallb controller logs say it allocated IP.
metallb-system/metallb-controller-64c58bc7c6-bks6m[metallb-controller]: {"caller":"service.go:114","event":"ipAllocated","ip":"192.168.0.21","msg":"IP address assigned by controller","s
ervice":"istio-system/istio-ingressgateway","ts":"2021-03-14T09:20:12.906308842Z"}
I am trying to install a simple sample HTTPBIN using https://istio.io/latest/docs/tasks/traffic-management/ingress/ingress-control/
kubectl apply -f <(istioctl kube-inject -f samples/httpbin/httpbin.yaml)
$ kubectl apply -f - <<EOF
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: httpbin-gateway
spec:
selector:
istio: ingressgateway # use Istio default gateway implementation
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "httpbin.example.com"
EOF
kubectl apply -f - <<EOF
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: httpbin
spec:
hosts:
- "httpbin.example.com"
gateways:
- httpbin-gateway
http:
- match:
- uri:
prefix: /status
- uri:
prefix: /delay
route:
- destination:
port:
number: 8000
host: httpbin
EOF
But the IP 192.168.0.21
never resolves. From other machines in the same network.
curl -s -I -HHost:httpbin.example.com "http://192.168.0.21:80/status/200"
I tried Nginx-ingress installation with
spec:
type: LoadBalancer
loadBalancerIP: 192.168.0.21
that is working fine, Can anybody guide how istio will work with bare metal metallb.