Load Balancing

OneKE includes the following load balancing components:

• Cilium
• MetalLB

Cilium

When ONEAPP_K8S_CNI_PLUGIN is set to "cilium" and ONEAPP_K8S_CILIUM_RANGE is specified (for example 172.20.0.240/28), then OneKE should be capable of deploying LoadBalancer services (without MetalLB). Fore more information on using BGP load balancers in Cilium please refer to the official documentation.

MetalLB

---
apiVersion: v1
kind: Namespace
metadata:
  name: metallb-system
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
  name: one-metallb
  namespace: kube-system
spec:
  targetNamespace: metallb-system
  chartContent: <BASE64 OF A METALLB HELM CHART TGZ FILE>
  valuesContent: |
    controller:
      image:
        pullPolicy: IfNotPresent
    speaker:
      image:
        pullPolicy: IfNotPresent

• A dedicated namespace metallb-system is provided.
• Image Pull Policy is optimized for airgapped deployments.
• Precreated CRD configuration objects are provided (managed by RKE2 with Helm Integration installed in /var/lib/rancher/rke2/server/manifests/one-metallb-config.yaml). For information on MetalLB use cases please refer to the official documentation on MetalLB's configuration.

[!IMPORTANT] To deploy MetalLB:

• Set ONEAPP_K8S_METALLB_ENABLED to "YES".

[!WARNING] MetalLB is not suitable for use in AWS Edge Clusters, since AWS VPC is API-oriented and doesn't fully support networking protocols such as ARP or BGP in a standard way. For more information please refer to the MetalLB's Cloud Compatibility.