I really appreciated how straightforward this tutorial was. I finally managed to understand how metallb and nginx ingress controller can work in tandem and can now expose my k8s cluster to some external traffic. Thank you!
Hi Morris, your video made my day! I was stuck for a long time on how a load balancer assigns an external IP to my ingress controller. Most youtube resources just briefly mentioned this flow but without showing an actual example like you did. Your diagrams are really helpful to explain how things fit together. A suggestion if you don't mind - if you can share the commands and files you used on github, it will help beginners like me a lot. Hope to see more videos from you.
Hi suntenslp3315, thanks for watching I am very glad you liked the video. Thanks for the suggestion too, and I will definitely make it a goal to do better documentation for the videos.
Thank you for this video, it has been very useful for me. I have been trying to configure Metallb in my Kubernetes cluster for more than 15 days and I needed to create the L2Advertisement. Without this video it would never have worked for me. Thank you very much for the help.
Thanks for the great content and explanation. I would have expected a lot more views and likes on your videos. Hopefully your channel will grow with time;))
Thank you! I've been stuck with the problem for a couple of days. Came out that I had no L2 Advertisement applied to my MetalLB. Worked like a charm! :)
dude you are really the first person to explain exactly what we need. Layed it all out perfectly, in nice detail and flow! Great job. First time see your vid. already subscribed and liked the video!
how can I apply this tutorial to a cluster deployed in ec2 instance....I can access deployed app as load balancer but I cannot access it using ingress...what Ip should I give to cloudflare dns...?
Thank you, i have pretty much everything working on my ubuntu VPS but I'm unable to access my application from my local PC using the IP provided by metallb
Great videos and animations! I wonder what software you used to do that! Changing topics... how did you manage to have access to the "172.20.0.120" (LoadBalancer IP) from your computer (in mine I couldn't reach this IP) ? Are you using MacBook or Linux?
Hi, I have pfsense router at home and K8S bare metal running on ubuntu with 2 master 2 worker setup.. I configured BGP on pfsense and I am hoping it's good, the logs are showing the assigned LoadBalancer IPs but somehow I can't resolve them on browser... I tried multiple times but something somewhere missing, any clue where should I be looking at? I have External IPs assigned correctly on get service output and on pfsense. It does show external ip in BGP logs that the next hop if worker nodes but when I put them in browser, it's bad gateway!!
nice video ! had quick question , you have mapped host to the ip (172.20.0.120) inside /etc/hosts . is this metal lb ip ? or server ip where metal lb installed ?
Great work I found this video after struggling with this stuff for a few weeks to create a testing environment. This would have saved me so much time. I am sharing this with my team to get them update to speed.
Just started learning Kubernetes and this is the most clear/concise explanation on services I've seen. Thanks for helping me get MetalLB running in my local test cluster. Great content Morris!
Wonderful video! Thank you! I do have one question. Everything works great, but I am not clear on how I would be able to reach my services from a public URL or IP address. Without using an ingress and metallb, I would use nodeport. However, I am not seeing where or how to expose the ingress to internet connections. Any guidance would be most appreciated.
Hi, thanks for watching. You can use any IP address range with MetalLB even a publicly routable IP range as long as it is accessible on the node's ethernet segment. Another way to do it is to map an upstream public IP address range to the private range provisioned to MetalLB with port forwarding. This might require some extra configuration(probably through a custom mutating webhook admission controller) for the the public IP to show up as an externalIP on your LoadBalancer service.
Hi @@EngineeringWithMorris I converted my service to CluterIP but it has an external IP address assigned from creation which matches the external IP address of the service/ingress-nginx-controller LoadBalancer. Comparing with the video, the ingress for the web-app doesn't have an IPAddress assign, it shows up empty. Which one's correct? When I do a curl to my host it doesn't show up anything.
iam anticipating a high volume of incoming traffic to my Kubernetes cluster through Ingress controller, and iam worried about potential damage to cluster due to the heavy load. i want to scale, unfortunately i have no idea about what will i scale ? ingress or node or control plane ? ingress controller where will be run ? please reply this
This video makes it look so simple and I think I am really close but I am still having some trouble understanding this setup / it's not working on my small home cluster. I have 3 nodes, 1 control-plane and 2 rasp pi nodes. I followed all this same setup but nothing seems to be spinning up. For the IP pool, is that my home IP address or the IP address of the device on my network that is listening on ports 80,443? In my case only 1 device on my network has port forwarding setup for them (The control-plane node).
I am assuming you are able to reach your k8s cluster network, meaning you can ping either a control-plane node or a worker node from your machine. For example if your cluster network is 192.168.1.0/24 and your nodes use the range say from 192.168.1.10 - 192.168.1.20, then you should choose a metallb ip pool in the same network like say 192.168.1.30 - 192.168.1.50. Just ensure no other devices are using these reserved ips.
Hi, I mostly use 1.27 and later. I have done a couple of videos on cluster setup you can check out below: K3S Lightweight Kubernetes Cluster Kubernetes at Home with Kubespray and Ansible
Nice and crisp. I usually see training videos at 1.25 to 1.5 x speed. But As our freind Morris is so fast, this is the first time I slowed the video to .75 x😂. Solution worked for me
Great explanation but you should clearly state that this isn’t a production deployment plus metal lb shouldn’t be used in cloud but instead to be only leveraged in local or bare metal , unless I am mistaken. Please correct me
You are correct, the setup is for virtualisation environments where there are no cloud like load balancers to be leveraged like we have in AWS or GCP. For such virtualisation environments like Proxmox or VSphere MetalLB is a great solution and works perfectly well with home lab and production size clusters alike.
Nice video. Please i'd like to ask a question. please how do we come about those range of IP addresses? i reckon public IP addresses are not free and that range could clash with some existing public IP somewhere. Thnx
Exemplary work here - I've been trying to get a grasp on the k8s network ecosystem from the bare metal perspective for a couple of hours and this has been the best single resource.
Confusing - Does MetalLB load-balance across multiple nodes OR multiple services? If i have 5 raspberry Pis running Service#1 of type load balancer, does metalLB load balance across nodes?
Great explanation of the relationship between nginx and ingress! Previously I'd missed the point that needed to set the service back to clusterip. Am I right in thinking nginx is implicitly using metallb? I've been struggling to conceptualise that after reading the documentation.
Hi Alexander, thanks for watching. It is not absolutely necessary to revert the web app's service back to type ClusterIP in order for the web app to use NGINX Ingress. In such a scenario, access to the web app will be facilitated both through the external IP address(assigned by MetalLB) and the domain name which is pointing to NGINX Ingress' own LoadBalancer service external IP(also assigned by MetalLB). The reason for reverting back to ClusterIP is to conserve external IPs by freeing up the one used up by the web app.
thanks for the video Morris. I have a doubt - i see external Ip is assigned to the load balancer. but when i curl-ed it, it doesn't reach. how should i troubleshoot this?
I followed the tutorial but I cannot reach the external IP using curl. Should I change any dhcp settings in my router? I am using minikube to get the cluster running and the external IP is in the subnet of the cluster IP as well
If your nodes have static ips, can't you attach external HaProxy load balancer instead of all this? .. where all Haproxy sends traffic to either node at say port 31111 (where you have the ingress-controller running)? Is this is a much simpler solution than metallb?
Everything worked beautifully until I changed the deployment.yml file to remove the "Type: LoadBalancer" off. Now it won't connect to my container. I guess I'll have to plan around that limitation on my setup (RKE2). Thanks!
When I attempt to access the `web-app` using the assigned IP address with `curl 120.0.20.120`, the process hangs and timeouts. Does one need to update the /etc/hosts file here?
Hi Morris, thanks for efforts in creating this tutorial. Would it be possible to show the same using CSP LB (AWS/AZure) to work with NGINX Ingress Controller in Kubernetes for any K8s running as Services (EKS/AKS) or K8s running on EC2 or nodes on CSP. Thanks in advance.
Hi Morris, I just wanted to say my sincere thank you for your outstanding tutorial -- it's saved me a lot of time and helped me better understand cluster networking. I appreciate your calm and evenly-paced dictation and I'll certainly stay tuned for more. I've now deployed metallb on my home cluster and honestly I'm just happy to stop port-forwarding every little service!
Hi thanks a lot. I am not entirely sure as I have not yet tested it in such an environment. One thing to keep in mind though is that with this configuration mode MetalLB is working in Layer 2 mode and is doing a lot of stuff with ARP, so if your environment does not support ARP that might be an issue. MetalLB does also have a Layer 3 Mode where it uses BGP which you might want to check out as well.
What happens if the node that was running the ingress controller pod goes down? You would need to change the host ip mapping to thew ip of the new node that runs the controller right? There should be a better way?
Hi, the MetalLB load balancer ips are not statically configured on any node, but are instead advertised out from an appropriate node. So in the event a node goes down the ip will simply be advertised through another node maintaining connectivity to your service. This is done automatically by MetalLB no need for manual intervention.
Hi Morris, thank you for the excellent video!! The first one that finally explains Load Balancer + Ingress nginx + example to test locally for Bare metal. I followed the same installation as you but I'm not able to curl my service. Since the installation and services are set up the same, I wonder if it could be the network add-on that I'm using (Calico) seems like it requires additional IPPool manifest to be applied. Could you please share the network add-on you're using, and if any additional configuration was required? Much appreciated!
Forgot to add additional information in my setup: 1 controller and 1 worker node (both set up in different computers) I'm using Kubernetes 1.28 Calico v3.25.0
Hi thanks for watching, I really appreciate the support. I am using Calico as well which I set up as part of the Kubernetes install(you can checkout my other videos on setting up Kubernetes). I do have a default ippool(kubectl get ippool) configured and if you don't perhaps that is where the problem is. So might want to create an ippool. You might also want to try setting the ExternalTrafficPolicy on your metallb services to Cluster
GitHub project with all the manifests and setup instructions is linked in the description.
Congratulations, your video summarize brilliantly concepts like Service Types, Load Balancer, Ingresses. Thank you, very useful.
Nice and crisp.
I usually see training videos at 1.25 to 1.5 x speed. But this is the first time I slowed the video to .75 x😂
Its the only video I got on youtube explaining this, Thank you But I had to play it in 0.5x
Thank you for making a clear and crisp video explaining a hard topic along with neat demos in 10 minutes
Outstanding overview that not only covers service types but load balancers and how to set up MetalLB. Thanks for making the video! 😊🙏
Glad you enjoyed it!
I really appreciated how straightforward this tutorial was. I finally managed to understand how metallb and nginx ingress controller can work in tandem and can now expose my k8s cluster to some external traffic. Thank you!
Great quality of video, sound, Excellent explanation. A little too fast sometimes for me to acquire knowledge. Superb material!
Dude, this video is a work of art. Seriously. Thank you. It really nails the explanation.
I appreciate you mate, thanks for watching.
Thanks Morris, super simple and complete explanation! Now I have a MetalLB installed on my bare-metal. Awesome 👏👏👏
An outstanding video. Your overview and detailed step thru is clear and thorough! Keep up the great work!
Thx man, this is the first video I found, that explained all the process from metallb setup to ingress configuration
Super simple and straight to the point. Incredibly clear. Well done!
Hi Morris, your video made my day! I was stuck for a long time on how a load balancer assigns an external IP to my ingress controller. Most youtube resources just briefly mentioned this flow but without showing an actual example like you did. Your diagrams are really helpful to explain how things fit together.
A suggestion if you don't mind - if you can share the commands and files you used on github, it will help beginners like me a lot.
Hope to see more videos from you.
Hi suntenslp3315, thanks for watching I am very glad you liked the video. Thanks for the suggestion too, and I will definitely make it a goal to do better documentation for the videos.
Same!!! Thank you Morris.
Thank you for this video, it has been very useful for me. I have been trying to configure Metallb in my Kubernetes cluster for more than 15 days and I needed to create the L2Advertisement. Without this video it would never have worked for me. Thank you very much for the help.
this was awesome, loved your neovim set up too
Thanks for the great content and explanation.
I would have expected a lot more views and likes on your videos.
Hopefully your channel will grow with time;))
Thanks for watching Oleg, fingers crossed mate.
I've been struggling with these concepts for a bit, this really helped make it click. Thanks!
Thank you! I've been stuck with the problem for a couple of days. Came out that I had no L2 Advertisement applied to my MetalLB. Worked like a charm! :)
This is the best kubernetes Load balancer and Ingress controllers explainer video I have seen
agree, simple and to the point
The first Ingress deploy that actually works... Thank you so much and keep up the good work.
dude you are really the first person to explain exactly what we need. Layed it all out perfectly, in nice detail and flow! Great job. First time see your vid. already subscribed and liked the video!
quite clear ! Thanks !
Very helpful! thank you!
A little question, how do you make the presentation?... Is dynamic, is cool!.
Hi, I use Adobe After Effects
Amazing explanation, thank you!
Glad you enjoyed it!
Great video are you using Linux box or windows vm?
Please help. I created the IP Pool and L2Advert. The pools all the nodes (masters and workers). Now my Kubernetes cluster is not accessible
how can I apply this tutorial to a cluster deployed in ec2 instance....I can access deployed app as load balancer but I cannot access it using ingress...what Ip should I give to cloudflare dns...?
Thank you, i have pretty much everything working on my ubuntu VPS but I'm unable to access my application from my local PC using the IP provided by metallb
Great videos and animations! I wonder what software you used to do that! Changing topics... how did you manage to have access to the "172.20.0.120" (LoadBalancer IP) from your computer (in mine I couldn't reach this IP) ? Are you using MacBook or Linux?
Hi, I have pfsense router at home and K8S bare metal running on ubuntu with 2 master 2 worker setup.. I configured BGP on pfsense and I am hoping it's good, the logs are showing the assigned LoadBalancer IPs but somehow I can't resolve them on browser... I tried multiple times but something somewhere missing, any clue where should I be looking at? I have External IPs assigned correctly on get service output and on pfsense. It does show external ip in BGP logs that the next hop if worker nodes but when I put them in browser, it's bad gateway!!
Is IPAddress pool is an available IP Range within my network?
So if i have network of 10.0.24.0/24, the IPAddress pool should be in this range?
nice video ! had quick question , you have mapped host to the ip (172.20.0.120) inside /etc/hosts . is this metal lb ip ? or server ip where metal lb installed ?
can we just install ingresscontroller straight without metallb ? cause the functionality kinda the same
Great work I found this video after struggling with this stuff for a few weeks to create a testing environment. This would have saved me so much time. I am sharing this with my team to get them update to speed.
Hi guys, I am looking for some clues. L2 is not working for me, curl with host ip and port works buy the ip assigned on for loadbalancer doesn’t
Thanks for the detailed steps!! My gratitude and appreciation to you!!
@EngineeringWithMorris what are you using for your presentation software? Its insane how great it flows with your conversation!
Hello! Thank you all works well but i have a problem! when i try to access the link via my browser it doesn't work any idea ??
Just started learning Kubernetes and this is the most clear/concise explanation on services I've seen. Thanks for helping me get MetalLB running in my local test cluster. Great content Morris!
Thanks a lot for watching, and for the positive feedback, I am glad it was helpful.
question, because there is ingress, should the load balancer pool need to be only one specific value? because all the other svc are using clusterIp
Morris this was a really useful tutorial, thanks a bunch!
Hours wasted until this video.
Thank you!
Wonderful video! Thank you! I do have one question. Everything works great, but I am not clear on how I would be able to reach my services from a public URL or IP address. Without using an ingress and metallb, I would use nodeport. However, I am not seeing where or how to expose the ingress to internet connections. Any guidance would be most appreciated.
Hi, thanks for watching. You can use any IP address range with MetalLB even a publicly routable IP range as long as it is accessible on the node's ethernet segment. Another way to do it is to map an upstream public IP address range to the private range provisioned to MetalLB with port forwarding. This might require some extra configuration(probably through a custom mutating webhook admission controller) for the the public IP to show up as an externalIP on your LoadBalancer service.
Thanks I will give it a try. @@EngineeringWithMorris
nice vid, congrats
Many thanks!
You saved me a lot of time!!!
How can I allow access only by domain and not by IP?
Hi, you need to set the service type to clusterIP, it will not be assigned a metallb IP. Then you can use ingress to access your service.
Hi @@EngineeringWithMorris I converted my service to CluterIP but it has an external IP address assigned from creation which matches the external IP address of the service/ingress-nginx-controller LoadBalancer. Comparing with the video, the ingress for the web-app doesn't have an IPAddress assign, it shows up empty. Which one's correct?
When I do a curl to my host it doesn't show up anything.
What if you want all services to share the same IP?
Thank you for your video! It helped a lot!!!
iam anticipating a high volume of incoming traffic to my Kubernetes cluster through Ingress controller, and iam worried about potential damage to cluster due to the heavy load. i want to scale, unfortunately i have no idea about what will i scale ? ingress or node or control plane ? ingress controller where will be run ? please reply this
Thank you!
This video is well done! Thank you for sharing.
when you want to acces with url not curl you need bgp protocol !!
Excelent explanation about loadbalancer and metallb!
This video makes it look so simple and I think I am really close but I am still having some trouble understanding this setup / it's not working on my small home cluster. I have 3 nodes, 1 control-plane and 2 rasp pi nodes. I followed all this same setup but nothing seems to be spinning up. For the IP pool, is that my home IP address or the IP address of the device on my network that is listening on ports 80,443? In my case only 1 device on my network has port forwarding setup for them (The control-plane node).
I am assuming you are able to reach your k8s cluster network, meaning you can ping either a control-plane node or a worker node from your machine. For example if your cluster network is 192.168.1.0/24 and your nodes use the range say from 192.168.1.10 - 192.168.1.20, then you should choose a metallb ip pool in the same network like say 192.168.1.30 - 192.168.1.50. Just ensure no other devices are using these reserved ips.
very good!
Great content! Subscribed.
Thank you, but you go too fast for me
Hi which cluster version your have used
Have you created your cluster with kubeadm then please share your config
Hi, I mostly use 1.27 and later. I have done a couple of videos on cluster setup you can check out below:
K3S Lightweight Kubernetes Cluster
Kubernetes at Home with Kubespray and Ansible
Nice and crisp.
I usually see training videos at 1.25 to 1.5 x speed. But As our freind Morris is so fast, this is the first time I slowed the video to .75 x😂. Solution worked for me
you have such nice content, but instead of explaining everything, you are just reading like a newsreader :-( Why are you rushing?
Great explanation but you should clearly state that this isn’t a production deployment plus metal lb shouldn’t be used in cloud but instead to be only leveraged in local or bare metal , unless I am mistaken. Please correct me
You are correct, the setup is for virtualisation environments where there are no cloud like load balancers to be leveraged like we have in AWS or GCP. For such virtualisation environments like Proxmox or VSphere MetalLB is a great solution and works perfectly well with home lab and production size clusters alike.
Nice video. Please i'd like to ask a question. please how do we come about those range of IP addresses? i reckon public IP addresses are not free and that range could clash with some existing public IP somewhere. Thnx
Exemplary work here - I've been trying to get a grasp on the k8s network ecosystem from the bare metal perspective for a couple of hours and this has been the best single resource.
I skipped over this the first time, when I came back and stayed with it I learned a bit, thanks!
Confusing - Does MetalLB load-balance across multiple nodes OR multiple services? If i have 5 raspberry Pis running Service#1 of type load balancer, does metalLB load balance across nodes?
thanks bro
Great explanation of the relationship between nginx and ingress! Previously I'd missed the point that needed to set the service back to clusterip. Am I right in thinking nginx is implicitly using metallb? I've been struggling to conceptualise that after reading the documentation.
Hi Alexander, thanks for watching. It is not absolutely necessary to revert the web app's service back to type ClusterIP in order for the web app to use NGINX Ingress. In such a scenario, access to the web app will be facilitated both through the external IP address(assigned by MetalLB) and the domain name which is pointing to NGINX Ingress' own LoadBalancer service external IP(also assigned by MetalLB). The reason for reverting back to ClusterIP is to conserve external IPs by freeing up the one used up by the web app.
@@EngineeringWithMorris thanks for the fast response and clarification!
thanks for the video Morris.
I have a doubt - i see external Ip is assigned to the load balancer. but when i curl-ed it, it doesn't reach. how should i troubleshoot this?
great video mate
I followed the tutorial but I cannot reach the external IP using curl. Should I change any dhcp settings in my router? I am using minikube to get the cluster running and the external IP is in the subnet of the cluster IP as well
Nice, calm and concise explanation. I've been searching this for a whole day. Thank you.
Possible use only IP for multiples pods, see external? Nodeport no work Fine for redirect
Thank you
If your nodes have static ips, can't you attach external HaProxy load balancer instead of all this? .. where all Haproxy sends traffic to either node at say port 31111 (where you have the ingress-controller running)? Is this is a much simpler solution than metallb?
Great video, helped when configuring Metallb & Ingress Nginx Controller. I wish there were more such detailed video tutorials
sir what version of kubernetes are you using? 1.28?
Great explanation. Just subbed!
Clear explanation and good tutorial, actually works!
I was having a nightmare trying to find a video that explained what I was trying to do - this nailed it
Thank you
Everything worked beautifully until I changed the deployment.yml file to remove the "Type: LoadBalancer" off. Now it won't connect to my container. I guess I'll have to plan around that limitation on my setup (RKE2). Thanks!
Hi, could be that RKE2 does not like it when you switch a service from type LB to clusterIP. You could try deleting the service and recreating it.
You explain the contents so simply and understandably that it is impossible not to learn.
Thanks bro.
When I attempt to access the `web-app` using the assigned IP address with `curl 120.0.20.120`, the process hangs and timeouts. Does one need to update the /etc/hosts file here?
Nice job in explaining concept and getting started in a very clear and crisp manner.👍
This video was SUPER helpful for me. Thanks, man!
Hi Morris, thanks for efforts in creating this tutorial. Would it be possible to show the same using CSP LB (AWS/AZure) to work with NGINX Ingress Controller in Kubernetes for any K8s running as Services (EKS/AKS) or K8s running on EC2 or nodes on CSP. Thanks in advance.
Hi, thanks for watching. I definitely do have some videos on cloud Kubernetes planned soon. Watch this space.
Wow, It's amazing, bro! Спасибо, теперь я понял, что я делал не правильно, и понял как надо!
Hi Morris, I just wanted to say my sincere thank you for your outstanding tutorial -- it's saved me a lot of time and helped me better understand cluster networking. I appreciate your calm and evenly-paced dictation and I'll certainly stay tuned for more.
I've now deployed metallb on my home cluster and honestly I'm just happy to stop port-forwarding every little service!
Thanks a lot, glad you liked it.
Great explantion Morris. Will metalLB work in a hyper-scaler environment. And what if I need to have support for SCTP
Hi thanks a lot. I am not entirely sure as I have not yet tested it in such an environment. One thing to keep in mind though is that with this configuration mode MetalLB is working in Layer 2 mode and is doing a lot of stuff with ARP, so if your environment does not support ARP that might be an issue. MetalLB does also have a Layer 3 Mode where it uses BGP which you might want to check out as well.
I have been blessed with this video. Wow! Thanks a lot.
Thank you very much 🎉
You're welcome 😊
Thank you. it was best video.
Great explanation .. Thanks
great tutorial!
but how do i get access the app outside the server ?
What happens if the node that was running the ingress controller pod goes down? You would need to change the host ip mapping to thew ip of the new node that runs the controller right?
There should be a better way?
Hi, the MetalLB load balancer ips are not statically configured on any node, but are instead advertised out from an appropriate node. So in the event a node goes down the ip will simply be advertised through another node maintaining connectivity to your service. This is done automatically by MetalLB no need for manual intervention.
Nice video! Very informative.
I need help! will it work on kubernetes version 1.30.x ? please anyone knows?
great job man! you made my day
Hi Morris, thank you for the excellent video!! The first one that finally explains Load Balancer + Ingress nginx + example to test locally for Bare metal. I followed the same installation as you but I'm not able to curl my service. Since the installation and services are set up the same, I wonder if it could be the network add-on that I'm using (Calico) seems like it requires additional IPPool manifest to be applied. Could you please share the network add-on you're using, and if any additional configuration was required? Much appreciated!
Forgot to add additional information in my setup:
1 controller and 1 worker node (both set up in different computers)
I'm using Kubernetes 1.28
Calico v3.25.0
Hi thanks for watching, I really appreciate the support. I am using Calico as well which I set up as part of the Kubernetes install(you can checkout my other videos on setting up Kubernetes). I do have a default ippool(kubectl get ippool) configured and if you don't perhaps that is where the problem is. So might want to create an ippool. You might also want to try setting the ExternalTrafficPolicy on your metallb services to Cluster
Hello Moris !
Thank for you video !
Can we know how to do those animations please ? we are doing content creation too and we really love your style
Hi Tech-Ness, thanks for watching. I use Adobe After Effects for the animations.
Awesome, brother! Please keep on sharing! Love your accent!
Thanks a lot for watching mate. Will keep them coming.