update metallb to work for kube 1.35+

active/kubernetes_metallb/addresspool.yaml

@@ -2,18 +2,18 @@
 apiVersion: metallb.io/v1beta1
 kind: IPAddressPool
 metadata:
-  name: unifi-pool
+  name: default-pool
-  namespace: kube-system
+  namespace: metallb-system
 spec:
   addresses:
-    - 2603:6013:3140:105:10:5:0:10-2603:6013:3140:105:10:5:0:210
+    - 10.4.1.1-10.4.3.254
-    - 10.5.0.10-10.5.0.210
+
 ---
 apiVersion: metallb.io/v1beta1
 kind: L2Advertisement
 metadata:
   name: l2advertisement
-  namespace: kube-system
+  namespace: metallb-system
 spec:
   ipAddressPools:
-  - unifi-pool
+    - default-pool

active/kubernetes_metallb/metallb-test.yaml

@@ -0,0 +1,50 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ingress-nginx-demo-1
+  namespace: default
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: ingress-nginx-demo-1
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: ingress-nginx-demo-1
+    spec:
+      containers:
+        - name: httpd
+          image: httpd
+          ports:
+            - containerPort: 80
+              name: http
+          resources:
+            requests:
+              memory: "100Mi"
+              cpu: "1m"
+            limits:
+              memory: "256Mi"
+              cpu: "1"
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: ingress-nginx-demo-1
+  namespace: default
+  annotations:
+    metallb.universe.tf/address-pool: "default-pool"
+spec:
+  ipFamilyPolicy: PreferDualStack
+  ipFamilies:
+    - IPv4
+  type: LoadBalancer
+  ports:
+    - name: http
+      protocol: TCP
+      port: 8001
+      targetPort: 80
+  selector:
+    app.kubernetes.io/name: ingress-nginx-demo-1

active/kubernetes_metallb/metallb.md

@@ -0,0 +1,43 @@
+# Metal LB
+
+## Install
+
+```bash
+# Set a manual IP if you have a no-dhcp network
+nmcli connection modify "Wired connection 2" \
+ipv4.method manual \
+ipv4.gateway 10.4.0.1 \
+ipv4.addresses 10.4.0.3/22
+
+# Clear it if you have a dhcp network
+nmcli connection modify "Wired connection 2" \
+ipv4.addresses "" \
+ipv4.gateway "" \
+ipv4.method auto
+
+# Bring up the interface
+nmcli connection up "Wired connection 2"
+
+# Create the metallb namespace
+kubectl apply -f active/kubernetes_metallb/namespace.yaml
+
+# Install metallb
+helm repo add metallb https://metallb.github.io/metallb
+helm repo update
+helm upgrade --install metallb \
+--namespace metallb-system \
+metallb/metallb
+
+# Check that the pods installed correctly
+kubectl get pod -n metallb-system
+
+# Install the address pool
+# NOTE: Edit this to match your own allocated addresses!
+kubectl apply -f active/kubernetes_metallb/addresspool.yaml
+
+# Test that the service is working. This will spin up a web server on port 8001
+kubectl apply -f active/kubernetes_metallb/metallb-test.yaml
+
+# Delete the test
+kubectl delete -f active/kubernetes_metallb/metallb-test.yaml
+```

active/kubernetes_metallb/namespace.yaml

@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: metallb-system
+  labels:
+    pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/audit: privileged
+    pod-security.kubernetes.io/warn: privileged