MetalLB - Mind Palace

**MetalLB** is a load balancer implementation for bare metal [[Kubernetes]] clusters. Kubernetes' `LoadBalancer` service type is typically implemented by the cloud provider (AWS ELB, GCP LB) — when running on bare metal, without MetalLB, LoadBalancer services are stuck in `<pending>` forever. MetalLB fixes this. --- ### First Principle: Bare metal Kubernetes shouldn't be a second-class citizen. LoadBalancer services should work the same way everywhere. In a cloud-provider environment, creating a `Service` of type `LoadBalancer` triggers the cloud provider to provision an external load balancer and assign a public IP. On bare metal, there's no cloud provider. MetalLB fills this gap by assigning IP addresses from a configured pool and announcing them to the network via BGP or ARP. --- ### Key Considerations - **IP Address Pools**: MetalLB manages a pool of IP addresses. When a `LoadBalancer` service is created, MetalLB assigns an available IP from the pool and announces it. - **BGP Mode**: MetalLB peers with BGP routers ([[FRRouting (FRR)]] on [[SONiC]] switches) and advertises service IPs via BGP. This provides ECMP load balancing — multiple nodes can be next-hops for the same IP. The most scalable mode. - **L2 Mode**: MetalLB uses ARP (IPv4) or NDP (IPv6) to announce IPs. Simpler to configure — no BGP setup required. Works in any L2 network but doesn't support ECMP. - **FRR Backend**: MetalLB supports using [[FRRouting (FRR)]] as its BGP implementation — providing richer BGP capabilities (BFD, route policies, communities). - **[[Cilium]] Integration**: Cilium can replace MetalLB using its own BGP implementation and LB-IPAM feature — fewer moving parts in eBPF-native deployments. --- ### How It Fits ``` [[Kubernetes]] LoadBalancer service created → MetalLB (assigns IP from pool, announces via BGP) → [[FRRouting (FRR)]] on [[SONiC]] switches (learns route via BGP) → External traffic arrives at service IP → [[HAProxy]] / [[Traefik]] (ingress layer above MetalLB) ``` [[Kubernetes]] | [[HAProxy]] | [[Traefik]] | [[FRRouting (FRR)]] | [[Cilium]] | [[Open Source Hyperscaler MoC]]