I’m facing a little problem, actually we deploy the CDK with kubeapi-load-balancer charm, and one master node fall, but instead of reconfigure the worker to talk to another master, the worker continue to talk with the fallen master node, and the worker node becomming NotReady,
If I have well understood, the master IP injected in kubelet config is randomly taken from the list of masters IP’s, so my question is, how to use a VIP instead of master IP ?
Need I develop a “dummy” charm that just inject the VIP ? Or do you see other solutions (adding an options in kubeapi-load-balancer,…) ?
I’m confused a bit by the situation. You say that you have a load balancer, but one of your masters went down and a worker couldn’t talk to it anymore. Your workers shouldn’t be directly talking to the master if you have a load balancer. They should go through that balancer, which will handle the masters and live checks there. As a test, I just deployed canonical-kubernetes and then deleted a master machine, added a new unit and then manually broke the other original master. Everything worked fine and I didn’t have any worker complain. I’m still able to talk to the apiserver consistently through the load balancer.
Can you explain your setup a little better? I agree that keepalived would be a good way to handle the single point of failure that is the load balancer. I am not sure if that is the question though.
Hi @tvansteenburgh thx for the link, I do not precised but I’m using ECMP for load balancing (actually my VIP is announced via BGP to top of rack routers) so I just need a way to configure a VIP already announced and load-balanced. But thanks, very useful
@knobby that’s the point, actually the kubelet daemons are poiting to a random master IP (this is behavior of the charm) and not my VIP. I looking for a proper way, to pass that VIP to Kubelet configuration. The keepalived charm would be the solution, but my routers already handle the loadbalancing.
Where do you see that happening though? All I see is the IP of the api load balancer being used. Do you know where this is being set?
As a random aside, have you seen metallb? I’m using that for a Kubernetes load balancer for bare metal and it is working well for me. It uses BGP to advertise IPs for services.
