1.PorterLB
    https://github.com/kubesphere/porter

    2,先要修改 kube-proxy
    kubectl edit configmap -n kube-system kube-proxy

    这里 strictARP: true

    ipvs:
    excludeCIDRs: null
    minSyncPeriod: 0s
    scheduler: “”
    strictARP: true
    syncPeriod: 30s
    kind: KubeProxyConfiguration

    我当时环境是是 canal 的cni(rancher 装的),找不到 这个,没关 这个

    3, 我的环境是 rancher
    rancher :10.10.10.104
    [root@node131 ~]# kubectl get nodes
    NAME STATUS ROLES AGE VERSION
    node131 Ready controlplane,etcd,worker 20h v1.19.4
    node132 Ready worker 20h v1.19.4
    [root@node131 ~]#

    4, 部署试验过程
    4.1 部署
    kubectl apply -f https://raw.githubusercontent.com/kubesphere/porter/master/deploy/porter.yaml
    (这里有时候遇到问题访问不了,,把yaml 拿下来)

    遇到问题
    [root@node132 ~]# kubectl get pod -A
    NAMESPACE NAME READY STATUS RESTARTS AGE
    cattle-system cattle-cluster-agent-55c6869d78-fgj66 1/1 Running 1 20h
    cattle-system cattle-node-agent-2nqbd 1/1 Running 0 20h
    cattle-system cattle-node-agent-gf924 1/1 Running 0 20h
    cattle-system kube-api-auth-7fd72 1/1 Running 0 20h
    。。。。。。
    porter-system porter-admission-create-jkb6v 0/1 Completed 0 75m
    porter-system porter-admission-patch-vswbm 0/1 Completed 0 75m
    porter-system porter-manager-767f557fbb-ttpd9 0/1 Pending 0 75m

    Describe了一下,说是 因为 没有可用的端口 不能调度,
    找了一下 RKE 上 缺省部署了 nginx ingress controller,导出yaml后 delete 了 daemonset yaml
    再部署PorterLB后 成功

    (有时候会遇见镜像拉不下来的问题)

    保存的 nginx-ingress-controller.yaml
    apiVersion: apps/v1
    kind: DaemonSet
    metadata:
    annotations:
    deprecated.daemonset.template.generation: “1”
    field.cattle.io/publicEndpoints: ‘[{“nodeName”:”c-cggxv:m-076aa8983113”,”addresses”:[“10.10.10.131”],”port”:80,”protocol”:”TCP”,”podName”:”ingress-nginx:nginx-ingress-controller-nq2gd”,”allNodes”:false},{“nodeName”:”c-cggxv:m-076aa8983113”,”addresses”:[“10.10.10.131”],”port”:443,”protocol”:”TCP”,”podName”:”ingress-nginx:nginx-ingress-controller-nq2gd”,”allNodes”:false},{“nodeName”:”c-cggxv:m-2062e9e67fc2”,”addresses”:[“10.10.10.132”],”port”:80,”protocol”:”TCP”,”podName”:”ingress-nginx:nginx-ingress-controller-vfjvp”,”allNodes”:false},{“nodeName”:”c-cggxv:m-2062e9e67fc2”,”addresses”:[“10.10.10.132”],”port”:443,”protocol”:”TCP”,”podName”:”ingress-nginx:nginx-ingress-controller-vfjvp”,”allNodes”:false}]’
    kubectl.kubernetes.io/last-applied-configuration: |
    {“apiVersion”:”apps/v1”,”kind”:”DaemonSet”,”metadata”:{“annotations”:{},”name”:”nginx-ingress-controller”,”namespace”:”ingress-nginx”},”spec”:{“selector”:{“matchLabels”:{“app”:”ingress-nginx”}},”template”:{“metadata”:{“annotations”:{“prometheus.io/port”:”10254”,”prometheus.io/scrape”:”true”},”labels”:{“app”:”ingress-nginx”}},”spec”:{“affinity”:{“nodeAffinity”:{“requiredDuringSchedulingIgnoredDuringExecution”:{“nodeSelectorTerms”:[{“matchExpressions”:[{“key”:”beta.kubernetes.io/os”,”operator”:”NotIn”,”values”:[“windows”]},{“key”:”node-role.kubernetes.io/worker”,”operator”:”Exists”}]}]}}},”containers”:[{“args”:[“/nginx-ingress-controller”,”—default-backend-service=$(POD_NAMESPACE)/default-http-backend”,”—configmap=$(POD_NAMESPACE)/nginx-configuration”,”—election-id=ingress-controller-leader”,”—ingress-class=nginx”,”—tcp-services-configmap=$(POD_NAMESPACE)/tcp-services”,”—udp-services-configmap=$(POD_NAMESPACE)/udp-services”,”—annotations-prefix=nginx.ingress.kubernetes.io”],”env”:[{“name”:”POD_NAME”,”valueFrom”:{“fieldRef”:{“fieldPath”:”metadata.name”}}},{“name”:”POD_NAMESPACE”,”valueFrom”:{“fieldRef”:{“fieldPath”:”metadata.namespace”}}}],”image”:”rancher/nginx-ingress-controller:nginx-0.35.0-rancher2”,”livenessProbe”:{“failureThreshold”:3,”httpGet”:{“path”:”/healthz”,”port”:10254,”scheme”:”HTTP”},”initialDelaySeconds”:10,”periodSeconds”:10,”successThreshold”:1,”timeoutSeconds”:1},”name”:”nginx-ingress-controller”,”ports”:[{“containerPort”:80,”name”:”http”},{“containerPort”:443,”name”:”https”}],”readinessProbe”:{“failureThreshold”:3,”httpGet”:{“path”:”/healthz”,”port”:10254,”scheme”:”HTTP”},”initialDelaySeconds”:10,”periodSeconds”:10,”successThreshold”:1,”timeoutSeconds”:1},”securityContext”:{“capabilities”:{“add”:[“NET_BIND_SERVICE”],”drop”:[“ALL”]},”runAsUser”:101}}],”hostNetwork”:true,”serviceAccountName”:”nginx-ingress-serviceaccount”,”terminationGracePeriodSeconds”:60,”tolerations”:[{“effect”:”NoExecute”,”operator”:”Exists”},{“effect”:”NoSchedule”,”operator”:”Exists”}]}},”updateStrategy”:{“rollingUpdate”:{“maxUnavailable”:1},”type”:”RollingUpdate”}}}
    creationTimestamp: “2020-12-04T07:57:32Z”
    generation: 1
    managedFields:
    - apiVersion: apps/v1
    fieldsType: FieldsV1
    fieldsV1:

    porter-system porter-admission-create-jkb6v 0/1 Completed 0 75m
    porter-system porter-admission-patch-vswbm 0/1 Completed 0 75m
    porter-system porter-manager-767f557fbb-ttpd9 1/1 Running 0 75m

    4, 创建EIP

    kubectl apply -f - <apiVersion: network.kubesphere.io/v1alpha2
    kind: Eip
    metadata:
    name: eip-sample-layer2
    spec:
    address: 10.10.10.150-10.10.10.155
    interface: ens33
    protocol: layer2
    EOF

    5,创建样例 服务
    kubectl apply -f - <kind: Service
    apiVersion: v1
    metadata:
    name: mylbapp1-svc-layer2
    annotations:
    lb.kubesphere.io/v1alpha1: porter
    protocol.porter.kubesphere.io/v1alpha1: layer2
    spec:
    selector:
    app: mylbapp1
    type: LoadBalancer
    ports:
    - name: http
    port: 8088
    targetPort: 80
    —-
    apiVersion: apps/v1
    kind: Deployment
    metadata:
    labels:
    app: mylbapp1
    name: mylbapp1
    spec:
    replicas: 2
    selector:
    matchLabels:
    app: mylbapp1
    template:
    metadata:
    labels:
    app: mylbapp1
    spec:
    containers:
    - image: nginx:alpine
    name: nginx
    ports:
    - containerPort: 80
    EOF

    期间,因为地址和网卡名的问题 创建出来,后面 不成功
    我的环境是vmware workstation
    网卡 是nat, 我理解 需要分配IP的地址的话,应该 可以分配出来。
    (我之前在我公司试验环境,eip 创建出来,但没办法正确访问)

    公司试验环境:
    kubectl get svc
    NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
    csi-metrics-cephfsplugin ClusterIP 10.100.143.98 8080/TCP 73d
    kubernetes ClusterIP 10.96.0.1 443/TCP 73d
    mylbapp1-svc-layer2 LoadBalancer 10.109.150.94 10.120.13.253 8088:31959/TCP 20s
    [root@node-10-120-13-236 ~]# ping 10.120.13.253
    PING 10.120.13.253 (10.120.13.253) 56(84) bytes of data.
    From 10.120.13.236 icmp_seq=1 Destination Host Unreachable
    From 10.120.13.236 icmp_seq=2 Destination Host Unreachable
    From 10.120.13.236 icmp_seq=3 Destination Host Unreachable
    From 10.120.13.236 icmp_seq=4 Destination Host Unreachable
    ^C
    —- 10.120.13.253 ping statistics —-
    5 packets transmitted, 0 received, +4 errors, 100% packet loss, time 4000ms
    pipe 4
    [root@node-10-120-13-236 ~]# kubectl get eip
    NAME CIDR USAGE TOTAL
    eip-sample-layer2 10.120.13.253-10.120.13.254 1 2
    [root@node-10-120-13-236 ~]# kubectl get svc
    NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
    csi-metrics-cephfsplugin ClusterIP 10.100.143.98 8080/TCP 73d
    kubernetes ClusterIP 10.96.0.1 443/TCP 73d
    mylbapp1-svc-layer2 LoadBalancer 10.109.150.94 10.120.13.253 8088:31959/TCP 20s
    [root@node-10-120-13-236 ~]# ping 10.120.13.253
    PING 10.120.13.253 (10.120.13.253) 56(84) bytes of data.
    From 10.120.13.236 icmp_seq=1 Destination Host Unreachable
    From 10.120.13.236 icmp_seq=2 Destination Host Unreachable
    From 10.120.13.236 icmp_seq=3 Destination Host Unreachable
    From 10.120.13.236 icmp_seq=4 Destination Host Unreachable

    6, 在自己虚机环境部署样例service后,分别用LB和 Node Port 访问 服务。
    kubectl get svc
    NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
    kubernetes ClusterIP 10.43.0.1 443/TCP 19h
    mylbapp-svc-layer2 LoadBalancer 10.43.70.164 10.10.10.150 8088:30824/TCP 11s
    [root@node131 ~]# ping 10.10.10.150
    PING 10.10.10.150 (10.10.10.150) 56(84) bytes of data.
    From 10.10.10.132 icmp_seq=2 Redirect Host(New nexthop: 10.10.10.150)
    From 10.10.10.132: icmp_seq=2 Redirect Host(New nexthop: 10.10.10.150)
    From 10.10.10.132 icmp_seq=3 Redirect Host(New nexthop: 10.10.10.150)
    From 10.10.10.132: icmp_seq=3 Redirect Host(New nexthop: 10.10.10.150)
    From 10.10.10.132 icmp_seq=4 Redirect Host(New nexthop: 10.10.10.150)
    From 10.10.10.132: icmp_seq=4 Redirect Host(New nexthop: 10.10.10.150)

    — 10.10.10.150 ping statistics —
    5 packets transmitted, 0 received, +3 errors, 100% packet loss, time 4000ms
    [root@node131 ~]# curl 10.10.10.150:8088
    <!DOCTYPE html>






    Welcome to nginx!


    If you see this page, the nginx web server is successfully installed and
    working. Further configuration is required.


    For online documentation and support please refer to
    nginx.org.

    Commercial support is available at
    nginx.com./p](http://nginx.com/%22%3Enginx.com%3C/a%3E.%3C/p)

    Thank you for using nginx.




    OK,完成。

    route -n 看 路由并没有改变
    Kernel IP routing table
    Destination Gateway Genmask Flags Metric Ref Use Iface
    0.0.0.0 10.10.10.2 0.0.0.0 UG 100 0 0 ens33
    10.10.10.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
    10.42.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 calibb6fefeda5c
    10.42.0.3 0.0.0.0 255.255.255.255 UH 0 0 0 calie6f5c3abb1a
    10.42.0.4 0.0.0.0 255.255.255.255 UH 0 0 0 calic6360b25fb0
    10.42.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 cali5b36a61b6bd
    10.42.0.6 0.0.0.0 255.255.255.255 UH 0 0 0 calib2aaf7900bb
    10.42.0.7 0.0.0.0 255.255.255.255 UH 0 0 0 cali0fdcfe725ce
    10.42.0.18 0.0.0.0 255.255.255.255 UH 0 0 0 cali1bc9ace0e9b
    10.42.1.0 10.42.1.0 255.255.255.0 UG 0 0 0 flannel.1
    172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0

    问题,不太懂
    ping 10.10.10.150
    PING 10.10.10.150 (10.10.10.150) 56(84) bytes of data.
    From 10.10.10.132 icmp_seq=2 Redirect Host(New nexthop: 10.10.10.150)

    1月28日在ubuntu BGP的集群上试验 结果如下,不知道为啥没有 Redirect Host(New nexthop: 10.10.10.150)