search

rancher / rke2

https://docs.rke2.io/
Apache License 2.0
1.56k stars 268 forks source link

Add built-in support for kube-vip #4976

Open cl-rf opened 1 year ago

cl-rf commented 1 year ago

I would like for rke2 to support kube-vip natively during provisioning. There are ways to do this manually using the following gist:

https://gist.github.com/bgulla/7a6a72bdc5df6febb1e22dbc32f0ca4f

Ideally, there would be a an option in the config.yaml like "bind-vip-address=" where if this was set, the helm chart would be installed and configured. This would allow setting up a HA cluster without needing to setup external hardware/software load balancers and would just be highly available out of the box.

brandond commented 1 year ago

You can already enable k3s's ServiceLB if you need a basic load-balancer controller. I know that's not quite the same as what you'd get from kube-vip, but would it meet your needs?

brandond commented 1 year ago

Just to be clear, are you asking to have kube-vip or another LoadBalancer controller put in front of the RKE2 supervisor and apiserver to host a load-balanced virtual IP? Or do you just want a load-balancer controller available in your cluster?

cl-rf commented 12 months ago

I am asking for kube-vip or something similar to provide a built-in load balancer for the control nodes that does not require external resources. FIPS and STIG are the main factors for using rke2 vs k3s.

brandond commented 12 months ago

provide a built-in load balancer for the control nodes

Does this need to be a floating or load-balanced virtual IP, or are you referring to a Kubernetes LoadBalancer controller?

cl-rf commented 11 months ago

Floating IP. It is more for HA than balancing the traffic between the control nodes.

snivou commented 10 months ago

This can also solve the problem of downstream rke2 load balancing

https://github.com/rancher/rancher/issues/39021#issuecomment-1806697172

flrichar commented 9 months ago

The use-case for kube-vip is somewhat limited to onpremises (ie non-cloud native) environments. I use it myself and like it, however there's no recent helm chart, each manifest is unique and dependent on the environment. I can see this as a hurdle to adoption.

danieljkemp commented 4 months ago

I've been running a manually deployed kube-vip setup to provide a VIP for the apiserver via static pods (was using round-robin dns previously). Most (every) times the control plane server restarts the kube-vip pod isn't started properly, and a crictl on the node shows it as exited. Deleteing the dead pod and restarting rke2 fixes things.