{"id":13839339,"url":"https://github.com/Mirantis/k8s-externalipcontroller","last_synced_at":"2025-07-11T03:32:00.924Z","repository":{"id":57492357,"uuid":"71359393","full_name":"Mirantis/k8s-externalipcontroller","owner":"Mirantis","description":"External IP controller is k8s application which is deployed on top of k8s cluster and which configures External IPs on k8s worker node(s) to provide IP connectivity.","archived":false,"fork":false,"pushed_at":"2020-02-26T12:06:27.000Z","size":514,"stargazers_count":78,"open_issues_count":15,"forks_count":24,"subscribers_count":18,"default_branch":"master","last_synced_at":"2024-11-16T19:11:40.457Z","etag":null,"topics":["externalipcontroller","golang","k8s-externalipcontroller","kubernetes"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Mirantis.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-10-19T13:20:45.000Z","updated_at":"2024-02-06T22:52:14.000Z","dependencies_parsed_at":"2022-09-01T21:03:12.729Z","dependency_job_id":null,"html_url":"https://github.com/Mirantis/k8s-externalipcontroller","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mirantis%2Fk8s-externalipcontroller","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mirantis%2Fk8s-externalipcontroller/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mirantis%2Fk8s-externalipcontroller/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Mirantis%2Fk8s-externalipcontroller/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Mirantis","download_url":"https://codeload.github.com/Mirantis/k8s-externalipcontroller/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225675073,"owners_count":17506273,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["externalipcontroller","golang","k8s-externalipcontroller","kubernetes"],"created_at":"2024-08-04T17:00:19.460Z","updated_at":"2024-11-21T04:30:34.897Z","avatar_url":"https://github.com/Mirantis.png","language":"Go","funding_links":[],"categories":["Operators vs Controllers","NetWork"],"sub_categories":["Networking"],"readme":"External IP Controller [![Build Status](https://travis-ci.org/Mirantis/k8s-externalipcontroller.svg?branch=master)](https://travis-ci.org/Mirantis/k8s-externalipcontroller)\n======================\n\n## Introduction\n\nOne of the possible ways to expose k8s services on a bare metal deployments is\nusing External IPs. Each node runs a kube-proxy process which programs `iptables`\nrules to trap requests to External IPs and redirect them to the correct backends.\n\nSo, in order to access k8s service from the outside, we just need to route public\ntraffic to one of the k8s worker nodes which have `kube-proxy` running and thus\nhave all the needed `iptables` rules for External IPs configured.\n\n## Proposed solution\n\nExternal IP Controller is a k8s application which is deployed on top of k8s\ncluster and which configures External IPs on k8s worker node(s) to provide\nIP connectivity.\n\n## Demo\n\n[![asciicast](https://asciinema.org/a/95449.png)](https://asciinema.org/a/95449)\n\nHow to run tests\n================\n\nInstall dependencies and prepare kubernetes dind cluster. It is supposed that\nGo v.1.7.x has been installed already.\n```\nmake get-deps\n```\n\nBuild necessary images and run tests.\n```\nmake test\n```\n\nUse ```make help``` to see all the options available.\n\nHow to start using this?\n========================\n\nBoth controller and scheduller operate on third party resources and require them \nto be created. Since kubernetes 1.7 most of the installations enable RBAC.\nFor this reason we need to grant our application correct permissions. For\ntesting envrionment you can use:\n```\nkubectl apply -f examples/auth.yaml\n```\n\nIn case you are using kubeadm dind environment - deploy claim controller and scheduller like this: \n```\nkubectl apply -f examples/claims/\n```\nFor any other environment you need to ensure that `--iface` option in \nexamples/claims/controller.yaml file is correct. This interface will be used for IP assignment.\n\nIf you want to use auto allocation from IP pool - you need to create atleast one such pool.\nWe provided an example in file `examples/ip-pool.yml`. It can be applied with kubectl after\nthird party resources will be created.\nWe are not resyncing services after pool was created, so please ensure that it is created\nbefore you will start requesting IPs.\n\nWe also have one basic example with nginx service and pods - `examples/nginx.yaml`. This example\ncreates deployment for nginx with single replica and service of type LoadBalancer.\n\nFor each service that require ip we will create ipclaim object. You can list all ipclaims with:\n```\nkubectl get ipclaims\n```\n\nNotes on CI and end-to-end tests\n================================\nIn tests we want to verify that IPs are reachable remotely. For this purpose we are using --testlink option in e2e tests. \nDuring the tests we will configure that link with IP from a network that is used in tests. \nThis is also the reason why we are running e2e tests with sudo.\nThe requirement here is that all kubernetes nodes must be in the same L2 domain.\nIn our application we are assigning IPs to a node. In dind-based setup those nodes are regular containers.\nTherefore to guarantee connectivity in our CI we need to assign IP on a bridge used by docker.\n\nFor simplicity we want to limit number of running ipcontrollers to 2. To make it work with kubeadm-dind-cluster \nwe have to set label ipcontroller= on kube workers.  And in the test we are using this label as node selector for daemonset pods.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMirantis%2Fk8s-externalipcontroller","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FMirantis%2Fk8s-externalipcontroller","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMirantis%2Fk8s-externalipcontroller/lists"}