Metallb namespace requirements
384 views
Skip to first unread message
Vincent Brown
Sep 11, 2023, 10:33:56 AM9/11/23
to metallb-users
I am redeploying a K3S cluster. My older cluster had Metallb working. I don't recall what vesion of K3s or Metallb it was.
$ kubectl create -f metallb-IPAddressPool.yaml
Error from server (resource must be created in default namespace): error when creating "metallb-IPAddressPool.yaml": admission webhook "ipaddresspoolvalidationwebhook.metallb.io" denied the request: resource must be created in default namespace
Tried setting namespace to default but still got the same error even when I changed my yaml to specify the default namespace.
If I recall correctly, my old deployment used the metallb-system namespace. I tried installing the operator version of metallb.
Documentation is sparse for Operator usage. I tried deploying the same IPAddressPool and L2Advertisement that worked previously, and they didn’t work. Also received this error about namespace.
kubectl create -f metallb-IPAddressPool.yaml
Error from server (resource must be created in operators namespace): error when creating "metallb-IPAddressPool.yaml": admission webhook "ipaddresspoolvalidationwebhook.metallb.io" denied the request: resource must be created in operators namespace
Tried changing namespace to operators. That allowed me to deploy but the IPAddressPool and L2Advertisement but load balancing still wasn’t working.
Usage section of https://github.com/metallb/metallb-operator states
“Once the MetalLB Operator is installed, you have to create a MetalLB custom resource to deploy a MetalLB instance. The operator will consume this resource and create all required MetalLB resources based on it. The MetalLB custom resource needs to be created inside the metallb-system namespace and be named metallb. Only one MetalLB resource can exist in a cluster.”
I removed my previous IPAddressPool and L2Advertisement since the instructions above said to use the metallb namespace.
Tried redeploying IPAddressPool and L2Advertisement with metallb namespace to match the MetalLB object I deployed using the example yaml from the GitHub instructions.
Got error again about ‘resource must be created in operators namespace’
Changed my IPAddressPool and L2Advertisement yaml files to operator namespace. Still getting error ‘resource must be created in operators namespace’ even after setting the namespace to operators in the YAML files.
So I uninstalled the metallb operator and tried deploying with the helm chart.
kubectl create -f metallb-IPAddressPool.yaml
Error from server (resource must be created in operators namespace): error when creating "metallb-IPAddressPool.yaml": admission webhook "ipaddresspoolvalidationwebhook.metallb.io" denied the request: resource must be created in operators namespace
Tried changing namespace to operators. That allowed me to deploy but the IPAddressPool and L2Advertisement but load balancing still wasn’t working.
Usage section of https://github.com/metallb/metallb-operator states
“Once the MetalLB Operator is installed, you have to create a MetalLB custom resource to deploy a MetalLB instance. The operator will consume this resource and create all required MetalLB resources based on it. The MetalLB custom resource needs to be created inside the metallb-system namespace and be named metallb. Only one MetalLB resource can exist in a cluster.”
I removed my previous IPAddressPool and L2Advertisement since the instructions above said to use the metallb namespace.
Tried redeploying IPAddressPool and L2Advertisement with metallb namespace to match the MetalLB object I deployed using the example yaml from the GitHub instructions.
Got error again about ‘resource must be created in operators namespace’
Changed my IPAddressPool and L2Advertisement yaml files to operator namespace. Still getting error ‘resource must be created in operators namespace’ even after setting the namespace to operators in the YAML files.
So I uninstalled the metallb operator and tried deploying with the helm chart.
This time, it installed in the default namespace. When attempting to install my IPAddressPool in the metallb-system namespace, I get a namespace error.
$ kubectl create -f metallb-IPAddressPool.yaml
Error from server (resource must be created in default namespace): error when creating "metallb-IPAddressPool.yaml": admission webhook "ipaddresspoolvalidationwebhook.metallb.io" denied the request: resource must be created in default namespace
Tried setting namespace to default but still got the same error even when I changed my yaml to specify the default namespace.
This feels buggy to me, but I'm not very experienced with metallb so I wanted to rule out user error before submitting a bug report. I can share yaml examples if that's helpful. This is already a lengthy post.
Vincent Brown
Sep 12, 2023, 11:13:35 AM9/12/23
to metallb-users
Update:
I redeployed using the manifest method and everything is working as expected.
It appears that the different installation methods (as followed from the documentation in https://metallb.universe.tf/installation/) deploys metallb to different namespaces. Does anyone know if that is intended?
- Manifest method deployed to metallb-system namespace.
- Helm chart method deployed to default namespace (and I didn't see a namespace field in values.yaml except for Prometheus namespace)
- Operator method deployed to operators namespace.
- I didn't try the Kustomize method.
Reply all
Reply to author
Forward
0 new messages