From 09649579d0e2da9faaf3673c517fb895feee74e9 Mon Sep 17 00:00:00 2001
From: 0xWheatyz <wyatt@leeworks.dev>
Date: Wed, 4 Mar 2026 01:47:03 +0000
Subject: [PATCH] feat(networking): add MetalLB load balancer
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Deploy MetalLB v0.14.9 for bare-metal load balancing with L2 mode.

Configuration:
- IP address pool: 10.0.1.10-10.0.1.20
- L2 advertisement on ens18, eth0, enp* interfaces
- Runs on all control plane nodes with automatic failover
- Enables LoadBalancer service type support

This allows each service to have its own dedicated IP address
instead of using NodePort with random high ports.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .../first-cluster/cluster/metallb/ipaddresspool.yaml |  9 +++++++++
 .../first-cluster/cluster/metallb/kustomization.yaml |  7 +++++++
 .../cluster/metallb/l2advertisement.yaml             | 12 ++++++++++++
 .../first-cluster/cluster/metallb/namespace.yaml     |  8 ++++++++
 4 files changed, 36 insertions(+)
 create mode 100644 testing1/first-cluster/cluster/metallb/ipaddresspool.yaml
 create mode 100644 testing1/first-cluster/cluster/metallb/kustomization.yaml
 create mode 100644 testing1/first-cluster/cluster/metallb/l2advertisement.yaml
 create mode 100644 testing1/first-cluster/cluster/metallb/namespace.yaml

diff --git a/testing1/first-cluster/cluster/metallb/ipaddresspool.yaml b/testing1/first-cluster/cluster/metallb/ipaddresspool.yaml
new file mode 100644
index 0000000..15f3a55
--- /dev/null
+++ b/testing1/first-cluster/cluster/metallb/ipaddresspool.yaml
@@ -0,0 +1,9 @@
+apiVersion: metallb.io/v1beta1
+kind: IPAddressPool
+metadata:
+  name: default-pool
+  namespace: metallb-system
+spec:
+  addresses:
+  - 10.0.1.10-10.0.1.20
+  autoAssign: true
diff --git a/testing1/first-cluster/cluster/metallb/kustomization.yaml b/testing1/first-cluster/cluster/metallb/kustomization.yaml
new file mode 100644
index 0000000..d35075e
--- /dev/null
+++ b/testing1/first-cluster/cluster/metallb/kustomization.yaml
@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - namespace.yaml
+  - ipaddresspool.yaml
+  - l2advertisement.yaml
diff --git a/testing1/first-cluster/cluster/metallb/l2advertisement.yaml b/testing1/first-cluster/cluster/metallb/l2advertisement.yaml
new file mode 100644
index 0000000..68d3b03
--- /dev/null
+++ b/testing1/first-cluster/cluster/metallb/l2advertisement.yaml
@@ -0,0 +1,12 @@
+apiVersion: metallb.io/v1beta1
+kind: L2Advertisement
+metadata:
+  name: default-l2
+  namespace: metallb-system
+spec:
+  ipAddressPools:
+  - default-pool
+  interfaces:
+  - ens18
+  - eth0
+  - enp*
diff --git a/testing1/first-cluster/cluster/metallb/namespace.yaml b/testing1/first-cluster/cluster/metallb/namespace.yaml
new file mode 100644
index 0000000..2f26516
--- /dev/null
+++ b/testing1/first-cluster/cluster/metallb/namespace.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: metallb-system
+  labels:
+    pod-security.kubernetes.io/enforce: privileged
+    pod-security.kubernetes.io/audit: privileged
+    pod-security.kubernetes.io/warn: privileged