This is the multi-page printable view of this section.
Click here to print.
Return to the regular view of this page.
 
MetalLB Configuration
    
      MetalLB is a load-balancer implementation for on-premises Kubernetes clusters, using standard routing protocols.
Best Practice
Any supported EKS Anywhere curated package should be modified through package yaml files (with kind: Package) and applied through the command kubectl apply -f packageFileName. Modifying objects outside of package yaml files may lead to unpredictable behaviors.
For automatic namespace (targetNamespace) creation, see createNamespace field: PackagebundleController.spec
 
 
  
  
  
  
  
  
  
    
    
	
    
    
	1 - MetalLB
    Install/upgrade/uninstall MetalLB
	If you have not already done so, make sure your cluster meets the package prerequisites.
Be sure to refer to the troubleshooting guide
 in the event of a problem.
Important
    
- Starting at eksctl anywhereversionv0.12.0, packages on workload clusters are remotely managed by the management cluster.
- While following this guide to install packages on a workload cluster, please make sure the kubeconfigis pointing to the management cluster that was used to create the workload cluster. The only exception is thekubectl create namespacecommand below, which should be run withkubeconfigpointing to the workload cluster.
 
Install
- 
Generate the package configuration eksctl anywhere generate package metallb --cluster <cluster-name> > metallb.yaml
 
- 
Add the desired configuration to metallb.yaml
 Please see complete configuration options
 for all configuration options and their default values. Example package file with bgp configuration: apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
  name: mylb
  namespace: eksa-packages-<cluster-name>
spec:
  packageName: metallb
  config: |
    IPAddressPools:
      - name: default
        addresses:
          - 10.220.0.93/32
          - 10.220.0.97-10.220.0.120
    BGPAdvertisements:
      - ipAddressPools:
        - default
    BGPPeers:
      - peerAddress: 10.220.0.2
        peerASN: 65000
        myASN: 65002    
 
Example package file with ARP configuration: apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
  name: mylb
  namespace: eksa-packages
spec:
  packageName: metallb
  config: |
    IPAddressPools:
      - name: default
        addresses:
          - 10.220.0.93/32
          - 10.220.0.97-10.220.0.120
    L2Advertisements:
      - ipAddressPools:
        - default    
 
- 
Create the namespace
(If overriding targetNamespace, changemetallb-systemto the value oftargetNamespace)
 kubectl create namespace metallb-system
 
- 
Install MetalLB eksctl anywhere create packages -f metallb.yaml
 
- 
Validate the installation eksctl anywhere get packages --cluster <cluster-name>
 
Example command output NAME   PACKAGE   AGE   STATE       CURRENTVERSION                                    TARGETVERSION                                              DETAIL
mylb   metallb   22h   installed   0.13.5-ce5b5de19014202cebd4ab4c091830a3b6dfea06   0.13.5-ce5b5de19014202cebd4ab4c091830a3b6dfea06 (latest)
 
Update
To update package configuration, update metallb.yaml file, and run the following command:
eksctl anywhere apply package -f metallb.yaml
Upgrade
MetalLB will automatically be upgraded when a new bundle is activated.
Uninstall
To uninstall MetalLB, simply delete the package
eksctl anywhere delete package --cluster <cluster-name> mylb
 
    
	
  
    
    
	
    
    
	2 - v0.12.1
    
	
FRRouting
 is currently not supported for MetalLB.
 
Example
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
  name: mylb
  namespace: eksa-packages-<cluster-name>
spec:
  packageName: metallb
  targetNamespace: metallb-system
  config: |
    IPAddressPools:
      - name: default
        addresses:
          - 10.220.0.93/32
          - 10.220.0.94/32
          - 10.220.0.95/32
      - name: bgp
        addresses:
          - 10.220.0.97-10.220.0.99
    L2Advertisements:
      - IPAddressPools:
          - default
    BGPAdvertisements:
      - IPAddressPools:
          - bgp 
    BGPPeers:
      - myASN: 123
        peerASN: 55001
        peerAddress: 1.2.3.4
        keepaliveTime: 30s
| Parameter | Description | Default | 
| IPAddressPools[] | A list of IPAddressPool. | None | 
| L2Advertisements[] | A list of L2Advertisement. | None | 
| BGPAdvertisements[] | A list of BGPAdvertisement. | None | 
| BGPPeers[] | A list of BGPPeer. | None | 
| — | — | — | 
| IPAddressPool | A list of IP address ranges over which MetalLB has authority. You can list multiple ranges in a single pool and they will all share the same settings. Each range can be either a CIDR prefix, or an explicit start-end range of IPs. |  | 
| name | Name for the address pool. | None | 
| addresses[] | A list of string representing CIRD or IP ranges. | None | 
| autoAssign | AutoAssign flag used to prevent MetalLB from automatic allocation for a pool. | true | 
| — | — | — | 
| L2Advertisement | L2Advertisement allows MetalLB to advertise the LoadBalancer IPs provided by the selected pools via L2. |  | 
| IPAddressPools[] | The list of IPAddressPools to advertise via this advertisement, selected by name. | None | 
| — | — | — | 
| BGPAdvertisement | BGPAdvertisement allows MetalLB to advertise the IPs coming from the selected IPAddressPools via BGP, setting the parameters of the BGP Advertisement. |  | 
| aggregationLength | The aggregation-length advertisement option lets you “roll up” the /32s into a larger prefix. Defaults to 32. Works for IPv4 addresses. | 32 | 
| aggregationLengthV6 | The aggregation-length advertisement option lets you “roll up” the /128s into a larger prefix. Defaults to 128. Works for IPv6 addresses. | 128 | 
| communities[] | The BGP communities to be associated with the announcement. Each item can be a community of the form 1234:1234 or the name of an alias defined in the Community CRD. | None | 
| IPAddressPools[] | The list of IPAddressPools to advertise via this advertisement, selected by name. | None | 
| localPref | The BGP LOCAL_PREF attribute which is used by BGP best path algorithm, Path with higher localpref is preferred over one with lower localpref. | None | 
| — | — | — | 
| BGPPeer | Peers for the BGP protocol. |  | 
| bfdProfile | The name of the BFD Profile to be used for the BFD session associated to the BGP session. If not set, the BFD session won’t be set up. | None | 
| holdTime | Requested BGP hold time, per RFC4271. | None | 
| keepaliveTime | Requested BGP keepalive time, per RFC4271. | None | 
| myASN | AS number to use for the local end of the session. | None | 
| password | Authentication password for routers enforcing TCP MD5 authenticated sessions. | None | 
| peerASN | AS number to expect from the remote end of the session. | None | 
| peerAddress | Address to dial when establishing the session. | None | 
| peerPort | Port to dial when establishing the session. | 179 | 
| routerID | BGP router ID to advertise to the peer. | None | 
| sourceAddress | Source address to use when establishing the session. | None | 
 
    
	
  
    
    
	
    
    
	3 - v0.13.5
    
	
FRRouting
 is currently not supported for MetalLB.
 
Starting at v0.13.5, keys within each config section start with lowercase. For example:
L2Advertisements:
    - IPAddressPools:
        - default
Becomes:
L2Advertisements:
    - ipAddressPools:
        - default
Top-level section names remain capitalized as they represent CRDs:
config: |
    IPAddressPools:
    ...
 
Example
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
  name: mylb
  namespace: eksa-packages-<cluster-name>
spec:
  packageName: metallb
  targetNamespace: metallb-system
  config: |
    IPAddressPools:
      - name: default
        addresses:
          - 10.220.0.93/32
          - 10.220.0.94/32
          - 10.220.0.95/32
      - name: bgp
        addresses:
          - 10.220.0.97-10.220.0.99
    L2Advertisements:
      - ipAddressPools:
          - default
    BGPAdvertisements:
      - ipAddressPools:
          - bgp 
        autoAssign: false
    BGPPeers:
      - myASN: 123
        peerASN: 55001
        peerAddress: 1.2.3.4
        keepaliveTime: 30s
| Parameter | Description | Default | Required | 
| IPAddressPools[] | A list of ip address pools. See IPAddressPool. | None | False | 
| L2Advertisements[] | A list of Layer 2 advertisements. See L2Advertisement. | None | False | 
| BGPAdvertisements[] | A list of BGP advertisements. See BGPAdvertisement. | None | False | 
| BGPPeers[] | A list of BGP peers. See BGPPeer. | None | False | 
| — | — | — | — | 
| IPAddressPool | A list of IP address ranges over which MetalLB has authority. You can list multiple ranges in a single pool and they will all share the same settings. Each range can be either a CIDR prefix, or an explicit start-end range of IPs. |  |  | 
| name | Name for the address pool. | None | True | 
| addresses[] | A list of string representing CIRD or IP ranges. | None | True | 
| autoAssign | AutoAssign flag used to prevent MetalLB from automatic allocation for a pool. | true | False | 
| — | — | — | — | 
| L2Advertisement | L2Advertisement allows MetalLB to advertise the LoadBalancer IPs provided by the selected pools via L2. |  |  | 
| ipAddressPools[] | The list of IPAddressPool names to advertise. | None | True | 
| name | Name for the L2Advertisement. | None | False | 
| — | — | — | — | 
| BGPAdvertisement | BGPAdvertisement allows MetalLB to advertise the IPs coming from the selected ipAddressPools via BGP, setting the parameters of the BGP Advertisement. |  |  | 
| aggregationLength | The aggregation-length advertisement option lets you “roll up” the /32s into a larger prefix. Defaults to 32. Works for IPv4 addresses. | 32 | False | 
| aggregationLengthV6 | The aggregation-length advertisement option lets you “roll up” the /128s into a larger prefix. Defaults to 128. Works for IPv6 addresses. | 128 | False | 
| communities[] | The BGP communities to be associated with the announcement. Each item can be a community of the form 1234:1234 or the name of an alias defined in the Community CRD. | None | False | 
| ipAddressPools[] | The list of IPAddressPool names to be advertised via BGP. | None | True | 
| localPref | The BGP LOCAL_PREF attribute which is used by BGP best path algorithm, Path with higher localpref is preferred over one with lower localpref. | None | False | 
| peers[] | List of peer names. Limits the bgppeer to advertise the ips of the selected pools to. When empty, the loadbalancer IP is announced to all the BGPPeers configured. | None | False | 
| — | — | — | — | 
| BGPPeer | Peers for the BGP protocol. |  |  | 
| holdTime | Requested BGP hold time, per RFC4271. | None | False | 
| keepaliveTime | Requested BGP keepalive time, per RFC4271. | None | False | 
| myASN | AS number to use for the local end of the session. | None | True | 
| password | Authentication password for routers enforcing TCP MD5 authenticated sessions. | None | False | 
| peerASN | AS number to expect from the remote end of the session. | None | True | 
| peerAddress | Address to dial when establishing the session. | None | True | 
| peerPort | Port to dial when establishing the session. | 179 | False | 
| routerID | BGP router ID to advertise to the peer. | None | False | 
| sourceAddress | Source address to use when establishing the session. | None | False | 
 
    
	
  
    
    
	
    
    
	4 - v0.13.7
    
	
FRRouting
 is currently not supported for MetalLB.
 
Starting at v0.13.5, keys within each config section start with lowercase.
See v0.13.5
 for details.
 
Example
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
  name: mylb
  namespace: eksa-packages-<cluster-name>
spec:
  packageName: metallb
  targetNamespace: metallb-system
  config: |
    IPAddressPools:
      - name: default
        addresses:
          - 10.220.0.93/32
          - 10.220.0.94/32
          - 10.220.0.95/32
      - name: bgp
        addresses:
          - 10.220.0.97-10.220.0.99
    L2Advertisements:
      - ipAddressPools:
          - default
    BGPAdvertisements:
      - ipAddressPools:
          - bgp 
        autoAssign: false
    BGPPeers:
      - myASN: 123
        peerASN: 55001
        peerAddress: 1.2.3.4
        keepaliveTime: 30s
| Parameter | Description | Default | Required | 
| IPAddressPools[] | A list of ip address pools. See IPAddressPool. | None | False | 
| L2Advertisements[] | A list of Layer 2 advertisements. See L2Advertisement. | None | False | 
| BGPAdvertisements[] | A list of BGP advertisements. See BGPAdvertisement. | None | False | 
| BGPPeers[] | A list of BGP peers. See BGPPeer. | None | False | 
| — | — | — | — | 
| IPAddressPool | A list of IP address ranges over which MetalLB has authority. You can list multiple ranges in a single pool and they will all share the same settings. Each range can be either a CIDR prefix, or an explicit start-end range of IPs. |  |  | 
| name | Name for the address pool. | None | True | 
| addresses[] | A list of string representing CIRD or IP ranges. | None | True | 
| autoAssign | AutoAssign flag used to prevent MetalLB from automatic allocation for a pool. | true | False | 
| — | — | — | — | 
| L2Advertisement | L2Advertisement allows MetalLB to advertise the LoadBalancer IPs provided by the selected pools via L2. |  |  | 
| ipAddressPools[] | The list of IPAddressPool names to advertise. | None | True | 
| name | Name for the L2Advertisement. | None | False | 
| — | — | — | — | 
| BGPAdvertisement | BGPAdvertisement allows MetalLB to advertise the IPs coming from the selected ipAddressPools via BGP, setting the parameters of the BGP Advertisement. |  |  | 
| aggregationLength | The aggregation-length advertisement option lets you “roll up” the /32s into a larger prefix. Defaults to 32. Works for IPv4 addresses. | 32 | False | 
| aggregationLengthV6 | The aggregation-length advertisement option lets you “roll up” the /128s into a larger prefix. Defaults to 128. Works for IPv6 addresses. | 128 | False | 
| communities[] | The BGP communities to be associated with the announcement. Each item can be a community of the form 1234:1234 or the name of an alias defined in the Community CRD. | None | False | 
| ipAddressPools[] | The list of IPAddressPool names to be advertised via BGP. | None | True | 
| localPref | The BGP LOCAL_PREF attribute which is used by BGP best path algorithm, Path with higher localpref is preferred over one with lower localpref. | None | False | 
| peers[] | List of peer names. Limits the bgppeer to advertise the ips of the selected pools to. When empty, the loadbalancer IP is announced to all the BGPPeers configured. | None | False | 
| — | — | — | — | 
| BGPPeer | Peers for the BGP protocol. |  |  | 
| holdTime | Requested BGP hold time, per RFC4271. | None | False | 
| keepaliveTime | Requested BGP keepalive time, per RFC4271. | None | False | 
| myASN | AS number to use for the local end of the session. | None | True | 
| password | Authentication password for routers enforcing TCP MD5 authenticated sessions. | None | False | 
| peerASN | AS number to expect from the remote end of the session. | None | True | 
| peerAddress | Address to dial when establishing the session. | None | True | 
| peerPort | Port to dial when establishing the session. | 179 | False | 
| routerID | BGP router ID to advertise to the peer. | None | False | 
| sourceAddress | Source address to use when establishing the session. | None | False | 
| password | Authentication password for routers enforcing TCP MD5 authenticated sessions. | None | False | 
| passwordSecret | passwordSecret is a reference to the authentication secret for BGP Peer. The secret must be of type ‘kubernetes.io/basic-auth’ and the password stored under the “password” key. Example: 
 passwordSecret:name: mySecret
 namespace: metallb-system
 | None | False | 
 
    
	
  
    
    
	
    
    
	5 - v0.14.5
    
	
FRRouting
 is currently not supported for MetalLB.
 
Example
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
  name: mylb
  namespace: eksa-packages-<cluster-name>
spec:
  packageName: metallb
  targetNamespace: metallb-system
  config: |
    IPAddressPools:
      - name: default
        addresses:
          - 10.220.0.93/32
          - 10.220.0.94/32
          - 10.220.0.95/32
      - name: bgp
        addresses:
          - 10.220.0.97-10.220.0.99
    L2Advertisements:
      - ipAddressPools:
          - default
    BGPAdvertisements:
      - ipAddressPools:
          - bgp 
        autoAssign: false
    BGPPeers:
      - myASN: 123
        peerASN: 55001
        peerAddress: 1.2.3.4
        keepaliveTime: 30s
| Parameter | Description | Default | Required | 
| IPAddressPools[] | A list of ip address pools. See IPAddressPool. | None | False | 
| L2Advertisements[] | A list of Layer 2 advertisements. See L2Advertisement. | None | False | 
| BGPAdvertisements[] | A list of BGP advertisements. See BGPAdvertisement. | None | False | 
| BGPPeers[] | A list of BGP peers. See BGPPeer. | None | False | 
| — | — | — | — | 
| IPAddressPool | A list of IP address ranges over which MetalLB has authority. You can list multiple ranges in a single pool and they will all share the same settings. Each range can be either a CIDR prefix, or an explicit start-end range of IPs. |  |  | 
| name | Name for the address pool. | None | True | 
| addresses[] | A list of string representing CIRD or IP ranges. | None | True | 
| autoAssign | AutoAssign flag used to prevent MetalLB from automatic allocation for a pool. | true | False | 
| — | — | — | — | 
| L2Advertisement | L2Advertisement allows MetalLB to advertise the LoadBalancer IPs provided by the selected pools via L2. |  |  | 
| ipAddressPools[] | The list of IPAddressPool names to advertise. | None | True | 
| name | Name for the L2Advertisement. | None | False | 
| — | — | — | — | 
| BGPAdvertisement | BGPAdvertisement allows MetalLB to advertise the IPs coming from the selected ipAddressPools via BGP, setting the parameters of the BGP Advertisement. |  |  | 
| aggregationLength | The aggregation-length advertisement option lets you “roll up” the /32s into a larger prefix. Defaults to 32. Works for IPv4 addresses. | 32 | False | 
| aggregationLengthV6 | The aggregation-length advertisement option lets you “roll up” the /128s into a larger prefix. Defaults to 128. Works for IPv6 addresses. | 128 | False | 
| communities[] | The BGP communities to be associated with the announcement. Each item can be a community of the form 1234:1234 or the name of an alias defined in the Community CRD. | None | False | 
| ipAddressPools[] | The list of IPAddressPool names to be advertised via BGP. | None | True | 
| localPref | The BGP LOCAL_PREF attribute which is used by BGP best path algorithm, Path with higher localpref is preferred over one with lower localpref. | None | False | 
| peers[] | List of peer names. Limits the bgppeer to advertise the ips of the selected pools to. When empty, the loadbalancer IP is announced to all the BGPPeers configured. | None | False | 
| — | — | — | — | 
| BGPPeer | Peers for the BGP protocol. |  |  | 
| holdTime | Requested BGP hold time, per RFC4271. | None | False | 
| keepaliveTime | Requested BGP keepalive time, per RFC4271. | None | False | 
| myASN | AS number to use for the local end of the session. | None | True | 
| password | Authentication password for routers enforcing TCP MD5 authenticated sessions. | None | False | 
| peerASN | AS number to expect from the remote end of the session. | None | True | 
| peerAddress | Address to dial when establishing the session. | None | True | 
| peerPort | Port to dial when establishing the session. | 179 | False | 
| routerID | BGP router ID to advertise to the peer. | None | False | 
| sourceAddress | Source address to use when establishing the session. | None | False | 
| password | Authentication password for routers enforcing TCP MD5 authenticated sessions. | None | False | 
| passwordSecret | passwordSecret is a reference to the authentication secret for BGP Peer. The secret must be of type ‘kubernetes.io/basic-auth’ and the password stored under the “password” key. Example: 
 passwordSecret:name: mySecret
 namespace: metallb-system
 | None | False | 
 
    
	
  
    
    
	
    
    
	6 - v0.14.8
    
	
FRRouting
 is currently not supported for MetalLB.
 
Example
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
  name: mylb
  namespace: eksa-packages-<cluster-name>
spec:
  packageName: metallb
  targetNamespace: metallb-system
  config: |
    IPAddressPools:
      - name: default
        addresses:
          - 10.220.0.93/32
          - 10.220.0.94/32
          - 10.220.0.95/32
      - name: bgp
        addresses:
          - 10.220.0.97-10.220.0.99
    L2Advertisements:
      - ipAddressPools:
          - default
    BGPAdvertisements:
      - ipAddressPools:
          - bgp
        autoAssign: false
    BGPPeers:
      - myASN: 123
        peerASN: 55001
        peerAddress: 1.2.3.4
        keepaliveTime: 30s
| Parameter | Description | Default | Required | 
| IPAddressPools[] | A list of ip address pools. See IPAddressPool. | None | False | 
| L2Advertisements[] | A list of Layer 2 advertisements. See L2Advertisement. | None | False | 
| BGPAdvertisements[] | A list of BGP advertisements. See BGPAdvertisement. | None | False | 
| BGPPeers[] | A list of BGP peers. See BGPPeer. | None | False | 
| — | — | — | — | 
| IPAddressPool | A list of IP address ranges over which MetalLB has authority. You can list multiple ranges in a single pool and they will all share the same settings. Each range can be either a CIDR prefix, or an explicit start-end range of IPs. |  |  | 
| name | Name for the address pool. | None | True | 
| addresses[] | A list of string representing CIRD or IP ranges. | None | True | 
| autoAssign | AutoAssign flag used to prevent MetalLB from automatic allocation for a pool. | true | False | 
| — | — | — | — | 
| L2Advertisement | L2Advertisement allows MetalLB to advertise the LoadBalancer IPs provided by the selected pools via L2. |  |  | 
| ipAddressPools[] | The list of IPAddressPool names to advertise. | None | True | 
| name | Name for the L2Advertisement. | None | False | 
| — | — | — | — | 
| BGPAdvertisement | BGPAdvertisement allows MetalLB to advertise the IPs coming from the selected ipAddressPools via BGP, setting the parameters of the BGP Advertisement. |  |  | 
| aggregationLength | The aggregation-length advertisement option lets you “roll up” the /32s into a larger prefix. Defaults to 32. Works for IPv4 addresses. | 32 | False | 
| aggregationLengthV6 | The aggregation-length advertisement option lets you “roll up” the /128s into a larger prefix. Defaults to 128. Works for IPv6 addresses. | 128 | False | 
| communities[] | The BGP communities to be associated with the announcement. Each item can be a community of the form 1234:1234 or the name of an alias defined in the Community CRD. | None | False | 
| ipAddressPools[] | The list of IPAddressPool names to be advertised via BGP. | None | True | 
| localPref | The BGP LOCAL_PREF attribute which is used by BGP best path algorithm, Path with higher localpref is preferred over one with lower localpref. | None | False | 
| peers[] | List of peer names. Limits the bgppeer to advertise the ips of the selected pools to. When empty, the loadbalancer IP is announced to all the BGPPeers configured. | None | False | 
| — | — | — | — | 
| BGPPeer | Peers for the BGP protocol. |  |  | 
| holdTime | Requested BGP hold time, per RFC4271. | None | False | 
| keepaliveTime | Requested BGP keepalive time, per RFC4271. | None | False | 
| myASN | AS number to use for the local end of the session. | None | True | 
| password | Authentication password for routers enforcing TCP MD5 authenticated sessions. | None | False | 
| peerASN | AS number to expect from the remote end of the session. | None | True | 
| peerAddress | Address to dial when establishing the session. | None | True | 
| peerPort | Port to dial when establishing the session. | 179 | False | 
| routerID | BGP router ID to advertise to the peer. | None | False | 
| sourceAddress | Source address to use when establishing the session. | None | False | 
| password | Authentication password for routers enforcing TCP MD5 authenticated sessions. | None | False | 
| passwordSecret | passwordSecret is a reference to the authentication secret for BGP Peer. The secret must be of type ‘kubernetes.io/basic-auth’ and the password stored under the “password” key. Example: 
 passwordSecret:name: mySecret
 namespace: metallb-system
 | None | False | 
 
    
	
  
    
    
	
    
    
	7 - v0.14.9
    
	
FRRouting
 is currently not supported for MetalLB.
 
Example
apiVersion: packages.eks.amazonaws.com/v1alpha1
kind: Package
metadata:
  name: mylb
  namespace: eksa-packages-<cluster-name>
spec:
  packageName: metallb
  targetNamespace: metallb-system
  config: |
    IPAddressPools:
      - name: default
        addresses:
          - 10.220.0.93/32
          - 10.220.0.94/32
          - 10.220.0.95/32
      - name: bgp
        addresses:
          - 10.220.0.97-10.220.0.99
    L2Advertisements:
      - ipAddressPools:
          - default
    BGPAdvertisements:
      - ipAddressPools:
          - bgp
        autoAssign: false
    BGPPeers:
      - myASN: 123
        peerASN: 55001
        peerAddress: 1.2.3.4
        keepaliveTime: 30s
| Parameter | Description | Default | Required | 
| IPAddressPools[] | A list of ip address pools. See IPAddressPool. | None | False | 
| L2Advertisements[] | A list of Layer 2 advertisements. See L2Advertisement. | None | False | 
| BGPAdvertisements[] | A list of BGP advertisements. See BGPAdvertisement. | None | False | 
| BGPPeers[] | A list of BGP peers. See BGPPeer. | None | False | 
| — | — | — | — | 
| IPAddressPool | A list of IP address ranges over which MetalLB has authority. You can list multiple ranges in a single pool and they will all share the same settings. Each range can be either a CIDR prefix, or an explicit start-end range of IPs. |  |  | 
| name | Name for the address pool. | None | True | 
| addresses[] | A list of string representing CIRD or IP ranges. | None | True | 
| autoAssign | AutoAssign flag used to prevent MetalLB from automatic allocation for a pool. | true | False | 
| — | — | — | — | 
| L2Advertisement | L2Advertisement allows MetalLB to advertise the LoadBalancer IPs provided by the selected pools via L2. |  |  | 
| ipAddressPools[] | The list of IPAddressPool names to advertise. | None | True | 
| name | Name for the L2Advertisement. | None | False | 
| — | — | — | — | 
| BGPAdvertisement | BGPAdvertisement allows MetalLB to advertise the IPs coming from the selected ipAddressPools via BGP, setting the parameters of the BGP Advertisement. |  |  | 
| aggregationLength | The aggregation-length advertisement option lets you “roll up” the /32s into a larger prefix. Defaults to 32. Works for IPv4 addresses. | 32 | False | 
| aggregationLengthV6 | The aggregation-length advertisement option lets you “roll up” the /128s into a larger prefix. Defaults to 128. Works for IPv6 addresses. | 128 | False | 
| communities[] | The BGP communities to be associated with the announcement. Each item can be a community of the form 1234:1234 or the name of an alias defined in the Community CRD. | None | False | 
| ipAddressPools[] | The list of IPAddressPool names to be advertised via BGP. | None | True | 
| localPref | The BGP LOCAL_PREF attribute which is used by BGP best path algorithm, Path with higher localpref is preferred over one with lower localpref. | None | False | 
| peers[] | List of peer names. Limits the bgppeer to advertise the ips of the selected pools to. When empty, the loadbalancer IP is announced to all the BGPPeers configured. | None | False | 
| — | — | — | — | 
| BGPPeer | Peers for the BGP protocol. |  |  | 
| holdTime | Requested BGP hold time, per RFC4271. | None | False | 
| keepaliveTime | Requested BGP keepalive time, per RFC4271. | None | False | 
| myASN | AS number to use for the local end of the session. | None | True | 
| password | Authentication password for routers enforcing TCP MD5 authenticated sessions. | None | False | 
| peerASN | AS number to expect from the remote end of the session. | None | True | 
| peerAddress | Address to dial when establishing the session. | None | True | 
| peerPort | Port to dial when establishing the session. | 179 | False | 
| routerID | BGP router ID to advertise to the peer. | None | False | 
| sourceAddress | Source address to use when establishing the session. | None | False | 
| password | Authentication password for routers enforcing TCP MD5 authenticated sessions. | None | False | 
| passwordSecret | passwordSecret is a reference to the authentication secret for BGP Peer. The secret must be of type ‘kubernetes.io/basic-auth’ and the password stored under the “password” key. Example: 
 passwordSecret:name: mySecret
 namespace: metallb-system
 | None | False |