Introduction
kube-vip provides Kubernetes clusters with a virtual IP address for the control plane and LoadBalancer-type Services without requiring external load balancers or cloud provider integrations. It is particularly valuable for bare-metal and on-premises Kubernetes deployments where cloud load balancers are unavailable.
What kube-vip Does
- Assigns a floating virtual IP to the Kubernetes control plane for high availability
- Implements LoadBalancer-type Services on bare-metal clusters
- Uses ARP or BGP to advertise virtual IP addresses on the network
- Elects a leader node to hold the VIP using Raft-based leader election
- Runs as a static pod, DaemonSet, or standalone binary
Architecture Overview
kube-vip runs on each control plane node and participates in leader election. The elected leader binds the virtual IP to its network interface and responds to ARP requests (layer 2 mode) or advertises the route via BGP (layer 3 mode). For Service load balancing, kube-vip watches the Kubernetes API for Services of type LoadBalancer and assigns addresses from a configured IP pool, handling traffic distribution across backends.
Self-Hosting & Configuration
- Deploy as a static pod on control plane nodes or as a DaemonSet cluster-wide
- Configure ARP mode for simple layer 2 environments on a flat network
- Configure BGP mode for routed environments with upstream router peering
- Define IP address pools for Service LoadBalancer allocation via ConfigMap or CIDR range
- Set leader election lease duration and renewal parameters for failover speed
Key Features
- Control plane VIP eliminates single points of failure without external dependencies
- Dual-mode networking with ARP for layer 2 and BGP for layer 3 environments
- Service LoadBalancer implementation replaces MetalLB for many use cases
- Lightweight single binary with no external dependencies
- Works with any Kubernetes distribution including K3s, kubeadm, and RKE2
Comparison with Similar Tools
- MetalLB — more mature LoadBalancer implementation but does not provide control plane VIP
- Keepalived — traditional Linux VIP failover, requires separate configuration outside Kubernetes
- Cloud LB (AWS NLB, GCP LB) — managed service, not available on bare metal or edge
- HAProxy + Keepalived — common pattern for HA control plane, more components to manage
FAQ
Q: Can kube-vip replace MetalLB? A: For many use cases, yes. kube-vip provides both control plane VIP and Service LoadBalancer functionality in a single component. MetalLB offers more advanced features like L2/BGP co-existence and community support.
Q: Does kube-vip work with K3s? A: Yes. kube-vip integrates with K3s as a DaemonSet and can provide the control plane VIP and LoadBalancer services for K3s clusters.
Q: What is the failover time when the leader node goes down? A: Failover typically completes in 5-10 seconds depending on leader election lease configuration and ARP cache expiry on the network.
Q: Can I use kube-vip in a cloud environment? A: It is possible but generally unnecessary since cloud providers offer native load balancers. kube-vip is designed for environments without cloud LB support.