Flags and Environment Variables

These flags are typically used in the kube-vip manifest generation process.

CategoryFlag
property
UsageNotes
Troubleshooting
--logdefault 4Set to -4 for debugging logs
Mode
--arpEnables ARP broadcasts from Leader
--bgpEnables BGP peering from kube-vip
--tableEnables routing entries to be created
--wireguardEnables services to be exposed over Wireguard
Features
--controlplaneEnables kube-vip control plane functionality
--servicesEnables kube-vip to watch services of type LoadBalancer
--enableEndpointSlicesEnables use of EndopintSlices instead of Endpoints
VIP Config
--vip<IP Address>(deprecated)
--address<IP Address> or <DNS name>
--ddnsEnables DDNS supportRequires --address is used and set to FQDN
--interfaceLinux interface on the node
--leaderElectionEnables Kubernetes LeaderElectionUsed by ARP, as only the leader can broadcast
--vipSubnet32,128 in ARP mode you could use (auto,auto)Used when advertising in any mode
--enableLoadBalancerEnables IPVS load balancerkube-vip ≥ 0.4.0
--lbPort6443The port that the api server will load-balanced on
--lbForwardingMethodSelect the forwarding method (default local)The IPVS forwarding method (local, masquerade, tunnel, directroute, bypass)
Services
--servicesInterface""(Optional) different interface to bind services too
--servicesElectionfalseEnables a leadership Election for each Service, allowing them to be distributed
--onlyAllowTrafficServicePortsfalseOnly allow traffic to service ports, others will be dropped
Kubernetes
--inClusterRequired for kube-vip as DaemonSet.Runs kube-vip with a ServiceAccount called kube-vip.
--taintRequired for kube-vip as DaemonSet.Adds node affinity rules forcing kube-vip Pods to run on control plane.
LeaderElection
--leaseDurationdefault 15Seconds a lease is held for
--leaseRenewDurationdefault 10Seconds a leader can attempt to renew the lease
--leaseRetrydefault 2Number of times the leader will hold the lease for
--namespace"kube-vip"The namespace where the lease will reside
ARP
--enableNodeLabelingfalseEnable leader node labeling with kube-vip.io/has-ip=<VIP address>
BGP
--bgpRouterID<IP Address>Typically the address of the local node
--localASdefault 65000The AS we peer from
--bgppeers<address:AS:password:multihop>Comma separated list of BGP peers
--peerAddress<IP Address>Address of a single BGP Peer
--peerASdefault 65000AS of a single BGP Peer
--peerPass""Password to work with a single BGP Peer
--multiHopEnables eBGP MultiHopEnable multiHop with a single BGP Peer
--sourceifSource InterfaceDetermines which interface BGP should peer from
--sourceipSource AddressDetermines which IP address BGP should peer from
--annotations<provider string>Startup will be paused until the node annotations contain the BGP configuration
Equinix Metal(May be deprecated)
--metalEnables Equinix Metal API calls
--metalKeyEquinix Metal API token
--metalProjectEquinix Metal Project (Name)
--metalProjectIDEquinix Metal Project (UUID)
--provider-configPath to the Equinix Metal provider configurationRequires the Equinix Metal CCM

These environment variables are usually part of a kube-vip manifest and used when running the kube-vip Pod.

More environment variables can be read through the pkg/kubevip/config_envvar.go file.

Keep in mind Environment Variables always win against Flags.
CategoryEnvironment Variable
property
UsageNotes
Troubleshooting
vip_logleveldefault 4Set to -4 for debugging logs
Mode
cp_enableEnables kube-vip control plane functionality
svc_enableEnables kube-vip to watch Services of type LoadBalancer
VIP Config
vip_arpEnables ARP broadcasts from Leader
bgp_enableEnables BGP peering from kube-vip
vip_address<IP Address>(deprecated)
address<IP Address> or <DNS name>
vip_ddnsBoolean. Enables Dynamic DNS support.Requires vip_address is set to FQDN
vip_interface<linux interface>
vip_leaderelectionEnables Kubernetes LeaderElectionUsed by ARP, as only the leader can broadcast
vip_subnetDetected at runtime: Tuple for IPv4,IPv6 (e.g. 32,128 or auto,auto)Used when advertising in any mode
lb_enableEnables IPVS LoadBalancerkube-vip ≥ 0.4.0. Adds nodes to the IPVS load balancer
lb_port6443The IPVS port that will be used to load-balance control plane requests
lb_fwdmethodSelect the forwarding method (default local)The IPVS forwarding method (local, masquerade, tunnel, directroute, bypass)
Services
vip_servicesinterface""Defines an optional different interface to bind
svc_electionEnables a leadership Election for each Service, allowing them to be distributed
enable_service_securityBoolean. Enable service security feature, defaults falseRestrict traffic to only service ports
LeaderElection
vip_leasedurationdefault 15Seconds a lease is held for
vip_renewdeadlinedefault 10Seconds a leader can attempt to renew the lease
vip_retryperioddefault 2Number of times the leader will hold the lease for
cp_namespace"kube-vip"The namespace where the lease will reside
egress_podcidr"10.0.0.0/16"The CIDR range where pods will be allocated and IP address
egress_servicecidr"10.96.0.0/12"The CIDR range where services will be allocated and IP address
ARP
enable_node_labelingfalseEnable leader node labeling with kube-vip.io/has-ip=<VIP address>
BGP
bgp_routerid<IP Address>Typically the address of the local node
bgp_routerinterfaceInterface nameUsed to associate the routerID with the control plane's interface.
bgp_asdefault 65000The AS we peer from
bgp_peers<address:AS:password:multihop>Comma separated list of BGP peers
bgp_peeraddress<IP Address>Address of a single BGP Peer
bgp_peerasdefault 65000AS of a single BGP Peer
bgp_peerpass""Password to work with a single BGP Peer
bgp_multihopEnables eBGP MultiHopEnable multiHop with a single BGP Peer
bgp_sourceifSource InterfaceDetermines which interface BGP should peer from
bgp_sourceipSource AddressDetermines which IP address BGP should peer from
annotations<provider string>Startup will be paused until the node annotations contain the BGP configuration
Egress
EGRESS_CLEANEnables kube-vip to clean left over iptables rules
egress_withnftablesUses nftables instead of iptables