ARP
ARP (sometimes referred to as layer 2 as it's updating the underlying network topology) is a simplistic protocol that is used to update the underlying network that in order to reach a certain IP address traffic should be sent to a specific piece of hardware. ARP mode works by broadcasting ARP announcements when the virtual IP (VIP) transitions between nodes. These broadcasts update the ARP tables across the network, changing the IP-to-MAC address mapping from the previous node's interface to the current active node's interface. This ensures that subsequent traffic destined for the VIP is forwarded to the correct physical or virtual network interface.
Control plane
When using ARP with the control plane feature, then a leader election will take place in order to determine the leader. This leader will then host the control place IP address and use ARP (through a gratuitous ARP broadcast) to update the network accordingly.
Services
Services can be exposed in two ways:
leaderElectionfor all servicesleaderElectionper service
leaderElection for all services
In this mode (default) all kube-vip pods will elect a leader and this leader will be in charge of exposing all service addresses through ARP. This mode can become a bottleneck as traffic for all services will come to a single node.
leaderElection per service
In this mode kube-vip will perform an election every time a new Kubernetes service is created allowing service addresses to be spread across all nodes where a kube-vip pod is running.
Cautions
With this mode, kube-vip assigns VIP on the network interface which may be wrongly chosen by kubelet as the node's InternalIP, which is not intended. So we recommend to ensure kubelet using the right IP by setting the
--node-ipoption for kubelet explicitly.When you use calico you should additionally configure the correct autodetection mode, as would discover the VIP IP as the node IP and tries to use it for the BGP Speaker (Felix Container). The recommendation would be to set the following two environment variables as described in the docs). This will always use the configured node IP from above.