Layer 2 announcements
Cilium has the capability of announcing address on layer-2 as well, with some caveats. In short, this uses gratuitous ARP and thus will work for IPv4 only.
L2 Announcements is a feature which makes services visible and reachable on the local area network. This feature is primarily intended for on-premises deployments within networks without BGP based routing such as office or campus networks.
When used, this feature will respond to ARP queries for ExternalIPs and/or LoadBalancer IPs. These IPs are Virtual IPs (not installed on network devices) on multiple nodes, so for each service one node at a time will respond to the ARP queries and respond with its MAC address. This node will perform load balancing with the service load balancing feature, thus acting as a north/south load balancer.
Layer 2 announcement policy
Policies provide fine-grained control over which services should be announced, where, and how. This is an example policy using all optional fields:
cat <<EOF | kubectl apply -f -
apiVersion: "cilium.io/v2alpha1"
kind: CiliumL2AnnouncementPolicy
metadata:
name: l2announcement
spec:
serviceSelector:
matchLabels:
color: internal-only
nodeSelector:
matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: DoesNotExist
interfaces:
- ^eno[0-9]+
externalIPs: true
loadBalancerIPs: true
EOF