Merge pull request #164 from zrisher/fix-exclude-label-docs

Fix exclude label docs
kubernetes-sigs · Dec 20, 2024 · 0ca7080 · 0ca7080
2 parents f9a6500 + f7f8485
commit 0ca7080
Showing 1 changed file with 19 additions and 13 deletions.
diff --git a/README.md b/README.md
@@ -7,13 +7,12 @@ KIND has demonstrated to be a very versatile, efficient, cheap and very useful t
 - [Slack channel](https://kubernetes.slack.com/messages/kind)
 - [Mailing list](https://groups.google.com/forum/#!forum/kubernetes-sig-testing)
 
-## Talks 
+## Talks
 
 Kubecon EU 2024 - [Keep Calm and Load Balance on KIND - Antonio Ojea & Benjamin Elder, Google](https://sched.co/1YhhY)
 
 [![Keep Calm and Load Balance on KIND](https://img.youtube.com/vi/U6_-y24rJnI/0.jpg)](https://www.youtube.com/watch?v=U6_-y24rJnI)
 
-
 ## Install
 
 You can install `cloud-provider-kind` using `go install`:
@@ -88,15 +87,21 @@ Have a question, bug, or feature request? Let us know! https://kind.sigs.k8s.io/
 
 ```
 
-**Note**
+### Allowing load balancers access to control plane nodes
+
+By default, [Kubernetes expects workloads will not run on control plane nodes](https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/#control-plane-node-isolation)
+and labels them with [`node.kubernetes.io/exclude-from-external-load-balancers`](https://kubernetes.io/docs/reference/labels-annotations-taints/#node-kubernetes-io-exclude-from-external-load-balancers),
+which stops load balancers from accessing them.
 
-Control-plane nodes need to remove the special label `node.kubernetes.io/exclude-from-external-load-balancers` to be able to access the workloads running on those nodes using a LoadBalancer Service.
+If you are running workloads on control plane nodes, as is the [default kind configuration](https://kind.sigs.k8s.io/docs/user/configuration/#nodes),
+you will need to remove this label to access them using a LoadBalancer:
 
 ```sh
 $ kubectl label node kind-control-plane node.kubernetes.io/exclude-from-external-load-balancers-
-node/kind-control-plane unlabeled
 ```
 
+### Running the provider
+
 Once the cluster is running, we need to run the `cloud-provider-kind` in a terminal and keep it running. The `cloud-provider-kind` will monitor all your KIND clusters and `Services` with Type `LoadBalancer` and create the corresponding LoadBalancer containers that will expose those Services.
 
 ```sh
@@ -131,14 +136,14 @@ spec:
         app: MyLocalApp
     spec:
       containers:
-      - name: agnhost
-        image: registry.k8s.io/e2e-test-images/agnhost:2.40
-        args:
-          - netexec
-          - --http-port=8080
-          - --udp-port=8080
-        ports:
-        - containerPort: 8080
+        - name: agnhost
+          image: registry.k8s.io/e2e-test-images/agnhost:2.40
+          args:
+            - netexec
+            - --http-port=8080
+            - --udp-port=8080
+          ports:
+            - containerPort: 8080
 ---
 apiVersion: v1
 kind: Service
@@ -191,6 +196,7 @@ Limitations:
 - Overlapping IP between the containers and the host can break connectivity.
 
 Mainly tested with `docker` and `Linux`, though `Windows` and `Mac` are also basically supported:
+
 - On macOS you must run cloud-provider-kind using `sudo`
 - On Windows you must run cloud-provider-kind from a shell that uses `Run as administrator`
 - Further feedback from users will be helpful to support other related platforms.