Cloud Docs Home > F5 Container Integrations Index

Replace the OpenShift F5 Router with the BIG-IP Controller

Take the steps below to replace the OpenShift F5 Router with the BIG-IP Controller for Kubernetes in OpenShift deployments.

Step Task
Remove the OpenShift F5 Router.
Install the BIG-IP Controller.
Set up the BIG-IP Controller to manage Routes.
Deploy the Route Resource.
Verify creation of BIG-IP objects.

Remove the OpenShift F5 Router

Use the OpenShift CLI to remove the pod(s) associated with the F5 Router.

Note

The BIG-IP Controller will remove/replace any objects on the BIG-IP system when it launches, if you set it to manage the same BIG-IP partition. If you want to manage a different partition with the BIG-IP Controller, you should delete the objects from the F5 Router’s partition manually.

oc delete pod <pod-name>

Install the BIG-IP Controller

  1. Complete the initial setup.

  2. Set up RBAC Authentication.

  3. Create a Deployment for the BIG-IP Controller.

    Define the parameters highlighted below in your Deployment to set up the BIG-IP Controller to communicate with the BIG-IP device and set it to manage objects for OpenShift routes.

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
      name: k8s-bigip-ctlr
      namespace: kube-system
    spec:
      replicas: 1
      template:
        metadata:
          name: k8s-bigip-ctlr
          labels:
            app: k8s-bigip-ctlr
        spec:
          # Name of the Service Account bound to a Cluster Role with the required
          # permissions
          serviceAccountName: bigip-ctlr
          containers:
            - name: k8s-bigip-ctlr
              image: "f5networks/k8s-bigip-ctlr:1.3.0"
              env:
                - name: BIGIP_USERNAME
                  valueFrom:
                    secretKeyRef:
                      # Replace with the name of the Secret containing your login
                      # credentials
                      name: bigip-login
                      key: username
                - name: BIGIP_PASSWORD
                  valueFrom:
                    secretKeyRef:
                      # Replace with the name of the Secret containing your login
                      # credentials
                      name: bigip-login
                      key: password
              command: ["/app/bin/k8s-bigip-ctlr"]
              args: [
                "--bigip-username=$(BIGIP_USERNAME)",
                "--bigip-password=$(BIGIP_PASSWORD)",
                # Replace with the IP address or hostname of your BIG-IP device
                "--bigip-url=10.190.24.171",
                # Replace with the name of the BIG-IP partition you want to manage
                "--bigip-partition=openshift",
                # To manage a single namespace, enter it below
                # (required in v1.0.0)
                # To manage all namespaces, omit the `namespace` entry
                # (default as of v1.1.0)
                # To manage multiple namespaces, enter a separate flag for each
                # namespace below (as of v1.1.0)
                #"--namespace=default",
                "--pool-member-type=cluster",
                # Replace with the path to the BIG-IP VXLAN connected to the
                # OpenShift HostSubnet
                "--openshift-sdn-name=/Common/openshift_vxlan",
                # Enables use of a BIG-IP device as an OpenShift Router
                # (available as of v1.2.0)
                "--manage-routes=true",
                # Assign an IP address to the BIG-IP virtual server
                # Be sure to use an IP address from the HostSubnet to which the
                # BIG-IP device connects
                "--route-vserver-addr=1.2.3.4"
                # OPTIONAL: Provide an "f5type" label you want the BIG-IP Controller
                # to watch for. This information should be defined in a Route
                # Resource (for example, "f5type: App1")
                "--route-label=App1"
                ]
          imagePullSecrets:
            - name: f5-docker-images
    
  4. Upload the Deployment to the OpenShift API server.

When you upload the Deployment to your OpenShift API server, the BIG-IP Controller will automatically detect any existing OpenShift Routes and create corresponding routes on the BIG-IP system.

If you set up the BIG-IP Controller to manage the same BIG-IP partition you used with the OpenShift F5 Router, the BIG-IP Controller automatically replaces any remaining F5 Router artifacts in the partition with new objects.

What’s Next