Install F5 Lifecycle Operator¶
F5 Lifecycle Operator (FLO) is seamlessly installed by using Helm with the values override file flo-value.yaml file, which includes all essential configurations for the successful installation of FLO and the necessary resources to configure BIG-IP Next for Kubernetes. During the FLO Helm installation, the IPAM operator, BnkGatewayClass custom resource definition (CRD), and BIG-IP Next for Kubernetes component CRDs are installed along with FLO. The IPAM Operator, in collaboration with the F5 IPAM Controller (FIC), manages the dual-stack IP addresses (IPv4 and IPv6) for Gateway resources. For more information, see F5 IPAM Controller for Gateway API.
Note: By default, the BNKGatewayClass CR deployment will install the product in the
defaultnamespace. However, this approach is not recommended. It is expected that customers provide a non-default tenant namespace when installing the FLO helm-chart. This will ensure that FLO is deployed in the designated user-provided tenant namespace. It is important that the BNKGatewayClass CR is also deployed in the same tenant namespace.
Prerequisites¶
Before you install FLO, ensure that the following prerequisites are met:
Perform helm login and apply FAR secret to pull the artifacts from FAR. For more information, see Artifacts via F5 Artifact Registry (FAR).
Configure cert-manager to create certificates for secure communication between pods, see Cert Manager.
Create
self-signed CA secretandclusterissuer, see Cert Manager.Create namespaces according to your planned configuration and apply FAR secrets, see Create FAR secret in namespaces.
Obtained the JWT for this cluster from your MyF5 account.
Configure F5 License Proxy (FLP) if you want to license the BIG-IP Next for Kubernetes cluster in FLP mode, see Install and configure F5 License Proxy (FLP).
Install the F5 Lifecycle Operator¶
For information on the F5 Lifecycle Operator parameters featured in this example, or for a comprehensive list of available parameters, see F5 Lifecycle Operator Parameters.
Create a flo-values.yaml file with the contents below.
vi flo-values.yaml
global: imagePullSecrets: - name: far-secret certmgr: clusterIssuer: <Name of the ClusterIssuer> image: repository: repo.f5.com/images name: f5-lifecycle-operator pullPolicy: Always namespace: "f5-operators" fluentbit_sidecar: enabled: true image: name: f5-fluentbit f5-ipam-operator: image: repository: repo.f5.com/images pullPolicy: IfNotPresent namespace: "f5-operators" nameOverride: "f5-ipam-operator" fullnameOverride: "f5-ipam-operator" license: jwt: " "
Before you perform the Helm installation for FLO, ensure that you update the
flo-value.yamlfile with the correct values.Note: For information on the FLO Values spec parameters featured in this example, or for a comprehensive list of parameters, see F5 Lifecycle Operator (FLO).
Update the
namespacedetails according to your planned configuration.Note: Ensure that the
f5-ipam-operator.namespaceparameter is updated to match the namespace used to install the FLO helm chart.Update the
license.jwtwith the actual JWT.Update the
imagePullSecrets.namewith the actual secret to download artifacts from the registry, see Create FAR secret.Ensure that the
global.certmgr.clusterIssuerparameter inflo-value.yamlis properly updated with themetadata.namevalue of the cluster issuer, see Configure Cert Manager.Update the below licensing parameters with the specified values to successfully license the cluster in connected mode:
f5CertUrl: https://product.apis.f5.com/ee/v1f5EntitlementUrl: https://product-s.apis.f5.com/ee/v1f5InitialConfigUrl: https://product-s.apis.f5.com/ee/v1.
By default, BIG-IP Next for Kubernetes clusters are licensed in
connectedmode. If you want to license the clusters in FLP mode, set:license.operationModetof5licenseproxy.license.licenseserverrootcawith FLP RootCA. See License the cluster in FLP Mode.f5CertUrltohttps://<FLP HostName>:30001/license-proxy/v1and update the FLP HostName according to your configuration.f5EntitlementUrltohttps://<FLP HostName>:30001/license-proxy/v1and update the FLP HostName according to your configuration.f5InitialConfigUrltohttps://<FLP HostName>:30001/license-proxy/v1and update the FLP HostName according to your configuration.
Install the F5 Lifecycle Operator.
helm install flo oci://repo.f5.com/charts/f5-lifecycle-operator --version <<FLO_VERSION>> -f flo-values.yaml --namespace <<namespace>>
In the below example, charts/f5-lifecycle-operator is the path for pulling f5-lifecycle-operator Helm chart and its version is v1.7.8-0.3.37 as retrieved from the bnk-manifest-2.0.0-1.7.8-0.3.37.yaml file.
helm install flo oci://repo.f5.com/charts/f5-lifecycle-operator --version v1.7.8-0.3.37 -f flo-values.yaml --namespace f5-operators
Check the FLO and F5 IPAM Operator pods status.
kubectl get pods
Sample Output:
NAME READY STATUS RESTARTS AGE f5-ipam-operator-75977bb4c6-zhpf7 1/1 Running 0 17s flo-f5-lifecycle-operator-6c86fcf6f5-rw8t6 2/2 Running 0 17s
The FLO and F5 IPAM Controller are successfully installed and running.
Check the BNKGatewayClass CRD and BIG-IP Next for Kubernetes component CRDs.
NOTE: The BNKGatewayClass CRD and BIG-IP Next for Kubernetes component CRDs will remain in the cluster after the Helm uninstallation of FLO.
kubectl get crd | grep k8s.f5.com
Sample Output:
afms.k8s.f5.com 2025-03-18T00:14:41Z bnkgatewayclasses.k8s.f5.com 2025-03-18T00:14:41Z coremonds.k8s.f5.com 2025-03-18T00:14:41Z crdconversions.k8s.f5.com 2025-03-18T00:14:41Z csrcs.k8s.f5.com 2025-03-18T00:14:41Z cwcs.k8s.f5.com 2025-03-18T00:14:41Z dssms.k8s.f5.com 2025-03-18T00:14:41Z f5ingresses.k8s.f5.com 2025-03-18T00:14:41Z f5tmms.k8s.f5.com 2025-03-18T00:14:41Z fluentds.k8s.f5.com 2025-03-18T00:14:41Z ipamoperators.k8s.f5.com 2025-03-18T00:14:41Z nodelabelers.k8s.f5.com 2025-03-18T00:14:41Z observers.k8s.f5.com 2025-03-18T00:14:41Z rabbitmqs.k8s.f5.com 2025-03-18T00:14:41Z
Related Topics