BIG-IP Next for Kubernetes CWC

The BIG-IP Next for Kubernetes Cluster Wide Controller (CWC) enables BIG-IP Next for Kubernetes software licensing and billing capabilities. Once the BIG-IP Next for Kubernetes software is installed and licensed, the CWC collects and reports software usage telemetry statistics based on the number of BIG-IP Next for Kubernetes CRs used by the licensed BIG-IP Next for Kubernetes Controller instances in the cluster. BIG-IP Next for Kubernetes uses F5’s flexible consumption software licensing model, billing only for the BIG-IP Next for Kubernetes features used. All the Custom Resource Definitions (CRDs) are installed by the F5 Orchestrator, see F5 Orchestrator.

CPCL module

The CWC contains the Common Product Component and Libraries (CPCL) module that helps with license activation, and with generating and maintaining the monthly license reports. The CPCL requires these two important licensing objects:

  • A JWKS (JSON Web Key Set) that must be installed prior to installing the CWC Pod. The JWKS can be downloaded and installed using the Install the CPCL JWKS procedure.
  • A JWT (JSON Web Token) that is associated with your unique CAT (Customer Association Token). The JWT can be obtained from your MyF5 account and will be installed before running orchestrator, see Orchestrator.

CPCL modes

The CPCL module supports two licensing modes:

  • disconnected - When the CWC does not have access to the internet, each licensing task must be performed manually.
  • connected - When the CWC has access the internet, it can automatically perform each of the licensing tasks.

RabbitMQ

The CWC and BIG-IP Next for Kubernetes Controller Pod communicate through the RabbitMQ open source message broker to determine the cluster licensing status. Ensure connectivity is permitted for the service ports listed in the sections below.

CWC Service

After installing the CWC, a CWC Service object is created that receives REST API data on TCP service port 30881, and forwards the data to the CWC Pod on TCP service port 38081. Ensure the Service ports are available, and the cluster has CoreDNS enabled. In this example, the BIG-IP Next for Kubernetes components will need to resolve the f5-spk-cwc.f5-utils DNS hostname.

Name:              f5-spk-cwc
Namespace:         f5-utils
IP:                10.109.102.215
Port:              cwc-rest  30881/TCP
Endpoints:         10.244.1.75:38081

RabbitMQ Service

After installing the RabbitMQ Pod, a RabbitMQ Service object is created, to pass messages between the BIG-IP Next for Kubernetes Controllers and the CWC on TCP service port 5671. Ensure the Service port is available, and the cluster’s core DNS is enabled. In this example, the BIG-IP Next for Kubernetes components will need to resolve the rabbitmq-server.f5-utils hostname.

Name:              rabbitmq-server
Namespace:         f5-utils
IP:                10.109.105.210
Port:              ampqst  5671/TCP
Endpoints:         10.244.1.80:5671

CWC capabilities

The CWC supports the following capabilities:

Supplemental