F5 Container Integrations v1.3

Current Page

Application Services Proxy

Cloud Foundry

Kubernetes / OpenShift

Mesos Marathon




Cloud Docs Home > F5 Container Integrations Index


WARNING! You are viewing an outdated documentation set.

View the latest version

F5 Container Integration - OpenShift

This document provides general information regarding the F5 Integration for OpenShift. For deployment and usage instructions, please refer to the guides below.


The BIG-IP Controller for OpenShift enables use of a BIG-IP device in OpenShift. Because OpenShift has a native Kubernetes integration, the F5 Integration for OpenShift utilizes the same controller as the F5 Integration for Kubernetes. In OpenShift, you can use the BIG-IP Controller to use a BIG-IP device(s) to:


Integration with OpenShift SDN requires a BIG-IP Better or Best license with SDN services.

OpenShift Node Health

In OpenShift clusters, the Kubernetes NodeList records status for all nodes registered with the master. Because the BIG-IP Controller integrates with the cluster network, it can access the NodeList in OpenShift’s underlying Kubernetes API server and watch it for changes. The BIG-IP Controller creates/updates FDB (Forwarding DataBase) entries for the configured VXLAN tunnel according to the NodeList. This ensures the BIG-IP Controller only makes VXLAN requests to reported nodes.

As a function of the BIG-IP VXLAN, the BIG-IP device only communicates with healthy cluster nodes. The BIG-IP device does not attempt to route traffic to an unresponsive node, even if the node remains in the NodeList.


You can also set up BIG-IP health monitors for OpenShift Services.

OpenShift Routes

In OpenShift, the BIG-IP Controller can manage BIG-IP objects for routes.


See manage OpenShift Routes with the BIG-IP Controller for configuration instructions.

Setting up OpenShift Route resources provides the following functionality:

  • listen for HTTP route events in OpenShift and create/delete/expire routes on BIG-IP devices (including L7 config policies such as wildcard routes, prefixes, etc.);
  • apply client SSL certificates from Kubernetes/OpenShift Secrets to BIG-IP LTM objects;
  • apply existing BIG-IP SSL certificates to BIG-IP LTM objects;
  • SSL termination using edge, passthrough, or re-encryption mode.

The table below shows what BIG-IP configurations the BIG-IP Controller applies for common admin tasks in OpenShift.

User action Controller action
Create OpenShift Route
  • Create two virtual servers:
    • one (1) HTTP
    • one (1) HTTPS
  • Create pools and pool members with policies attached.
  • Attach defined policies to virtual servers.
Add/remove endpoint(s)
  • Add/remove the pool member(s) that correspond to the endpoint(s) from the Route’s pool.
Delete all Routes
  • Remove all objects associated with the Routes (virtual servers, pools, and pool members) from the BIG-IP system.

What’s Next

Refer to the docs listed below for setup and configuration instructions.