Replace the F5 Router in OpenShift

Take the steps below to replace the OpenShift F5 Router with the BIG-IP Controller for Kubernetes in OpenShift deployments.

Task Summary
Step Task
Remove the OpenShift F5 Router.
Install the BIG-IP Controller.
Deploy the BIG-IP Controller.
Upload the Route to the OpenShift API server.
Verify creation of BIG-IP objects.

Remove the OpenShift F5 Router

Use the OpenShift CLI to remove the Pod(s) associated with the F5 Router.

Note

The BIG-IP Controller will remove/replace any objects on the BIG-IP system when it launches, if you set it to manage the same BIG-IP partition. If you want to manage a different partition with the BIG-IP Controller, you should delete the objects from the F5 Router’s partition manually.

oc delete pod <pod-name>

Install the BIG-IP Controller

  1. Complete the initial setup.

  2. Set up RBAC Authentication.

  3. Create a Deployment for the BIG-IP Controller.

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
    apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: k8s-bigip-ctlr
spec:
  replicas: 1
  template:
    metadata:
      name: k8s-bigip-ctlr
      labels:
        app: k8s-bigip-ctlr
    spec:
      # Name of the Service Account bound to a Cluster Role with the required
      # permissions
      serviceAccountName: bigip-ctlr
      containers:
        - name: k8s-bigip-ctlr
          image: "f5networks/k8s-bigip-ctlr"
          env:
            - name: BIGIP_USERNAME
              valueFrom:
                secretKeyRef:
                  # Replace with the name of the Secret containing your login
                  # credentials
                  name: bigip-login
                  key: username
            - name: BIGIP_PASSWORD
              valueFrom:
                secretKeyRef:
                  # Replace with the name of the Secret containing your login
                  # credentials
                  name: bigip-login
                  key: password
          command: ["/app/bin/k8s-bigip-ctlr"]
          args: [
            # See the k8s-bigip-ctlr documentation for information about
            # all config options
            # https://clouddocs.f5.com/products/connectors/k8s-bigip-ctlr/latest
            "--bigip-username=$(BIGIP_USERNAME)",
            "--bigip-password=$(BIGIP_PASSWORD)",
            "--bigip-url=10.10.10.10",
            "--bigip-partition=openshift",
            "--pool-member-type=cluster",
            "--openshift-sdn-name=/Common/openshift_vxlan",
            "--manage-routes=true",
            "--route-vserver-addr=1.2.3.4",
            "--route-label="App1"
            ]
      imagePullSecrets:
        - name: f5-docker-images
        - name: bigip-login

  4. Upload the Deployment to the OpenShift API server.

When you upload the Deployment to your OpenShift API server, the BIG-IP Controller will automatically detect any existing OpenShift Routes and create corresponding routes on the BIG-IP system.

If you set up the BIG-IP Controller to manage the same BIG-IP partition you used with the OpenShift F5 Router, the BIG-IP Controller automatically replaces any remaining F5 Router artifacts in the partition with new objects.

What’s Next