Replace the F5 Router in OpenShift

Take the steps below to replace the OpenShift F5 Router with the BIG-IP Controller for Kubernetes in OpenShift deployments.

Task Summary
Step Task
Remove the OpenShift F5 Router.
Install the BIG-IP Controller.
Deploy the BIG-IP Controller.
Upload the Route to the OpenShift API server.
Verify creation of BIG-IP objects.

Remove the OpenShift F5 Router

Use the OpenShift CLI to remove the Pod(s) associated with the F5 Router.

Note

The BIG-IP Controller will remove/replace any objects on the BIG-IP system when it launches, if you set it to manage the same BIG-IP partition. If you want to manage a different partition with the BIG-IP Controller, you should delete the objects from the F5 Router’s partition manually.

oc delete pod <pod-name>

Install the BIG-IP Controller

  1. Complete the initial setup.

  2. Set up RBAC Authentication.

  3. Create a Deployment for the BIG-IP Controller.

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    apiVersion: extensions/v1beta1
    kind: Deployment
    metadata:
      name: k8s-bigip-ctlr
    spec:
      replicas: 1
      template:
        metadata:
          name: k8s-bigip-ctlr
          labels:
            app: k8s-bigip-ctlr
        spec:
          # Name of the Service Account bound to a Cluster Role with the required
          # permissions
          serviceAccountName: bigip-ctlr
          containers:
            - name: k8s-bigip-ctlr
              image: "f5networks/k8s-bigip-ctlr"
              env:
                - name: BIGIP_USERNAME
                  valueFrom:
                    secretKeyRef:
                      # Replace with the name of the Secret containing your login
                      # credentials
                      name: bigip-login
                      key: username
                - name: BIGIP_PASSWORD
                  valueFrom:
                    secretKeyRef:
                      # Replace with the name of the Secret containing your login
                      # credentials
                      name: bigip-login
                      key: password
              command: ["/app/bin/k8s-bigip-ctlr"]
              args: [
                # See the k8s-bigip-ctlr documentation for information about
                # all config options
                # https://clouddocs.f5.com/products/connectors/k8s-bigip-ctlr/latest
                "--bigip-username=$(BIGIP_USERNAME)",
                "--bigip-password=$(BIGIP_PASSWORD)",
                "--bigip-url=10.10.10.10",
                "--bigip-partition=openshift",
                "--pool-member-type=cluster",
                "--openshift-sdn-name=/Common/openshift_vxlan",
                "--manage-routes=true",
                "--route-vserver-addr=1.2.3.4",
                "--route-label="App1"
                ]
          imagePullSecrets:
            - name: f5-docker-images
            - name: bigip-login
    
  4. Upload the Deployment to the OpenShift API server.

When you upload the Deployment to your OpenShift API server, the BIG-IP Controller will automatically detect any existing OpenShift Routes and create corresponding routes on the BIG-IP system.

If you set up the BIG-IP Controller to manage the same BIG-IP partition you used with the OpenShift F5 Router, the BIG-IP Controller automatically replaces any remaining F5 Router artifacts in the partition with new objects.

What’s Next