F5 Solutions for Containers > Appendix > Appendix 5: BIG-IP / OpenShift Multi-Pod Deployment Source | Edit on
Lab 1.3 - F5 Container Connector Setup¶
Take the steps below to deploy a contoller for each BIG-IP device in the cluster.
Set up RBAC¶
The F5 BIG-IP Controller requires permission to monitor the status of the OpenSfhift cluster. The following will create a bigip login secret, Service Account, and Cluster Role. Run the following commands on both master1 and master2:
oc create secret generic bigip-login -n kube-system --from-literal=username=admin --from-literal=password=admin
oc create serviceaccount bigip-ctlr -n kube-system
oc create clusterrolebinding bigip-ctlr-clusteradmin --clusterrole=cluster-admin --serviceaccount=kube-system:bigip-ctlr
Create & Verify CC Deployment¶
Create an OpenShift Deployment for POD1 (one per BIG-IP device). You need to deploy a controller for both bigip1 and bigip2.
cc-bigip1-10.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
apiVersion: extensions/v1beta1 kind: Deployment metadata: name: bigip1-ctlr namespace: kube-system spec: replicas: 1 template: metadata: name: k8s-bigip-ctlr labels: app: k8s-bigip-ctlr spec: serviceAccountName: bigip-ctlr containers: - name: k8s-bigip-ctlr image: "f5networks/k8s-bigip-ctlr:latest" imagePullPolicy: IfNotPresent env: - name: BIGIP_USERNAME valueFrom: secretKeyRef: name: bigip-login key: username - name: BIGIP_PASSWORD valueFrom: secretKeyRef: name: bigip-login key: password command: ["/app/bin/k8s-bigip-ctlr"] args: [ "--bigip-username=$(BIGIP_USERNAME)", "--bigip-password=$(BIGIP_PASSWORD)", "--bigip-url=10.1.10.4", "--bigip-partition=okd10", "--namespace=default", "--pool-member-type=cluster", "--openshift-sdn-name=/Common/okd-tunnel-10" ]
cc-bigip2-10.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
apiVersion: extensions/v1beta1 kind: Deployment metadata: name: bigip2-ctlr namespace: kube-system spec: replicas: 1 template: metadata: name: k8s-bigip-ctlr labels: app: k8s-bigip-ctlr spec: serviceAccountName: bigip-ctlr containers: - name: k8s-bigip-ctlr image: "f5networks/k8s-bigip-ctlr:latest" imagePullPolicy: IfNotPresent env: - name: BIGIP_USERNAME valueFrom: secretKeyRef: name: bigip-login key: username - name: BIGIP_PASSWORD valueFrom: secretKeyRef: name: bigip-login key: password command: ["/app/bin/k8s-bigip-ctlr"] args: [ "--bigip-username=$(BIGIP_USERNAME)", "--bigip-password=$(BIGIP_PASSWORD)", "--bigip-url=10.1.10.5", "--bigip-partition=okd10", "--namespace=default", "--pool-member-type=cluster", "--openshift-sdn-name=/Common/okd-tunnel-10" ]
oc create -f cc-bigip1-10.yaml oc create -f cc-bigip2-10.yaml
Verify the deployment and pods that are created
oc get deployment -n kube-system oc get pods -n kube-system
Create an OpenShift Deployment for POD2 (one per BIG-IP device). You need to deploy a controller for both bigip1 and bigip2.
cc-bigip1-20.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
apiVersion: extensions/v1beta1 kind: Deployment metadata: name: bigip1-ctlr namespace: kube-system spec: replicas: 1 template: metadata: name: k8s-bigip-ctlr labels: app: k8s-bigip-ctlr spec: serviceAccountName: bigip-ctlr containers: - name: k8s-bigip-ctlr image: "f5networks/k8s-bigip-ctlr:latest" imagePullPolicy: IfNotPresent env: - name: BIGIP_USERNAME valueFrom: secretKeyRef: name: bigip-login key: username - name: BIGIP_PASSWORD valueFrom: secretKeyRef: name: bigip-login key: password command: ["/app/bin/k8s-bigip-ctlr"] args: [ "--bigip-username=$(BIGIP_USERNAME)", "--bigip-password=$(BIGIP_PASSWORD)", "--bigip-url=10.1.10.4", "--bigip-partition=okd20", "--namespace=default", "--pool-member-type=cluster", "--openshift-sdn-name=/Common/okd-tunnel-20" ]
cc-bigip2-20.yaml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
apiVersion: extensions/v1beta1 kind: Deployment metadata: name: bigip2-ctlr namespace: kube-system spec: replicas: 1 template: metadata: name: k8s-bigip-ctlr labels: app: k8s-bigip-ctlr spec: serviceAccountName: bigip-ctlr containers: - name: k8s-bigip-ctlr image: "f5networks/k8s-bigip-ctlr:latest" imagePullPolicy: IfNotPresent env: - name: BIGIP_USERNAME valueFrom: secretKeyRef: name: bigip-login key: username - name: BIGIP_PASSWORD valueFrom: secretKeyRef: name: bigip-login key: password command: ["/app/bin/k8s-bigip-ctlr"] args: [ "--bigip-username=$(BIGIP_USERNAME)", "--bigip-password=$(BIGIP_PASSWORD)", "--bigip-url=10.1.10.5", "--bigip-partition=okd20", "--namespace=default", "--pool-member-type=cluster", "--openshift-sdn-name=/Common/okd-tunnel-20" ]
oc create -f cc-bigip1-20.yaml oc create -f cc-bigip2-20.yaml
Verify the deployment and pods that are created
oc get deployment -n kube-system oc get pods -n kube-system