Lab 1.2 - Deploy Hello-World Using Route

Now that CIS is up and running, let’s deploy an application and leverage CIS.

For this lab we’ll use a simple pre-configured docker image called “f5-hello-world”. It can be found on docker hub at f5devcentral/f5-hello-world

To deploy our application, we will need the following definitions:

  • Define the Deployment resource: this will launch our application running in a container.

  • Define the Service resource: this is an abstraction which defines a logical set of pods and a policy by which to access them. Expose the service on a port on each node of the cluster (the same port on each node). You’ll be able to contact the service on any <NodeIP>:NodePort address. When you set the type field to “NodePort”, the master will allocate a port from a flag-configured range (default: 30000-32767), and each Node will proxy that port (the same port number on every Node) for your Service.

  • Define the Route resource: this is used to add the necesary annotations to define the virtual server settings.

App Deployment

Back to the SSH session on okd-master1 we will create all the required files:

  1. Create a file called deployment-hello-world.yaml

    Tip

    Use the file in ~/agilitydocs/docs/class2/openshift

    deployment-hello-world.yaml
     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: f5-hello-world-web
      namespace: default
    spec:
      replicas: 2
      selector:
        matchLabels:
          app: f5-hello-world-web
      template:
        metadata:
          labels:
            app: f5-hello-world-web
        spec:
          containers:
          - env:
            - name: service_name
              value: f5-hello-world-web
            image: f5devcentral/f5-hello-world:develop
            imagePullPolicy: IfNotPresent
            name: f5-hello-world-web
            ports:
            - containerPort: 8080
              protocol: TCP
    
  2. Create a file called nodeport-service-hello-world.yaml

    Tip

    Use the file in ~/agilitydocs/docs/class2/openshift

    nodeport-service-hello-world.yaml
     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    apiVersion: v1
    kind: Service
    metadata:
      name: f5-hello-world-web
      namespace: default
      labels:
        app: f5-hello-world-web
        cis.f5.com/as3-tenant: AS3
        cis.f5.com/as3-app: A1
        cis.f5.com/as3-pool: web_pool
    spec:
      ports:
      - name: f5-hello-world-web
        port: 8080
        protocol: TCP
        targetPort: 8080
      type: NodePort
      selector:
        app: f5-hello-world-web
    
  3. Create a file called route-hello-world.yaml

    Tip

    Use the file in ~/agilitydocs/docs/class2/openshift

    route-hello-world.yaml
     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
      apiVersion: v1
      kind: Route
      metadata:
        labels:
          f5type: hello-world
          name: f5-hello-world-web
        name: f5-hello-world-web
        namespace: default
        annotations:
          virtual-server.f5.com/balance: round-robin
          virtual-server.f5.com/health: |
            [
              {
                "path": "mysite.f5demo.com/",
                "send": "HTTP GET /",
                "interval": 5,
                "timeout": 10
              }
            ]
      spec:
        host: mysite.f5demo.com
        path: "/"
        port:
          targetPort: 8080
        to:
          kind: Service
          name: f5-hello-world-web
    
  4. We can now launch our application:

    oc create -f deployment-hello-world.yaml
    oc create -f nodeport-service-hello-world.yaml
    oc create -f route-hello-world.yaml
    
    ../../_images/f5-container-connector-launch-app-route.png
  5. To check the status of our deployment, you can run the following commands:

    Note

    This can take a few seconds to a minute to create these hello-world containers to running state.

    oc get pods -o wide
    
    ../../_images/f5-hello-world-pods-route.png
    oc describe svc f5-hello-world
    
    ../../_images/f5-container-connector-check-app-definition-route.png

    Attention

    To understand and test the new app pay attention to the NodePort value, that’s the port used to give you access to the app from the outside. In this example it’s “30459”, highlighted above.

  6. Now that we have deployed our application sucessfully, we can check the configuration on bigip1. Switch back to the open management session on firefox.

    Warning

    Don’t forget to select the “okd” partition or you’ll see nothing.

    Goto Local Traffic ‣ Virtual Servers

    With “Route” you’ll seee two virtual servers defined. “okd_http_vs” and “okd_https_vs”, listening on port 80 and 443.

    ../../_images/f5-container-connector-check-app-route-bigipconfig.png

    These Virtuals use an LTM Policy to direct traffic based on the host header. You can view this from the BIG-IP GUI at Local Traffic ‣ Virtual Servers ‣ Policies and click Published Policy ‣ “openshift_insecure_routes”

    ../../_images/f5-check-ltm-policy-route.png
  7. Check the Pools to see a new pool and the associated pool members.

    GoTo: Local Traffic ‣ Pools and select the “openshift_default_f5-hello-world-web” pool. Click the Members tab.

    ../../_images/f5-container-connector-check-app-route-pool.png

    Note

    You can see that the pool members listed are all the cluster node IPs on port 30459. (NodePort mode)

  8. Access your web application via firefox on the jumpbox.

    Note

    Open a new tab and select the “mysite.f5demo.com” shortcut or type http://mysite.f5demo.com in the URL field.

    ../../_images/f5-container-connector-access-app2.png
  9. Delete Hello-World

    Important

    Do not skip this step. Instead of reusing some of these objects, the next lab we will re-deploy them to avoid conflicts and errors.

    oc delete -f route-hello-world.yaml
    oc delete -f nodeport-service-hello-world.yaml
    oc delete -f deployment-hello-world.yaml
    

    Attention

    Validate the objects are removed via the management console. Local Traffic ‣ Virtual Servers