F5 Solutions for Containers > Appendix > Appendix 5: BIG-IP / OpenShift Multi-Pod Deployment Source | Edit on
Lab 1.3 - F5 Container Connector Setup¶
Take the steps below to deploy a contoller for each BIG-IP device in the cluster.
Set up RBAC¶
The F5 BIG-IP Controller requires permission to monitor the status of the OpenSfhift cluster. The following will create a bigip login secret, Service Account, and Cluster Role. Run the following commands on both master1 and master2:
oc create secret generic bigip-login -n kube-system --from-literal=username=admin --from-literal=password=admin
oc create serviceaccount bigip-ctlr -n kube-system
oc create clusterrolebinding bigip-ctlr-clusteradmin --clusterrole=cluster-admin --serviceaccount=kube-system:bigip-ctlr
Create & Verify CC Deployment¶
Create an OpenShift Deployment for POD1 (one per BIG-IP device). You need to deploy a controller for both bigip1 and bigip2.
cc-bigip1-10.yaml
1apiVersion: extensions/v1beta1 2kind: Deployment 3metadata: 4 name: bigip1-ctlr 5 namespace: kube-system 6spec: 7 replicas: 1 8 template: 9 metadata: 10 name: k8s-bigip-ctlr 11 labels: 12 app: k8s-bigip-ctlr 13 spec: 14 serviceAccountName: bigip-ctlr 15 containers: 16 - name: k8s-bigip-ctlr 17 image: "f5networks/k8s-bigip-ctlr:latest" 18 imagePullPolicy: IfNotPresent 19 env: 20 - name: BIGIP_USERNAME 21 valueFrom: 22 secretKeyRef: 23 name: bigip-login 24 key: username 25 - name: BIGIP_PASSWORD 26 valueFrom: 27 secretKeyRef: 28 name: bigip-login 29 key: password 30 command: ["/app/bin/k8s-bigip-ctlr"] 31 args: [ 32 "--bigip-username=$(BIGIP_USERNAME)", 33 "--bigip-password=$(BIGIP_PASSWORD)", 34 "--bigip-url=10.1.10.4", 35 "--bigip-partition=okd10", 36 "--namespace=default", 37 "--pool-member-type=cluster", 38 "--openshift-sdn-name=/Common/okd-tunnel-10" 39 ]
cc-bigip2-10.yaml
1apiVersion: extensions/v1beta1 2kind: Deployment 3metadata: 4 name: bigip2-ctlr 5 namespace: kube-system 6spec: 7 replicas: 1 8 template: 9 metadata: 10 name: k8s-bigip-ctlr 11 labels: 12 app: k8s-bigip-ctlr 13 spec: 14 serviceAccountName: bigip-ctlr 15 containers: 16 - name: k8s-bigip-ctlr 17 image: "f5networks/k8s-bigip-ctlr:latest" 18 imagePullPolicy: IfNotPresent 19 env: 20 - name: BIGIP_USERNAME 21 valueFrom: 22 secretKeyRef: 23 name: bigip-login 24 key: username 25 - name: BIGIP_PASSWORD 26 valueFrom: 27 secretKeyRef: 28 name: bigip-login 29 key: password 30 command: ["/app/bin/k8s-bigip-ctlr"] 31 args: [ 32 "--bigip-username=$(BIGIP_USERNAME)", 33 "--bigip-password=$(BIGIP_PASSWORD)", 34 "--bigip-url=10.1.10.5", 35 "--bigip-partition=okd10", 36 "--namespace=default", 37 "--pool-member-type=cluster", 38 "--openshift-sdn-name=/Common/okd-tunnel-10" 39 ]
oc create -f cc-bigip1-10.yaml oc create -f cc-bigip2-10.yaml
Verify the deployment and pods that are created
oc get deployment -n kube-system oc get pods -n kube-system
Create an OpenShift Deployment for POD2 (one per BIG-IP device). You need to deploy a controller for both bigip1 and bigip2.
cc-bigip1-20.yaml
1apiVersion: extensions/v1beta1 2kind: Deployment 3metadata: 4 name: bigip1-ctlr 5 namespace: kube-system 6spec: 7 replicas: 1 8 template: 9 metadata: 10 name: k8s-bigip-ctlr 11 labels: 12 app: k8s-bigip-ctlr 13 spec: 14 serviceAccountName: bigip-ctlr 15 containers: 16 - name: k8s-bigip-ctlr 17 image: "f5networks/k8s-bigip-ctlr:latest" 18 imagePullPolicy: IfNotPresent 19 env: 20 - name: BIGIP_USERNAME 21 valueFrom: 22 secretKeyRef: 23 name: bigip-login 24 key: username 25 - name: BIGIP_PASSWORD 26 valueFrom: 27 secretKeyRef: 28 name: bigip-login 29 key: password 30 command: ["/app/bin/k8s-bigip-ctlr"] 31 args: [ 32 "--bigip-username=$(BIGIP_USERNAME)", 33 "--bigip-password=$(BIGIP_PASSWORD)", 34 "--bigip-url=10.1.10.4", 35 "--bigip-partition=okd20", 36 "--namespace=default", 37 "--pool-member-type=cluster", 38 "--openshift-sdn-name=/Common/okd-tunnel-20" 39 ]
cc-bigip2-20.yaml
1apiVersion: extensions/v1beta1 2kind: Deployment 3metadata: 4 name: bigip2-ctlr 5 namespace: kube-system 6spec: 7 replicas: 1 8 template: 9 metadata: 10 name: k8s-bigip-ctlr 11 labels: 12 app: k8s-bigip-ctlr 13 spec: 14 serviceAccountName: bigip-ctlr 15 containers: 16 - name: k8s-bigip-ctlr 17 image: "f5networks/k8s-bigip-ctlr:latest" 18 imagePullPolicy: IfNotPresent 19 env: 20 - name: BIGIP_USERNAME 21 valueFrom: 22 secretKeyRef: 23 name: bigip-login 24 key: username 25 - name: BIGIP_PASSWORD 26 valueFrom: 27 secretKeyRef: 28 name: bigip-login 29 key: password 30 command: ["/app/bin/k8s-bigip-ctlr"] 31 args: [ 32 "--bigip-username=$(BIGIP_USERNAME)", 33 "--bigip-password=$(BIGIP_PASSWORD)", 34 "--bigip-url=10.1.10.5", 35 "--bigip-partition=okd20", 36 "--namespace=default", 37 "--pool-member-type=cluster", 38 "--openshift-sdn-name=/Common/okd-tunnel-20" 39 ]
oc create -f cc-bigip1-20.yaml oc create -f cc-bigip2-20.yaml
Verify the deployment and pods that are created
oc get deployment -n kube-system oc get pods -n kube-system