F5 Solutions for Containers > Class 1: Kubernetes with F5 Container Ingress Service > Module 3: Expose Service with NGINX Ingress Controller Source | Edit on

Lab 3.2 - Deploy Hello-World (Again)¶

In the previous modules we deployed f5-hello-world behind CIS using NodePort and ClusterIP modes with Ingress and ConfigMap resources. In this lab we will deploy the f5-hello-world, yet again, but behind the NGINX kubernetes ingress controller using ClusterIP.

App Deployment¶

As before all the necesary files are on kube-master1 in ~/agilitydocs/docs/class1/kubernetes

Start SSH session to kube-master1 if not already done so.

Note

You should have an open session from previous lab.
Change working directory to the yaml file repository.
```
cd ~/agilitydocs/docs/class1/kubernetes
```

Review hello-world deployment deployment-hello-world.yaml

Note

In all our examples we’ve used the same deployment to create our pods.

deployment-hello-world.yaml¶

apiVersion: apps/v1
kind: Deployment
metadata:
  name: f5-hello-world-web
  namespace: default
spec:
  replicas: 2
  selector:
    matchLabels:
      app: f5-hello-world-web
  template:
    metadata:
      labels:
        app: f5-hello-world-web
    spec:
      containers:
      - env:
        - name: service_name
          value: f5-hello-world-web
        image: f5devcentral/f5-hello-world:latest
        imagePullPolicy: IfNotPresent
        name: f5-hello-world-web
        ports:
        - containerPort: 8080
          protocol: TCP

Review hello-world service clusterip-service-hello-world.yaml

Note

Here we’re not interested in the CIS annotation of the file as before. We’re simply reusing the same service for NGINX Ingress to create the proper endpoints.

clusterip-service-hello-world.yaml¶

apiVersion: v1
kind: Service
metadata:
  name: f5-hello-world-web
  namespace: default
  labels:
    app: f5-hello-world-web
    cis.f5.com/as3-tenant: AS3
    cis.f5.com/as3-app: A1
    cis.f5.com/as3-pool: web_pool
spec:
  ports:
  - name: f5-hello-world-web
    port: 8080
    protocol: TCP
    targetPort: 8080
  type: ClusterIP
  selector:
    app: f5-hello-world-web

Review hello-world NGINX service nginx-ingress-hello-world.yaml

Note

This create’s our app on NGINX. You can see in line 14 and 15 how we reference the previouly created hello-world service by name and port. On line 9 we define the expected host header. Just as before this host is in the local host file (/etc/hosts) and will be needed to access to the app.

nginx-ingress-hello-world.yaml¶

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: f5-hello-world-ingress
  annotations:
    kubernetes.io/ingress.class: "nginx"
spec:
  rules:
  - host: mysite.f5demo.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: f5-hello-world-web
            port:
              number: 8080

We can now launch our application:

kubectl create -f deployment-hello-world.yaml
kubectl create -f clusterip-service-hello-world.yaml
kubectl create -f nginx-ingress-hello-world.yaml

../../_images/nginx-ingress-launch-app.png

At this point hello-world is not externally accessible but we can check the status of our service.
```
kubectl describe svc f5-hello-world
```

CIS Service & Deployment¶

In order to deploy the virtual service on BIG-IP we need to create and deploy two files, a service and configmap.

Review cis service file cis-service.yaml

Note

In this case the labels are important and must match our configmap declaration.

Important

The namespace of this service and deployment below must match due to changes in CIS v2.1.

Important

Starting with CIS v2.2.2, AS3 ConfigMap expects servicePort to match the port (not the nodeport) exposed in the service definition. See line 13 here and line 39 in the AS3 declaration below.

cis-service.yaml¶

apiVersion: v1
kind: Service
metadata:
  name: nginx-ingress-hello-world
  namespace: nginx-ingress
  labels:
    cis.f5.com/as3-tenant: AS3
    cis.f5.com/as3-app: A1
    cis.f5.com/as3-pool: web_pool
spec:
  type: NodePort
  ports:
  - port: 80
    targetPort: 80
    protocol: TCP
    name: http
  selector:
    app: nginx-ingress

Review CIS configmap file cis-configmap.yaml

Note

In this case the labels are important and must match our configmap declaration.

Important

The namespace of this deploymnent and service above must match due to changes in CIS v2.1.

Tip

In all of our AS3 examples you’ll notice the declaration is the same. This make the use of AS3 highly portable.

cis-configmap.yaml¶

apiVersion: v1
kind: ConfigMap
metadata:
  name: f5-as3-declaration
  namespace: nginx-ingress
  labels:
    f5type: virtual-server
    as3: "true"
data:
  template: |
    {
      "class": "AS3",
      "declaration": {
        "class": "ADC",
        "schemaVersion": "3.10.0",
        "id": "urn:uuid:33045210-3ab8-4636-9b2a-c98d22ab915d",
        "label": "http",
        "remark": "A1 example",
        "AS3": {
          "class": "Tenant",
          "A1": {
            "class": "Application",
            "template": "http",
            "serviceMain": {
              "class": "Service_HTTP",
              "virtualAddresses": [
                "10.1.1.4"
              ],
              "pool": "web_pool",
              "virtualPort": 80
            },
            "web_pool": {
              "class": "Pool",
              "monitors": [
                "http"
              ],
              "members": [
                {
                  "servicePort": 80,
                  "serverAddresses": []
                }
              ]
            }
          }
        }
      }
    }

Create the service and deployment

kubectl create -f cis-service.yaml
kubectl create -f cis-configmap.yaml

To check the status of our service run the following command:
```
kubectl describe svc nginx-ingress-hello-world -n nginx-ingress
```
Attention

As the previous modules pointed out we need to focus on the Endpoints value, this shows our one NGINX instance (defined as replicas in our NGINX deployment file) and the flannel IP assigned to the pod. To confirm the NGINX endpoint IP use the following command:
```
kubectl get pods -n nginx-ingress -o wide
```
Now that we have deployed our application sucessfully, we can check the configuration on bigip1. Switch back to the open management session on firefox.

Warning

Don’t forget to select the proper partition. In this case we need to look at the “AS3” partition because we’re using AS#. This partition was auto created by AS3 and named after the Tenant which happens to be “AS3”.

GoTo: Local Traffic ‣ Virtual Servers

Here you can see a new Virtual Server, “serviceMain” was created, listening on 10.1.1.4:80 in partition “AS3”.
Check the Pools to see a new pool and the associated pool members.

GoTo: Local Traffic ‣ Pools and select the “web_pool” pool. Click the Members tab.

Note

You can see that the pool members IP address is the NGINX pod IP.
Access your web application via firefox on the jumpbox.

Note

Select the “mysite.f5demo.com” shortcut.

Attention

In this case you can’t simply type the IP for the URL. NGINX is looking for a specific HOST header to properly direct the traffic to the right application pod.
Remove Hello-World from BIG-IP.
```
kubectl delete -f cis-configmap.yaml
kubectl delete -f cis-service.yaml
```
Note

Be sure to verify the virtual server and “AS3” partition were removed from BIG-IP.

Remove Hello-World from NGINX

kubectl delete -f nginx-ingress-hello-world.yaml
kubectl delete -f clusterip-service-hello-world.yaml
kubectl delete -f deployment-hello-world.yaml

Remove CIS

kubectl delete -f cluster-deployment.yaml

Important

Do not skip these clean-up steps. Instead of reusing these objects, the next lab we will re-deploy them to avoid conflicts and errors.

Previous Next