k8s big-ip control 安装使用

0. 准备工作

网络打通,这里没有使用fannel,没有使用vxlan 。

在f5界面 创建f5分区。这里是cce-test。

1. 安装bigip control

kubectl create serviceaccount bigip-ctlr -n kube-system

kubectl get sa -n kube-system

创建ClusterRole ,ClusterRole

f5-k8s-sample-rbac.yaml

# for use in k8s clusters only

# for OpenShift, use the OpenShift-specific examples

kind: ClusterRole

apiVersion: rbac.authorization.k8s.io/v1

metadata:

  name: bigip-ctlr-clusterrole

rules:

- apiGroups: ["", "extensions"]

  resources: ["nodes", "services", "endpoints", "namespaces", "ingresses", "pods"]

  verbs: ["get", "list", "watch"]

- apiGroups: ["", "extensions"]

  resources: ["configmaps", "events", "ingresses/status"]

  verbs: ["get", "list", "watch", "update", "create", "patch"]

- apiGroups: ["", "extensions"]

  resources: ["secrets"]

  resourceNames: ["<secret-containing-bigip-login>"]

  verbs: ["get", "list", "watch"]

---

kind: ClusterRoleBinding

apiVersion: rbac.authorization.k8s.io/v1

metadata:

  name: bigip-ctlr-clusterrole-binding

  namespace: kube-system

roleRef:

  apiGroup: rbac.authorization.k8s.io

  kind: ClusterRole

  name: bigip-ctlr-clusterrole

subjects:

- apiGroup: ""

  kind: ServiceAccount

  name: bigip-ctlr

  namespace: kube-system

kubectl get clusterroles.rbac.authorization.k8s.io -n kube-system

NAME                                                                   AGE

admin                                                                  2d12h

aggregate-network-attachment-definitions-admin                         2d12h

aggregate-network-attachment-definitions-edit                          2d12h

aggregate-network-attachment-definitions-view                          2d12h

bigip-ctlr-clusterrole                                                 46h

cluster-admin                                                          2d12h

copaddon-nginx-ingress                                                 2d12h

coredns                                                                2d12h

edit                                                                   2d12h

kubectl get clusterrolebindings.rbac.authorization.k8s.io -n kube-system

NAME                                                   AGE

auto-approve-csrs-for-group                            2d12h

auto-approve-renewals-for-nodes                        2d12h

auto-approve-renewals-for-nodes-server                 2d12h

bigip-ctlr-clusterrole-binding                         46h

f5-k8s-bigip-ctlr_basic.yaml

kubectl create secret generic bigip-login --namespace kube-system --from-literal=username=admin --from-literal=password=admin

kubectl describe secret bigip-login -n kube-system

kubectl apply -f f5-k8s-bigip-ctlr_basic.yaml

apiVersion: extensions/v1beta1

kind: Deployment

metadata:

  name: k8s-bigip-ctlr-deployment

  namespace: kube-system

spec:

  # DO NOT INCREASE REPLICA COUNT

  replicas: 1

  template:

    metadata:

      name: k8s-bigip-ctlr

      labels:

        app: k8s-bigip-ctlr

    spec:

      # Name of the Service Account bound to a Cluster Role with the required

      # permissions

      serviceAccountName: bigip-ctlr

      containers:

        - name: k8s-bigip-ctlr

          image: "f5networks/k8s-bigip-ctlr"

          imagePullPolicy: IfNotPresent

          env:

            - name: BIGIP_USERNAME

              valueFrom:

                secretKeyRef:

                  # Replace with the name of the Secret containing your login

                  # credentials

                  name: bigip-login

                  key: username

            - name: BIGIP_PASSWORD

              valueFrom:

                secretKeyRef:

                  # Replace with the name of the Secret containing your login

                  # credentials

                  name: bigip-login

                  key: password

          command: ["/app/bin/k8s-bigip-ctlr"]

          args: [

            # See the k8s-bigip-ctlr documentation for information about

            # all config options

            # https://clouddocs.f5.com/products/connectors/k8s-bigip-ctlr/latest

            "--bigip-username=$(BIGIP_USERNAME)",

            "--bigip-password=$(BIGIP_PASSWORD)",

            "--bigip-url=xxxxxxxxx",

            "--bigip-partition=cce-test",

            "--pool-member-type=cluster"

            ]

     # imagePullSecrets:

     #   # Secret that gives access to a private docker registry

     #   - name: f5-docker-images

     #   # Secret containing the BIG-IP system login credentials

     #   - name: bigip-login

指定bigip-url

bigip-partition

pool-member-type

看下deployment日志有没有报错:

kubectl logs k8s-bigip-ctlr-deployment-bcf87fdb8-ztj9f -n kube-system

2. 创建应用和对应f5 vs的configmap

创建应用,这里以nginx为例:

kubectl create deployment --image=nginx nginx1

kubectl expose deployment nginx1 --port=80

创建f5vs的configmap

f5-resource-vs-example.configmap.yaml

kind: ConfigMap

apiVersion: v1

metadata:

  name: nginx1.vs

  labels:

    f5type: virtual-server

data:

  # See the f5-schema table for schema-controller compatibility

  # https://clouddocs.f5.com/containers/latest/releases_and_versioning.html#f5-schema

  schema: "f5schemadb://bigip-virtual-server_v0.1.7.json"

  data: |

    {

      "virtualServer": {

        "backend": {

          "servicePort": 80,

          "serviceName": "nginx1",

          "healthMonitors": [{

            "interval": 30,

            "protocol": "http",

            "send": "GET / HTTP/1.1\r\nHost:abc.com\r\n\r\n",

            "recv": "200|OK",

            "timeout": 120

          }]

        },

        "frontend": {

          "virtualAddress": {

            "port": 80,

            "bindAddr": "xxxxxxxxxx"

          },

          "partition": "cce-test",

          "balance": "least-connections-member",

          "mode": "http"

        }

      }

    }

填写backend, frontend。

官网有比较详细的解释,参数可以添加很多。https://clouddocs.f5.com/products/connectors/k8s-bigip-ctlr/v1.10/

k8s big-ip control 安装使用的更多相关文章

  1. Istio(二):在Kubernetes(k8s)集群上安装部署istio1.14

    目录 一.模块概览 二.系统环境 三.安装istio 3.1 使用 Istioctl 安装 3.2 使用 Istio Operator 安装 3.3 生产部署情况如何? 3.4 平台安装指南 四.Ge ...

  2. Sublime Text以及Package Control安装方法

    官方下载:Sublime Text 中国论坛:Sublime 论坛 Sublime Text 是一个代码编辑器,具有漂亮的用户界面和强大的功能,并且它还是一个跨平台的编辑器,同时支持Windows.L ...

  3. Mac下sublime text 的“package control”安装

    小伙伴们好,我根据昨晚的经历写一个小总结:关于“Mac下sublime text 的“package control”安装”.本来安装package control是一个无比简单的事情,即使是初次使用 ...

  4. 006_Mac下sublime text 的“package control”安装,sublimepackage

    Mac下sublime text 的“package control”安装,sublimepackage 小伙伴们好,我根据昨晚的经历写一个小总结:关于“Mac下sublime text 的“pack ...

  5. 国内不fq安装K8S三: 使用helm安装kubernet-dashboard

    目录 3 使用helm安装kubernet-dashboard 3.1 Helm的安装 3.2 使用Helm部署Nginx Ingress 3.3 使用Helm部署dashboard 3.4 使用He ...

  6. 【K8S】K8S 1.18.2安装dashboard(基于kubernetes-dashboard 2.0.0版本)

    [K8S]K8S 1.18.2安装dashboard(基于kubernetes-dashboard 2.0.0版本) 写在前面 K8S集群部署成功了,如何对集群进行可视化管理呢?别着急,接下来,我们一 ...

  7. k8s第二回之k8s集群的安装

    1. k8s集群的安装 目录 1. k8s集群的安装 1.架构: 2.环境准备 3.master节点安装etcd 4. master节点安装kubernetes 5.node节点安装kubernete ...

  8. Sublime Text 3常用快捷键 以及package control 安装

    网络上搜索到的,现整理下来备用: package control安装 view下 ctrl+~ import urllib.request,os; pf = 'Package Control.subl ...

  9. 通过 Sublime Package Control 安装插件后不能用的解决办法

    最近使用 Sublime 写 SASS 的时候需要使用高亮功能,通过 Package Control 安装了相关插件,但是安装之后没有反应,再次打开 Package Control 的时候,已经搜索不 ...

随机推荐

  1. SpringBoot中使用Fastjson/Jackson对JSON序列化格式化输出的若干问题

    来源 :https://my.oschina.net/Adven/blog/3036567 使用springboot-web编写rest接口,接口需要返回json数据,目前国内比较常用的fastjso ...

  2. HDU 2513 Cake slicing

    #include<bits/stdc++.h> using namespace std; int n,m,k; int cherry[405],dp[405][405]; int solv ...

  3. MYSQL 索引汇总

    1.MySQL索引类型 先分以下类,MYQL有两大类索引:聚集索引和非聚集索引(只考虑mysql innodb) 聚集索引:在有主键的情况下,主键为聚集索引,其他都是非聚集索引             ...

  4. Linux分类

    Linux versions:http://www.cnblogs.com/sammyliu/articles/4832157.html1. Maintained by organization- D ...

  5. Vant Weapp小程序蹲坑之使用card组件显示价格

    问题 在基于mpvue+Vant Weapp组件库实战过程中,问题越来越多.网络上所谓的"坑"总结,仅仅不过是其开发中所遭所遇之"坑"而已--估计后面的&quo ...

  6. Burnside&Polya总结

    这里就算是一个小总结吧- 附参考的网址: http://blog.sina.com.cn/s/blog_6a46cc3f0100s2qf.html http://www.cnblogs.com/han ...

  7. mac OS 卸载node.js及npm

    通过homebrew安装的 输入卸载命令 brew uninstall node 通过官网下载pkg安装包的 输入卸载命令 sudo rm -rf /usr/local/{bin/{node,npm} ...

  8. 桌面上的Flutter:Electron又多了个对手

    从本质上看,Flutter是一个独立的二进制可执行文件.它不仅改变了移动设备的玩法,在桌面设备上也同样不可小觑.一次编写,可在Android.iOS.Windows.Mac和Linux上进行原生部署, ...

  9. Netty(四):AbstractChannel源码解析

    首先我们通过一张继承关系的图来认识下AbstractChannel在Netty中的位置. 除了Comaprable接口来自java自带的包,其他都是Netty包中提供的. Comparable接口定义 ...

  10. Pointers and Memory

    Stanford CS Education Library #102 一.Basic Pointers 指针主要有两个用途:使不同的代码段共享信息.方便链表(树)的处理. 指针示意图: derefer ...