Container Ingress Services and AS3 Extensions - HTTP application use case

This use case demonstrates how you can use Container Ingress Services (CIS), and Application Services 3 (AS3) Extenstions to:

  • Deploy a simple HTTP application (Container).
  • Expose the application using a Kubernetes Service.
  • Configure the BIG-IP system to load balance across the application (PODs).

HTTP application overview

../_images/cis_http_as3_service.png

Click image for larger view.

Prerequisites

To complete this use case, ensure you have:

  • A functioning Kubernetes cluster.
  • A BIG-IP system running software version 12.1.x or higher.
  • AS3 Extension version 3.10 or higher installed on BIG-IP.
  • A BIG-IP system user account with the Administrator role.

Important

If your BIG-IP system is using a self-signed SSL device certificate (the default configuration), include the –insecure=true option in your k8s-bigip-ctlr deployment. Also, to allow the BIG-IP system to reach containers directly, set the --pool-member-type= option to cluster. Your k8s-bigip-ctlr deployment should resemble:

args: [
   "--bigip-username=$(BIGIP_USERNAME)",
   "--bigip-password=$(BIGIP_PASSWORD)",
   "--bigip-url=10.10.10.100",
   "--bigip-partition=AS3",
   "--namespace=default",
   "--pool-member-type=cluster",
   "--flannel-name=fl-vxlan",
   "--insecure=true"
      ]

Procedures

I. Deploy the HTTP application

Kubernetes Deployments are used to create Kubernetes PODs, or applications distributed across multiple hosts. The following Deployment example creates a new application named f5-hello-world-web, using the f5-hello-world Docker Container, and the f5-hello-world-web label to identify the application.

Note

Labels are simple key value pairs used to group a set of configuration objects.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: f5-hello-world-web
  namespace: default
spec:
  replicas: 2
  selector:
    matchLabels:
      app: f5-hello-world-web
  template:
    metadata:
      labels:
        app: f5-hello-world-web
    spec:
      containers:
      - env:
        - name: service_name
          value: f5-hello-world-web
          image: f5devcentral/f5-hello-world:latest
        imagePullPolicy: Always
        name: f5-hello-world-web
        ports:
        - containerPort: 8080
          protocol: TCP

To create the Deployment, run the following command on the Kubernetes Master Node:

kubectl apply -f f5-hello-world-service.yaml

To verify the application is running on the PODs, run:

kubectl get pods | grep f5-hello

f5-hello-world-web-b48bd87d9-rj9fq            1/1     Running   0          70s
f5-hello-world-web-b48bd87d9-v867b            1/1     Running   0          70s

II. Expose the application

Kubernetes Services expose applications to external clients. This Service example creates a new Kubernetes Service named f5-hello-world-web, and uses labels to identify the application as f5-hello-world-web, the Tenent (BIG-IP partition) as AS3, and the BIG-IP pool as web_pool:

Note

CIS creates BIG-IP pool members using the information in the Kubernetes Service Endpoints field. You can view all of the Service fields by running the kubectl describe services command.

apiVersion: v1
kind: Service
metadata:
  name: f5-hello-world-web
   namespace: default
   labels:
    app: f5-hello-world-web
    cis.f5.com/as3-tenant: AS3
    cis.f5.com/as3-app: A1
    cis.f5.com/as3-pool: web_pool
spec:
  ports:
  - name: f5-hello-world-web
    port: 8080
    protocol: TCP
    targetPort: 8080
  type: NodePort
  selector:
    app: f5-hello-world-web

To create the Kubernetes Service, run the following command on the Kubernetes Master Node:

kubectl apply -f f5-hello-world-web-service.yaml

To verify the Service, run:

kubectl describe services f5-hello-world-web

Name:                     f5-hello-world-web
Namespace:                default
Labels:                   app=f5-hello-world-web
                          cis.f5.com/as3-app=A1
                          cis.f5.com/as3-pool=web_pool
                          cis.f5.com/as3-tenant=AS3
Selector:                 app=f5-hello-world-web
Type:                     NodePort
IP:                       10.105.126.114
Port:                     f5-hello-world-web  8080/TCP
TargetPort:               8080/TCP
NodePort:                 f5-hello-world-web  32225/TCP
Endpoints:                10.244.1.121:8080,10.244.2.38:8080
Session Affinity:         None
External Traffic Policy:  Cluster

III. Configure the BIG-IP system

AS3 ConfigMaps create the BIG-IP system configuration used to load balance across the PODs. This AS3 ConfigMap example creates a ConfigMap named f5-as3-declaration. CIS uses this AS3 ConfigMap to create a virtual server, and use Service Discovery to create a load balancing pool named web_pool of Service endpoints. The new configuration is created in the AS3 Tenant (BIG-IP partition) AS3.

kind: ConfigMap
apiVersion: v1
metadata:
  name: f5-as3-declaration
  namespace: default
  labels:
    f5type: virtual-server
    as3: "true"
data:
  template: |
    {
        "class": "AS3",
        "declaration": {
            "class": "ADC",
            "schemaVersion": "3.10.0",
            "id": "urn:uuid:33045210-3ab8-4636-9b2a-c98d22ab915d",
            "label": "http",
            "remark": "A1 example",
            "AS3": {
                "class": "Tenant",
                "A1": {
                    "class": "Application",
                    "template": "http",
                    "serviceMain": {
                        "class": "Service_HTTP",
                        "virtualAddresses": [
                            "10.192.75.101"
                        ],
                        "pool": "web_pool"
                    },
                    "web_pool": {
                        "class": "Pool",
                        "monitors": [
                            "http"
                        ],
                        "members": [
                            {
                                "servicePort": 8080,
                                "serverAddresses": []
                            }
                        ]
                    }
                }
            }
        }
    }

To deploy the ConfigMap, run the following command on the Kubernetes Master Node:

kubectl create -f f5-hello-world-as3-configmap.yaml

To verify the BIG-IP system has been configured, run:

Note

Modify the admin password, and https://10.10.10.100 for your BIG-IP system.

curl -sk -u admin:admin https://10.10.10.100//mgmt/tm/ltm/virtual/~AS3~A1~serviceMain
curl -sk -u admin:admin https://10.10.10.100/mgmt/tm/ltm/pool/~AS3~A1~web_pool

Deleting CIS ConfigMaps

Because CIS and AS3 use a Declarative API, the BIG-IP system configuration is not removed after you delete a configmap. To remove the BIG-IP system configuration objects created by an AS3 declaration, you must deploy a blank configmap, and restart the controller. Refer to Deleting CIS AS3 configmaps.

You can use this blank ConfigMap to delete the use case ConfigMap and configuration from the BIG-IP system: