Lab 3.2 - F5 Container Connector Usage¶

Now that our container connector is up and running, let’s deploy an application and leverage our F5 CC.

For this lab we’ll use a simple pre-configured docker image called “f5-hello-world”. It can be found on docker hub at f5devcentral/f5-hello-world

To deploy our application, we will need to do the following:

Define a Deployment: this will launch our application running in a container.
Define a ConfigMap: this can be used to store fine-grained information like individual properties or coarse-grained information like entire config files or JSON blobs. It will contain the BIG-IP configuration we need to push.
Define a Service: this is an abstraction which defines a logical set of pods and a policy by which to access them. Expose the service on a port on each node of the cluster (the same port on each node). You’ll be able to contact the service on any <NodeIP>:NodePort address. If you set the type field to “NodePort”, the Kubernetes master will allocate a port from a flag-configured range (default: 30000-32767), and each Node will proxy that port (the same port number on every Node) into your Service.

App Deployment¶

On kube-master1 we will create all the required files:

Create a file called f5-hello-world-deployment.yaml

Tip

Use the file in /home/ubuntu/agilitydocs/kubernetes

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: f5-hello-world 
spec:
  replicas: 2
  template:
    metadata:
      labels:
        run: f5-hello-world
    spec:
      containers:
      - name: f5-hello-world
        image: "f5devcentral/f5-hello-world:latest"
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 8080
          protocol: TCP

Create a file called f5-hello-world-configmap.yaml

Tip

Use the file in /home/ubuntu/agilitydocs/kubernetes

Attention

The schema version below (for example 1.7) comes from the releases of big-ip-controller. For more information, head over to the following link for a quick review: https://clouddocs.f5.com/containers/v2/releases_and_versioning.html#schema-table

apiVersion: v1
kind: ConfigMap
metadata:
  name: f5-hello-world
  namespace: default
  labels:
    f5type: virtual-server
data:
  schema: "f5schemadb://bigip-virtual-server_v0.1.7.json"
  data: |
    {
      "virtualServer": {
        "frontend": {
          "balance": "round-robin",
          "mode": "http",
          "partition": "kubernetes",
          "virtualAddress": {
            "bindAddr": "10.1.10.81",
            "port": 80
          }
        },
        "backend": {
          "serviceName": "f5-hello-world",
          "servicePort": 8080,
          "healthMonitors": [{
            "interval": 5,
            "protocol": "http",
            "send": "HEAD / HTTP/1.0\r\n\r\n",
            "timeout": 16
          }]
        }
      }
    }

Create a file called f5-hello-world-service.yaml

Tip

Use the file in /home/ubuntu/agilitydocs/kubernetes

apiVersion: v1
kind: Service
metadata:
  name: f5-hello-world
  labels:
    run: f5-hello-world
spec:
  ports:
  - port: 8080
    protocol: TCP
    targetPort: 8080
  type: NodePort
  selector:
    run: f5-hello-world

We can now launch our application:

kubectl create -f f5-hello-world-deployment.yaml
kubectl create -f f5-hello-world-configmap.yaml
kubectl create -f f5-hello-world-service.yaml

../../_images/f5-container-connector-launch-app.png

To check the status of our deployment, you can run the following commands:

kubectl get pods -o wide

# This can take a few seconds to a minute to create these hello-world containers to running state.

kubectl describe svc f5-hello-world

../../_images/f5-container-connector-check-app-definition.png

To test the app you need to pay attention to:

The NodePort value, that’s the port used by Kubernetes to give you access to the app from the outside. Here it’s “30507”, highlighted above.

The Endpoints, that’s our 2 instances (defined as replicas in our deployment file) and the port assigned to the service: port 8080.

Now that we have deployed our application sucessfully, we can check our BIG-IP configuration. From the browser open https://10.1.1.245

Warning

Don’t forget to select the “kubernetes” partition or you’ll see nothing.

Here you can see a new Virtual Server, “default_f5-hello-world” was created, listening on 10.1.10.81.

Check the Pools to see a new pool and the associated pool members: Local Traffic –> Pools –> “cfgmap_default_f5-hello-world_f5-hello-world” –> Members

Note

You can see that the pool members listed are all the kubernetes nodes. (NodePort mode)
Now you can try to access your application via your BIG-IP VIP: 10.1.10.81
Hit Refresh many times and go back to your BIG-IP UI, go to Local Traffic –> Pools –> Pool list –> cfgmap_default_f5-hello-world_f5-hello-world –> Statistics to see that traffic is distributed as expected.
How is traffic forwarded in Kubernetes from the <node IP>:30507 to the <container IP>:8080? This is done via iptables that is managed via the kube-proxy instances. On either of the nodes, SSH in and run the following command:
```
sudo iptables-save | grep f5-hello-world
```
This will list the different iptables rules that were created regarding our service.

Scale the f5-hello-world app

kubectl scale --replicas=10 deployment/f5-hello-world -n default

Check that the pods were created
```
kubectl get pods
```
Check the pool was updated on big-ip

Attention

Why are there only 2 pool members?

Previous Next