rancher-partner-charts/charts/f5/f5-bigip-ctlr
Adam Pickering a6875456ee
Charts CI (#993)
2024-03-26 09:04:31 -06:00
..
crds Charts CI (#993) 2024-03-26 09:04:31 -06:00
templates Charts CI 2023-03-02 16:00:02 +00:00
.helmignore Charts CI 2023-01-12 14:32:12 -07:00
Chart.yaml Charts CI (#993) 2024-03-26 09:04:31 -06:00
README.md Charts CI 2023-03-02 16:00:02 +00:00
app-readme.md Removing unpacked chart versions. Changing configuration to just store latest release to reduce quantity of tracked files over time 2022-12-01 23:19:00 -05:00
questions.yaml Removing unpacked chart versions. Changing configuration to just store latest release to reduce quantity of tracked files over time 2022-12-01 23:19:00 -05:00
values.yaml Charts CI 2023-03-02 16:00:02 +00:00

README.md

Helm Chart for the F5 Container Ingress Services

This chart simplifies repeatable, versioned deployment of the Container Ingress Services.

Prerequisites

  • Refer to CIS Prerequisites to install Container Ingress Services on Kubernetes or Openshift
  • Helm 3 should be installed.

Installing CIS Using Helm Charts

This is the simplest way to install the CIS on OpenShift/Kubernetes cluster. Helm is a package manager for Kubernetes. Helm is Kubernetes version of yum or apt. Helm deploys something called charts, which you can think of as a packaged application. It is a collection of all your versioned, pre-configured application resources which can be deployed as one unit. This chart creates a Deployment for one Pod containing the k8s-bigip-ctlr, it's supporting RBAC, Service Account and Custom Resources Definition installations.

Installing the Chart

  • (Optional) Add BIG-IP credentials as K8S secrets.

For Kubernetes, use the following command:

kubectl create secret generic f5-bigip-ctlr-login -n kube-system --from-literal=username=admin --from-literal=password=<password>

For OpenShift, use the following command:

oc create secret generic f5-bigip-ctlr-login -n kube-system --from-literal=username=admin --from-literal=password=<password>

  • Add the CIS chart repository in Helm using following command:

helm repo add f5-stable https://f5networks.github.io/charts/stable

  • Create values.yaml as shown in examples:

  • Install the Helm chart if BIGIP credential secrets created manually using the following command:

helm install -f values.yaml <new-chart-name> f5-stable/f5-bigip-ctlr

  • Install the Helm chart with skip crds if BIGIP credential secrets created manually (without custom resource definitions installations)

helm install --skip-crds -f values.yaml <new-chart-name> f5-stable/f5-bigip-ctlr

  • If you want to create the BIGIP credential secret with helm charts use the following command:

helm install --set bigip_secret.create="true" --set bigip_secret.username=$BIGIP_USERNAME --set bigip_secret.password=$BIGIP_PASSWORD -f values.yaml <new-chart-name> f5-stable/f5-bigip-ctlr

Chart parameters:

Parameter Required Description Default
bigip_login_secret Optional Secret that contains BIG-IP login credentials f5-bigip-ctlr-login
args.bigip_url Required The management IP for your BIG-IP device Required, no default
args.bigip_partition Required BIG-IP partition the CIS Controller will manage f5-bigip-ctlr
args.namespaces Optional List of Kubernetes namespaces which CIS will monitor empty
bigip_secret.create Optional Create kubernetes secret using username and password false
bigip_secret.username Optional bigip username to create the kubernetes secret empty
bigip_secret.password Optional bigip password to create the kubernetes secret empty
rbac.create Optional Create ClusterRole and ClusterRoleBinding true
serviceAccount.name Optional name of the ServiceAccount for CIS controller f5-bigip-ctlr-serviceaccount
serviceAccount.create Optional Create service account for the CIS controller true
namespace Optional name of namespace CIS will use to create deployment and other resources kube-system
image.user Optional CIS Controller image repository username f5networks
image.repo Optional CIS Controller image repository name k8s-bigip-ctlr
image.pullPolicy Optional CIS Controller image pull policy Always
image.pullSecrets Optional List of secrets of container registry to pull image empty
version Optional CIS Controller image tag latest
nodeSelector Optional dictionary of Node selector labels empty
tolerations Optional Array of labels empty
limits_cpu Optional CPU limits for the pod 100m
limits_memory Optional Memory limits for the pod 512Mi
requests_cpu Optional CPU request for the pod 100m
requests_memory Optional Memory request for the pod 512Mi
affinity Optional Dictionary of affinity empty
securityContext Optional Dictionary of deployment securityContext empty
podSecurityContext Optional Dictionary of pod securityContext empty
ingressClass.ingressClassName Optional Name of ingress class f5
ingressClass.isDefaultIngressController Optional CIS will monitor all the ingresses resource if set true false
ingressClass.create Optional Create ingress class true

Note: bigip_login_secret and bigip_secret are mutually exclusive, if both are defined in values.yaml file bigip_secret will be given priority.

See the CIS documentation for a full list of args supported for CIS CIS Configuration Options

Note: Helm value names cannot include the character - which is commonly used in the names of parameters passed to the controller. To accomodate Helm, the parameter names in values.yaml use _ and then replace them with - when rendering. e.g. args.bigip_url is rendered as bigip-url as required by the CIS Controller.

If you have a specific use case for F5 products in the Kubernetes environment that would benefit from a curated chart, please open an issue describing your use case and providing example resources.

Uninstalling Helm Chart

Run the following command to uninstall the chart.

helm uninstall <new-chart-name>