a0d6a288d2
```
Updated:
argo/argo-cd:
- 5.17.1
asserts/asserts:
- 1.28.0
bitnami/airflow:
- 14.0.7
bitnami/kafka:
- 20.0.3
bitnami/mysql:
- 9.4.6
bitnami/postgresql:
- 12.1.9
bitnami/redis:
- 17.4.2
bitnami/spark:
- 6.3.14
bitnami/tomcat:
- 10.5.7
bitnami/wordpress:
- 15.2.26
bitnami/zookeeper:
- 11.0.3
cert-manager/cert-manager:
- v1.11.0
codefresh/cf-runtime:
- 1.9.6
crowdstrike/falcon-sensor:
- 1.18.2
datadog/datadog:
- 3.7.2
datawiza/access-broker:
- 0.1.3
dynatrace/dynatrace-operator:
- 0.10.2
f5/f5-bigip-ctlr:
- 0.0.23
f5/nginx-ingress:
- 0.16.0
gitlab/gitlab:
- 6.7.3
haproxy/haproxy:
- 1.26.0
jenkins/jenkins:
- 4.2.20
jfrog/artifactory-ha:
- 107.49.5
jfrog/artifactory-jcr:
- 107.49.5
kuma/kuma:
- 2.0.2
mongodb/community-operator:
- 0.7.7
nats/nats:
- 0.19.5
redpanda/redpanda:
- 2.4.4
speedscale/speedscale-operator:
- 1.2.14
yugabyte/yugabyte:
- 2.14.6
yugabyte/yugaware:
- 2.14.6
```
|
||
|---|---|---|
| .. | ||
| crds | ||
| templates | ||
| .helmignore | ||
| Chart.yaml | ||
| README.md | ||
| app-readme.md | ||
| questions.yaml | ||
| values.yaml | ||
README.md
Helm Chart for the F5 Container Ingress Services
This chart simplifies repeatable, versioned deployment of the Container Ingress Services.
Prerequisites
- Refer to CIS Prerequisites to install Container Ingress Services on Kubernetes or Openshift
- Helm 3 should be installed.
Installing CIS Using Helm Charts
This is the simplest way to install the CIS on OpenShift/Kubernetes cluster. Helm is a package manager for Kubernetes. Helm is Kubernetes version of yum or apt. Helm deploys something called charts, which you can think of as a packaged application. It is a collection of all your versioned, pre-configured application resources which can be deployed as one unit. This chart creates a Deployment for one Pod containing the k8s-bigip-ctlr, it's supporting RBAC, Service Account and Custom Resources Definition installations.
Installing the Chart
- Add BIG-IP credentials as K8S secrets.
For Kubernetes, use the following command:
kubectl create secret generic f5-bigip-ctlr-login -n kube-system --from-literal=username=admin --from-literal=password=<password>
For OpenShift, use the following command:
oc create secret generic f5-bigip-ctlr-login -n kube-system --from-literal=username=admin --from-literal=password=<password>
- Add the CIS chart repository in Helm using following command:
helm repo add f5-stable https://f5networks.github.io/charts/stable
-
Create values.yaml as shown in examples:
-
Install the Helm chart using the following command:
helm install -f values.yaml <new-chart-name> f5-stable/f5-bigip-ctlr
- Install the Helm chart with skip crds (without custom resource definitions installations)
helm install --skip-crds -f values.yaml <new-chart-name> f5-stable/f5-bigip-ctlr
Chart parameters:
| Parameter | Required | Description | Default |
|---|---|---|---|
| bigip_login_secret | Required | Secret that contains BIG-IP login credentials | f5-bigip-ctlr-login |
| args.bigip_url | Required | The management IP for your BIG-IP device | Required, no default |
| args.bigip_partition | Required | BIG-IP partition the CIS Controller will manage | f5-bigip-ctlr |
| args.namespaces | Optional | List of Kubernetes namespaces which CIS will monitor | empty |
| rbac.create | Optional | Create ClusterRole and ClusterRoleBinding | true |
| serviceAccount.name | Optional | name of the ServiceAccount for CIS controller | f5-bigip-ctlr-serviceaccount |
| serviceAccount.create | Optional | Create service account for the CIS controller | true |
| namespace | Optional | name of namespace CIS will use to create deployment and other resources | kube-system |
| image.user | Optional | CIS Controller image repository username | f5networks |
| image.repo | Optional | CIS Controller image repository name | k8s-bigip-ctlr |
| image.pullPolicy | Optional | CIS Controller image pull policy | Always |
| image.pullSecrets | Optional | List of secrets of container registry to pull image | empty |
| version | Optional | CIS Controller image tag | latest |
| nodeSelector | Optional | dictionary of Node selector labels | empty |
| tolerations | Optional | Array of labels | empty |
| limits_cpu | Optional | CPU limits for the pod | 100m |
| limits_memory | Optional | Memory limits for the pod | 512Mi |
| requests_cpu | Optional | CPU request for the pod | 100m |
| requests_memory | Optional | Memory request for the pod | 512Mi |
| affinity | Optional | Dictionary of affinity | empty |
| securityContext | Optional | Dictionary of securityContext | empty |
| ingressClass.ingressClassName | Optional | Name of ingress class | f5 |
| ingressClass.isDefaultIngressController | Optional | CIS will monitor all the ingresses resource if set true | false |
| ingressClass.create | Optional | Create ingress class | true |
See the CIS documentation for a full list of args supported for CIS CIS Configuration Options
Note: Helm value names cannot include the character
-which is commonly used in the names of parameters passed to the controller. To accomodate Helm, the parameter names invalues.yamluse_and then replace them with-when rendering. e.g.args.bigip_urlis rendered asbigip-urlas required by the CIS Controller.
If you have a specific use case for F5 products in the Kubernetes environment that would benefit from a curated chart, please open an issue describing your use case and providing example resources.
Uninstalling Helm Chart
Run the following command to uninstall the chart.
helm uninstall <new-chart-name>