Install Container Ingress Service (CIS)

From Genesys Documentation
Jump to: navigation, search
This topic is part of the manual Setting up Genesys Multicloud CX Private Edition for version Current of Genesys Multicloud CX Private Edition.

Learn how to install the F5 Container Ingress Services (CIS) on an OpenShift/Kubernetes cluster, as part of SBC integration with the private edition deployment on OpenShift.

Installing CIS using helm charts

  1. Add BIG-IP credentials as Kubernetes secrets: 
     oc create secret generic bigip-login -n kube-system --from-literal=username=admin --from-literal=password=<password>
  2. Add the CIS chart repository in the helm using the following command: 
    helm repo add f5-stable https://github.com/F5Networks/k8s-bigip-ctlr
  3. Create a values.yaml file as follows: 
    bigip_login_secret: bigip-login
rbac:
  create: true
serviceAccount:
  # Specifies whether a service account should be created
  create: true
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name: k8s-bigip-ctlr
# This namespace is where the Controller lives;
namespace: netops
args:
  # See https://clouddocs.f5.com/containers/latest/userguide/config-parameters.html
  # NOTE: helm has difficulty with values using `-`; `_` are used for naming
  # and are replaced with `-` during rendering.
  # REQUIRED Params
  bigip_url: https://10.10.2.69
  bigip_partition: cisPartition
  openshift-sdn-name: /Common/openshift_vxlan
  # namespaces: In the Genesys testing environment, the sip components were
  # deployed in the voice namespace and the media-servers in the gvp\
  # namespaces. This needs to be specified as needed
  namespaces: ["webrtc", "gvp", "voice"]
  pool_member_type: cluster
  insecure: true
  agent: as3
  as3-validation: false
  log-as3-response: true
image:
  # Use the tag to target a specific version of the Controller
  user: f5networks
  repo: k8s-bigip-ctlr
  pullPolicy: Always
resources: {}
version: latest
  4. Install the helm chart using the following command: 
    helm install -f values.yaml <new-chart> f5-stable/f5-bigip-ctlr

The CIS controller monitors all the pods in the namespaces. It configures the F5 using a REST API call to the management interface of the F5. You can view the FDB entries on the F5: 

admin@(big-ip-01)(/Common)(tmos)# show net fdb tunnel openshift_vxlan

-------------------------------------------------------------------

Net::FDB

Tunnel           Mac Address        Member                  Dynamic

-------------------------------------------------------------------

openshift_vxlan  0a:0a:0a:b6:00:07  endpoint:10.10.0.7%0   no

openshift_vxlan  0a:0a:0a:b6:00:08  endpoint:10.10.0.8%0   no

openshift_vxlan  0a:0a:0a:b6:00:09  endpoint:10.10.0.9%0   no

openshift_vxlan  0a:0a:0a:b6:01:0b  endpoint:10.10.1.11%0  no

openshift_vxlan  0a:0a:0a:b6:01:0d  endpoint:10.10.1.13%0  no

openshift_vxlan  0a:0a:0a:b6:01:05  endpoint:10.10.1.5%0   no

openshift_vxlan  0a:0a:0a:b6:01:06  endpoint:10.10.1.6%0   no

openshift_vxlan  0a:0a:0a:b6:01:07  endpoint:10.10.1.7%0   no

openshift_vxlan  0a:0a:0a:b6:01:08  endpoint:10.10.1.8%0   no

openshift_vxlan  0a:0a:0a:b6:01:09  endpoint:10.10.1.9%0   no
Retrieved from "https://all.docs.genesys.com/PrivateEdition/Current/PEGuide/CISInstallation (2024-04-20 09:13:05)"
Comments or questions about this documentation? Contact us for support!