Install Container Ingress Service (CIS)
From Genesys Documentation
This topic is part of the manual Setting up Genesys Multicloud CX Private Edition for version Current of Genesys Multicloud CX Private Edition.
Contents
Learn how to install the F5 Container Ingress Services (CIS) on an OpenShift/Kubernetes cluster, as part of SBC integration with the private edition deployment on OpenShift.
Related documentation:
RSS:
Installing CIS using helm charts
- Add BIG-IP credentials as Kubernetes secrets:
oc create secret generic bigip-login -n kube-system --from-literal=username=admin --from-literal=password=<password>
- Add the CIS chart repository in the helm using the following command:
helm repo add f5-stable https://github.com/F5Networks/k8s-bigip-ctlr
- Create a values.yaml file as follows:
bigip_login_secret: bigip-login rbac: create: true serviceAccount: # Specifies whether a service account should be created create: true # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: k8s-bigip-ctlr # This namespace is where the Controller lives; namespace: netops args: # See https://clouddocs.f5.com/containers/latest/userguide/config-parameters.html # NOTE: helm has difficulty with values using `-`; `_` are used for naming # and are replaced with `-` during rendering. # REQUIRED Params bigip_url: https://10.10.2.69 bigip_partition: cisPartition openshift-sdn-name: /Common/openshift_vxlan # namespaces: In the Genesys testing environment, the sip components were # deployed in the voice namespace and the media-servers in the gvp\ # namespaces. This needs to be specified as needed namespaces: ["webrtc", "gvp", "voice"] pool_member_type: cluster insecure: true agent: as3 as3-validation: false log-as3-response: true image: # Use the tag to target a specific version of the Controller user: f5networks repo: k8s-bigip-ctlr pullPolicy: Always resources: {} version: latest
- Install the helm chart using the following command:
helm install -f values.yaml <new-chart> f5-stable/f5-bigip-ctlr
The CIS controller monitors all the pods in the namespaces. It configures the F5 using a REST API call to the management interface of the F5. You can view the FDB entries on the F5:
admin@(big-ip-01)(/Common)(tmos)# show net fdb tunnel openshift_vxlan ------------------------------------------------------------------- Net::FDB Tunnel Mac Address Member Dynamic ------------------------------------------------------------------- openshift_vxlan 0a:0a:0a:b6:00:07 endpoint:10.10.0.7%0 no openshift_vxlan 0a:0a:0a:b6:00:08 endpoint:10.10.0.8%0 no openshift_vxlan 0a:0a:0a:b6:00:09 endpoint:10.10.0.9%0 no openshift_vxlan 0a:0a:0a:b6:01:0b endpoint:10.10.1.11%0 no openshift_vxlan 0a:0a:0a:b6:01:0d endpoint:10.10.1.13%0 no openshift_vxlan 0a:0a:0a:b6:01:05 endpoint:10.10.1.5%0 no openshift_vxlan 0a:0a:0a:b6:01:06 endpoint:10.10.1.6%0 no openshift_vxlan 0a:0a:0a:b6:01:07 endpoint:10.10.1.7%0 no openshift_vxlan 0a:0a:0a:b6:01:08 endpoint:10.10.1.8%0 no openshift_vxlan 0a:0a:0a:b6:01:09 endpoint:10.10.1.9%0 no
Comments or questions about this documentation? Contact us for support!