0
votes

I'm working on putting an F5 in front of a K8S cluster, and looking for the best way to do it.

in the documentation of F5-BIG-IP-Controller for K8S https://clouddocs.f5.com/products/connectors/k8s-bigip-ctlr/v1.9/ i see :

Forwards traffic from the BIG-IP device to Kubernetes clusters via NodePort or ClusterIP.

i'm not sure that it's a good idea to put all my services as nodePorts to be reachable by the F5, my actual solution is: putting a nginx-ingress with nodeport Service that receives all trafic from the F5 and then manages the cluster internal loadbalancing. 2 levels of loadbalancing at least :D

client --"internet"--> f5 --"private-net"--> k8S-node --"K8S-net"--> nginx-ingress -> Service -> Pod

i can't find anywhere how to use the controller as proxy with clusterIP, i'm trying to find out if the Controller (or any other ressource from F5) can be used as proxy to forward cluster internal.

the idea is to find out the best way to do it.

2

2 Answers

0
votes

If you want to use Nginx Ingress then you have to expose your Nginx Ingress as NodePort and then point F5 to use TCP balancing to all Kubernetes nodes to Node Port of Nginx Ingress.

If you want F5 itself to act as an ingress controller - then refer to this instruction: http://blog.itp-inc.com/how-to-integrate-f5-with-kubernetes-for-application-load-balancing/

0
votes

F5 has a new "Container Ingress Services" for Kubernetes available that may also solve your need if Vasily's answer doesn't cover your scenario.

Introduction to F5 Container Ingress Services