I'm working on putting an F5 in front of a K8S cluster, and looking for the best way to do it.
in the documentation of F5-BIG-IP-Controller for K8S https://clouddocs.f5.com/products/connectors/k8s-bigip-ctlr/v1.9/ i see :
Forwards traffic from the BIG-IP device to Kubernetes clusters via NodePort or ClusterIP.
i'm not sure that it's a good idea to put all my services as nodePorts to be reachable by the F5, my actual solution is: putting a nginx-ingress with nodeport Service that receives all trafic from the F5 and then manages the cluster internal loadbalancing. 2 levels of loadbalancing at least :D
client --"internet"--> f5 --"private-net"--> k8S-node --"K8S-net"--> nginx-ingress -> Service -> Pod
i can't find anywhere how to use the controller as proxy with clusterIP, i'm trying to find out if the Controller (or any other ressource from F5) can be used as proxy to forward cluster internal.
the idea is to find out the best way to do it.