Professional Documents
Culture Documents
MY k8s Day2 Chapter 5 Bigip Dns Lab
MY k8s Day2 Chapter 5 Bigip Dns Lab
10.1.1.8 10.1.1.4
10.1.20.6
K8s Worker1
10.1.1.6
10.1.20.7
K8s Worker2
10.1.1.7
2 | ©2022 F5 CONFIDENTIAL
Access Preparation
At minimum, open the following access:
3 | ©2022 F5 CONFIDENTIAL
How to Connect to the Lab – F5 GUI
Username: admin
Password: admin
For GUI access
4 | ©2022 F5 CONFIDENTIAL
Copy+Paste From PPTX to Web Browser
The commands for the lab is provided in this PPTX. One example:
su - ubuntu
5 | ©2022 F5 CONFIDENTIAL
Copy+Paste From PPTX to Web Browser
The commands for the lab is provided in this PPTX. One example:
su - ubuntu
Select and Copy the above command line and Paste the command to the web shell.
You may also type the command directly to the web shell.
6 | ©2022 F5 CONFIDENTIAL
Ensure You Use "ubuntu" Account
Run the following command to login to "ubuntu" account from the web shell.
su - ubuntu
Note: It is a security practice to use normal privilege user account. Only use the privilege elevated user account
when it is really needed.
7 | ©2022 F5 CONFIDENTIAL
F5 BIG-IP Requirements
Ensure that DNS/GTM is provisioned.
8 | ©2022 F5 CONFIDENTIAL
Download YAML Files to Local
Use "git clone" to download the YAML files to local storage inside the client VM and copy all cloned YAML files to
the home directory.
cd F5ASEAN-K8sBootcamp/Lab5/
9 | ©2022 F5 CONFIDENTIAL
Lab 5 – ExternalDNS
CONFIDENTIAL
Lab 5 – ExternalDNS
Lab Tasks
11 | ©2022 F5
Task 5.1)
Create a Data Center in F5 GTM
CONFIDENTIAL
Task 5.1) Create a Data Center in F5 GTM
Bring up the F5 GUI and follow the steps below:
13 | ©2022 F5 CONFIDENTIAL
Task 5.1) Create a Data Center in F5 GTM
14 | ©2022 F5 CONFIDENTIAL
Task 5.1) Create a Data Center in F5 GTM
15 | ©2022 F5 CONFIDENTIAL
Task 5.1) Create a Data Center in F5 GTM
If not yet, create a server under the create data center that points back to GTM (since this is LTM+GTM).
16 | ©2022 F5 CONFIDENTIAL
Task 5.1) Create a Data Center in F5 GTM
17 | ©2022 F5 CONFIDENTIAL
Task 5.1) Create a Data Center in F5 GTM
Enter the Internal self-IP in the Address field.
1
2
18 | ©2022 F5 CONFIDENTIAL
Task 5.1) Create a Data Center in F5 GTM
2 1
19 | ©2022 F5 CONFIDENTIAL
Task 5.1) Create a Data Center in F5 GTM
20 | ©2022 F5 CONFIDENTIAL
Task 5.1) Create a Data Center in F5 GTM
21 | ©2022 F5 CONFIDENTIAL
Task 5.1) Create a Data Center in F5 GTM
Refresh the page several times until it shows green status.
22 | ©2022 F5 CONFIDENTIAL
Task 5.2)
Update F5 CIS Parameters
CONFIDENTIAL
Task 5.2) Update F5 CIS Parameters
Edit the f5-cis-deployment.yaml file using your favorite editor. Add the below 3 lines into the arguments list of the
CIS software:
"--gtm-bigip-username=$(BIGIP_USERNAME)",
"--gtm-bigip-password=$(BIGIP_PASSWORD)",
"--gtm-bigip-url=10.1.1.4",
24 | ©2022 F5 CONFIDENTIAL
Task 5.2) Update F5 CIS Parameters
Apply the change to the F5 CIS deployment.
25 | ©2022 F5 CONFIDENTIAL
Task 5.2) Update F5 CIS Parameters
Verify the 3 lines added to the arguments.
26 | ©2022 F5 CONFIDENTIAL
Task 5.3)
Create ExternalDNS CRD
CONFIDENTIAL
Task 5.3) Create ExternalDNS CRD
Examine the GTM configuration section that there is no WideIP and GTM pool configured.
28 | ©2022 F5 CONFIDENTIAL
Task 5.3) Create ExternalDNS CRD
Examine the echo-api-edns.yaml file with your favorite.
29 | ©2022 F5 CONFIDENTIAL
Task 5.3) Create ExternalDNS CRD
Create the ExternalDNS CRD.
30 | ©2022 F5 CONFIDENTIAL
Task 5.3) Create ExternalDNS CRD
The objects are automatically created by ExternalDNS.
31 | ©2022 F5 CONFIDENTIAL
Task 5.3) Create ExternalDNS CRD
32 | ©2022 F5 CONFIDENTIAL
Task 5.3) Create ExternalDNS CRD
33 | ©2022 F5 CONFIDENTIAL
Task 5.4)
Create a DNS Listener in F5 GTM
CONFIDENTIAL
Task 5.4) Create a DNS Listener in F5 GTM
35 | ©2022 F5 CONFIDENTIAL
Task 5.4) Create a DNS Listener in F5 GTM
1
4
6
5
36 | ©2022 F5 CONFIDENTIAL
Task 5.4) Create a DNS Listener in F5 GTM
37 | ©2022 F5 CONFIDENTIAL
Task 5.4) Create a DNS Listener in F5 GTM
1
38 | ©2022 F5 CONFIDENTIAL
Task 5.5)
Send Test Traffic
CONFIDENTIAL
Task 5.5) Send Test Traffic and Inspect It
40 | ©2022 F5 CONFIDENTIAL
Summary
CONFIDENTIAL
What We Have Learned in This Chapter
• Understand the need of DNS management in K8s.
• Automate the GSLB configuration in F5 from K8s using F5 CIS ExternalDNS module.
42 | ©2022 F5 CONFIDENTIAL