Load balancing

This page describes how to set up the F5 BIG-IP load balancer for your initial installation of GKE on-prem.

GKE on-prem is designed to be integrated with the F5 BIG-IP load balancer. For example, if you create a Service of type LoadBalancer, GKE on-prem can automatically configure the appropriate virtual IP address (VIP) on the F5 BIG-IP load balancer.

Versioning for the F5 BIG-IP load balancer

GKE on-prem automatically installs F5 Container Ingress Services (CIS). Each version of GKE on-prem relies on a different version of CIS:

-  GKE on-prem version 1.0: F5 BIG-IP CIS version 1.9
-  GKE on-prem version 1.1: F5 BIG-IP CIS version 1.9.2
-  GKE on-prem version 1.2: F5 BIG-IP CIS version 1.11.1

Ensure that the F5 BIG-IP load balancer version supports the F5 BIG-IP CIS version that comes with GKE on-prem by consulting the F5 BIG-IP Controller/Load Balancer Platform compatibility matrix.

Access requirements

To use the F5 BIG-IP load balancer, you need to have a user role that has sufficient permissions to set up and manage the load balancer. Either the Administrator role or the Resource Administrator role is sufficient. For more information, see F5 BIG-IP account permissions.

Licensing for the F5 BIG-IP load balancer

The capabilities of your F5 BIG-IP load balancer depend on the type of licence you have. For detailed information, see this comparison of the licence types.

Setting up the F5 BIG-IP load balancer

For details about setting up the F5 BIG-IP load balancer, see Installing F5 BIG-IP ADC for GKE on-prem.

Setting aside virtual IP addresses

You need to set aside several virtual IP (VIP) addresses that you intend to use for load balancing. Later, you specify these addresses in your cluster configuration file, and GKE on-prem automatically configures the F5 BIG-IP load balancer to use the addresses.

For your admin cluster, set aside a VIP address for each of the following:

  • Kubernetes API server
  • Ingress service
  • Add-on service

For your user cluster, set aside a VIP address for each of the following:

  • Kubernetes API server
  • Ingress service