This page describes how to set up the F5 BIG-IP load balancer for your initial installation of GKE on-prem.
GKE on-prem is designed to be integrated with the F5 BIG-IP load balancer. For example, if you create a Service of type LoadBalancer, GKE on-prem can automatically configure the appropriate virtual IP address (VIP) on the F5 BIG-IP load balancer.
Versioning for the F5 BIG-IP load balancer
GKE on-prem automatically installs F5 Container Ingress Services (CIS). Each version of GKE on-prem relies on a different version of CIS:
- GKE on-prem version 1.0: F5 BIG-IP CIS version 1.9
- GKE on-prem version 1.1: F5 BIG-IP CIS version 1.9.2
- GKE on-prem version 1.2: F5 BIG-IP CIS version 1.11.1
Ensure that the F5 BIG-IP load balancer version supports the F5 BIG-IP CIS version that comes with GKE on-prem by consulting the F5 BIG-IP Controller/Load Balancer Platform compatibility matrix.
Access requirements
To use the F5 BIG-IP load balancer, you need to have a user role that has sufficient permissions to set up and manage the load balancer. Either the Administrator role or the Resource Administrator role is sufficient.
Licensing for the F5 BIG-IP load balancer
The capabilities of your F5 BIG-IP load balancer depend on the type of licence you have.
Setting aside virtual IP addresses
You need to set aside several virtual IP (VIP) addresses that you intend to use for load balancing. Later, you specify these addresses in your cluster configuration file, and GKE on-prem automatically configures the F5 BIG-IP load balancer to use the addresses.
For your admin cluster, set aside a VIP address for each of the following:
- Kubernetes API server
- Ingress service
- Add-on service
For your user cluster, set aside a VIP address for each of the following:
- Kubernetes API server
- Ingress service