Deploy NetScaler GSLB Controller in OpenShift using NetScaler Operator
NetScaler Operator enables you to deploy NetScaler GSLB Controller in an OpenShift cluster. For information about GSLB, see GSLB overview and deployment topologies.
Deploy NetScaler GSLB Controller
Prerequisites
- Red Hat OpenShift Cluster (version 4.11 or later).
-
Verify if any NetScaler Operator version is already deployed in your cluster. If it is, you must deploy NetScaler Operator 3.0.1 using the OpenShift CLI. Otherwise, continue to Steps to deploy NetScaler GSLB Controller using NetScaler Operator.
Note:
Currently, OpenShift does not permit the deployment of different versions of certified operators within the same cluster using the web console. For detailed information, see this page. Therefore, in cases where NetScaler Operator exists, you must deploy NetScaler Operator 3.0.1 using the OpenShift CLI.
Steps to deploy NetScaler GSLB Controller using NetScaler Operator
Do the following steps:
-
Log in to the OpenShift 4.x Cluster console.
-
Navigate to Operators > OperatorHub, select Certified source in the left panel, and then select NetScaler Operator.
-
Select tech-preview under Channel, select version 3.0.1, and click Install.
-
To subscribe to NetScaler Operator, select one of the following options:
-
All namespaces on the cluster (default): NetScaler Operator is available in all the namespaces on the OpenShift cluster. Hence, this option enables you to start the NetScaler instance from any namespace on the cluster.
-
A specific namespace on the cluster: NetScaler Operator is available in the selected namespace on the OpenShift cluster. Hence, this option enables you to start the NetScaler Operator instance on the selected namespace only.
-
-
Click Install.
Wait until the NetScaler Operator is subscribed successfully.
-
Navigate to Operators > Installed Operators and select NetScaler Operator.
-
Click the NetScaler GSLB Controller tab and click Create NetscalerGslbController.
The NetScaler GSLB Controller instance YAML definition is displayed.
-
Update the values for the required parameters in the displayed NetScaler GSLB Controller instance YAML and click Create. For information on the parameters that you need to configure, see the following table.
apiVersion: netscaler.com/v1 kind: NetscalerGslbController metadata: name: site1-nsgc spec: gslbController: entityPrefix: gslb acceptLicense: 'Yes' logLevel: Debug localRegion: "region1" localCluster: site1-cluster siteData: - siteName: "site1" secretName: gslb-site1-vpx-secret siteIp: "x.x.x.x" # Public SNIP IP for VPX in region 1 siteRegion: "region1" - siteName: "site2" secretName: gslb-site2-vpx-secret siteIp: "x.x.x.x" # Public SNIP IP for VPX in region 2 siteRegion: "region1" netscaler: nsIP: x.x.x.x adcCredentialSecret: nslogin <!--NeedCopy-->
Parameter Description Mandatory/Optional gslbController image The NetScaler GSLB Controller image. Mandatory pullPolicy The NetScaler GSLB Controller image pull policy. Optional imagePullSecrets List of OpenShift secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret, see Pull an Image from a Private Registry. Optional entityPrefix The prefixes for the resources on NetScaler VPX or NetScaler MPX. Mandatory acceptLicense Set yes to accept the GSLB Controller end user license agreement. Mandatory logLevel The log level to control the logs generated by NetScaler GSLB Controller. The supported log levels are: CRITICAL, ERROR, WARNING, INFO, DEBUG, TRACE, and NONE. For more information, see Logging. Optional openshift Set this argument if the OpenShift environment is being used. Mandatory disableAPIServerCertVerify Set this parameter to true for disabling API Server certificate verification. Optional kubernetesURL The kube-apiserver url that NetScaler GSLB Controller uses to register the events. If the value is not specified, NetScaler GSLB Controller uses the internal kube-apiserver IP address. Optional cleanupGSLBSiteConfig Set this parameter to true to clean up the GSLB site configuration. Optional LocalRegion Local region where the GSLB controller is deployed. Mandatory LocalCluster The name of the cluster in which the GSLB controller is deployed. This value is unique for each OpenShift cluster. Mandatory siteData[0].siteName The name of the first GSLB site configured in the GSLB device. Mandatory siteData[0].secretName The name of the secret that contains the login credentials of the first GSLB site. Mandatory siteData[0].siteIp IP address for the first GSLB site. Add the IP address of the NetScaler in site1 as siteData[0].siteIp. Mandatory sitedata[0].siteRegion The region of the first site. Mandatory sitedata[1].siteName The name of the second GSLB site configured in the GSLB device. Mandatory sitedata[1].secretName The secret containing the login credentials of the second site. Mandatory sitedata[1].siteIp IP address for the second GSLB site. Add the IP address of the NetScaler in site2 as siteData[0].siteIp Mandatory sitedata[1].siteRegion The region of the second site. Mandatory netscaler nsIP NetScaler IP address. Mandatory adcCredentialSecret Secret required for the GSLB controller to connect to GSLB devices and push the configuration from the GSLB controller. Optional secretStore.username Secret key reference or configmap key reference for NetScaler username. Optional secretStore.password Secret key reference or configmap key reference for NetScaler password. Optional nsProtocol The protocol used by NetScaler GSLB Controller to communicate with NetScaler. You can also use HTTP on port 80. Optional nsPort The port used by NetScaler GSLB Controller to communicate with NetScaler. You can use port 80 for HTTP. Optional nitroReadTimeout The duration, in seconds, that NetScaler GSLB Controller has to wait to receive a response from NetScaler before terminating the connection. Optional resources Specify the resources for the GSLB Controller pod. You can specify the following settings: cpu,memory.Optional Notes:
- If you want to configure more than two GSLB sites, include the details of all the GSLB sites in the
siteDatalist as required. - You must specify either adcCredentialSecret or the combination of secretStore.username and secretStore.password to provide NetScaler VPX or NetScaler MPX credentials in the GSLB Controller instance YAML.
- If you want to configure more than two GSLB sites, include the details of all the GSLB sites in the
-
Navigate to the Workloads > Pods section and verify whether the NetScaler GSLB Controller pod is up and running.
Skip to References.
Deploy NetScaler Operator 3.0.1 using the OpenShift CLI
This procedure describes how to deploy NetScaler Operator 3.0.1 when you already have a different NetScaler Operator version installed in the cluster.
Note:
Installation of operands using the GUI is not possible.
-
Create a namespace and switch to that namespace.
oc create ns <namespace> oc project <namespace> <!--NeedCopy--> -
Install the following operand CRDs.
oc create -f https://raw.githubusercontent.com/netscaler/netscaler-k8s-ingress-controller/master/deployment/operator/netscaler.com_netscalergslbcontrollers.yaml oc create -f https://raw.githubusercontent.com/netscaler/netscaler-k8s-ingress-controller/master/deployment/operator/netscaler.com_netscalercloudcontrollers.yaml <!--NeedCopy--> -
Update the namespace in
rbac.yamlto the one created in step 1 and then install therbac.yamlfile.oc create -f rbac.yaml <!--NeedCopy--> -
Install the manager.
oc create -f https://raw.githubusercontent.com/netscaler/netscaler-k8s-ingress-controller/master/deployment/operator/operator_manager.yaml <!--NeedCopy-->
Now, NetScaler Operator is ready. Install NetScaler GSLB Controller using the YAML available in step 8 of the Steps to deploy NetScaler GSLB Controller using NetScaler Operator section.
References
- For information about deploying global traffic policy (GTP) and global service entry (GSE), see GTP and GSE deployment.