AVI
Kubernetes Integration
Source: avinetworks.com
Create a Service Account
kubectl create serviceaccount avi -n default
Create a Cluster Role for deploying Avi Service Engines as a pod:
nano clusterrole.json
{
"apiVersion": "rbac.authorization.k8s.io/v1beta1",
"kind": "ClusterRole",
"metadata": {
"name": "avirole"
},
"rules": [
{
"apiGroups": [
""
],
"resources": [
"*"
],
"verbs": [
"get",
"list",
"watch"
]
},
{
"apiGroups": [
""
],
"resources": [
"pods",
"replicationcontrollers"
],
"verbs": [
"get",
"list",
"watch",
"create",
"delete",
"update"
]
},
{
"apiGroups": [
""
],
"resources": [
"secrets"
],
"verbs": [
"get",
"list",
"watch",
"create",
"delete",
"update"
]
},
{
"apiGroups": [
"extensions"
],
"resources": [
"daemonsets",
"ingresses"
],
"verbs": [
"create",
"delete",
"get",
"list",
"update",
"watch"
]
}
]
}
kubectl create -f clusterrole.json
Create Cluster Role Binding nano clusterbinding.json
{
"apiVersion": "rbac.authorization.k8s.io/v1beta1",
"kind": "ClusterRoleBinding",
"metadata": {
"name": "avirolebinding",
"namespace": "default"
},
"roleRef": {
"apiGroup": "rbac.authorization.k8s.io",
"kind": "ClusterRole",
"name": "avirole"
},
"subjects": [
{
"kind": "ServiceAccount",
"name": "avi",
"namespace": "default"
}
]
}
kubectl create -f clusterbinding.json
Extract the Token for Use in Avi Cloud Configuration
kubectl describe serviceaccount avi -n default kubectl describe secret avi-token-esdf0 -n default
On AVI Controller
Enter the Master IP address & Token in AVI Portal:
https://10.1.10.160:6443
Create
NorthSouth-IPAM NorthSouth_DNS
EastWest-IPAM EastWest-DNS
Goto Tenant Default, Check VS status
Either Disable Kube-Proxy(which is default LB in Kubernetes) or Give it a different IP than East_West Subnet.
OpenShift
Using Ansible
mkdir ~/virtualenv mkdir avisdk mkdir bin
cd ~/virtualenv/ cd avisdk/
pip install setuptools
export LC_ALL=C virtualenv ~/virtualenv/avisdk/ pip install avisdk
cd bin . activate
pip install avisdk==17.2.7b2 pip install avisdk pip freeze
cd ~/virtualenv/avisdk/ cd bin source activate pip install ansible cp /tmp/for_ansible_training.yml ~ nano ~/for_ansible_training.yml ansible-playbook ~/for_ansible_training.yml ansible-playbook ~/for_ansible_training.yml -vvvvv
ansible-galaxy -f install avinetworks.avisdk la ~/.ansible/roles/avinetworks.avisdk/library/
ansible-playbook ~/for_ansible_training.yml
Ansible Playbook to Deploy VS
nano avi-deploy.yml
- hosts: localhost
connection: local
roles:
- role: avinetworks.avisdk
tasks:
- name: Create a Pool
avi_pool:
controller: 10.10.26.40
username: admin
password: Admin@123
name: test_aman
description: test
state: present
health_monitor_refs:
- '/api/healthmonitor?name=System-HTTP'
servers:
- ip:
addr: 10.91.1.53
type: V4
- name: Create a VS
avi_virtualservice:
controller: 10.10.26.40
username: admin
password: Admin@123
name: testvs_aman
description: testvs
state: present
api_version: 17.2.7
pool_ref: "/api/pool?name=test_aman"
vip:
- ip_address:
addr: '10.91.0.6'
type: 'V4'
services:
- port: 80
Available Roles:
ls /etc/ansible/roles/avinetworks.avisdk/library/
Deployment:
ansible-playbook -v avi-deploy.yml --step
Using AVI SDK
nano pool_vs.py
import argparse
from avi.sdk.avi_api import ApiSession
from requests import urllib3
urllib3.disable_warnings()
parser = argparse.ArgumentParser(description="AVISDK based Script to attach a Datascript to all the VS(s)")
parser.add_argument("-u", "--username", required=True, help="Login username")
parser.add_argument("-p", "--password", required=True, help="Login password")
parser.add_argument("-c", "--controller", required=True, help="Controller IP address")
parser.add_argument("-t", "--tenant", required=True, help="Tenant Name")
parser.add_argument("-vs", "--virtualservice", required=True, help="Controller IP address")
parser.add_argument("-v", "--vip", required=True, help="Controller IP address")
parser.add_argument("-po", "--pool", required=True, help="Controller IP address")
args = parser.parse_args()
user = args.username
password = args.password
controller = args.controller
tenant = args.tenant
pool = args.pool
vs = args.virtualservice
vip = args.vip
#Get Api Session
api = ApiSession.get_session(controller,user,password,tenant=tenant, api_version="17.2.7")
pool_Already = False
resp = api.get_object_by_name('pool', pool)
if resp == None:
#Create Pool_obj to pass in POST request
pool_obj = {'name': pool, 'servers': [ { 'ip' : { 'addr': '10.91.1.53', 'type': 'V4' }}]}
#Post Pool_OBJ
resp = api.post('pool', data=pool_obj)
print resp.json()
#Getting the Refernce for the Pool
pool_obj = api.get_object_by_name('pool', pool)
pool_ref = api.get_obj_ref(pool_obj)
#Creating SERVICE_OBJ
services_obj = [{'port': 80, 'enable_ssl': False}]
#Creating VS OBJ
vs_obj = {'name': vs, 'vip' : [ {'ip_address': {'addr': vip, 'type': 'V4'}}], 'services': services_obj, 'pool_ref': pool_ref}
#Posting VS OBJ
resp = api.post('virtualservice', data=vs_obj)
print resp.json()
python pool_vs.py -u admin -p Admin@123 -c 10.10.26.40 -t admin -vs test_aman -v 10.91.0.6 -po test_pool_aman
- References
{{#widget:DISQUS
|id=networkm
|uniqid=AVI
|url=https://aman.awiki.org/wiki/AVI
}}