f5xcs-multi-region-appstack-gcp

This is a non-official F5 repository. This repo is not supported by F5 or DevCentral!

This repo will provide a solution for deploying F5 XCS Multi-Region Multi-Zone AppStack in GCP.

Distributed Cloud GCP Multi-Region Multi-Zone AppStack

The goal of this solution is to provide the infrastructure for a working demo to deploy F5 Distributed Cloud AppStack and Virtual Kubernetes (vk8s) on GCP in multiple regions with multiple zones.

• F5 Distributed Cloud GCP AppStack Multi-Region and Multi-Zone Deployment
  • To do
  • High Level Topology
  • Requirements
  • Modules
  • Deployment
  • Troubleshooting
  • Support
  • Community Code of Conduct
  • License
  • Copyright
  • F5 Networks Contributor License Agreement

To do

• Optional step (if you plan to run Managed or Physical k8s):
  • Add cluster role with proper policy rules.
    • URL List
      • URLs:*
      • Allowed Verbs:*
    • Resource List
      • API Groups:*
      • Resource Types:*
      • Allowed Verbs:*
    • Resource List
      • API Groups:rbac.authorization.k8s.io
      • Resource Types:rolebindings, clusterroles, clusterrolebindings
      • Resource Instances:admin, edit, view
      • Allowed Verbs:create, bind, escalate
  • Add Cluster Role Bidning for user. Select ves-io-admin-cluster-role.
    • Subject - email of user account
• Infrastructure buildout in GCP
  • Run example_prep.sh
  • Export variables:
    • export VOLT_API_P12_FILE=/creds/.api-creds.p12
    • export VES_P12_PASSWORD=12345678
    • export GCP_PROJECT=project_name
    • export GCP_ROLE_ID=xcs_gcp_vpc_role
    • export GCP_ACCOUNT_ID=xcs-gcp-vpc-spn
  • Validate GCP Role ID and Account ID were created in proper project
  • Create a tfvars file or override.tf
  • Manully or Auto Deploy (see Deployment options below):

Topology

• High Level Topology

Requirements

Modules

Inputs

{
  "application": "f5app",
  "costcenter": "f5costcenter",
  "creator": "Terraform",
  "delete": "True",
  "environment": "gcp",
  "group": "f5group",
  "owner": "f5owner",
  "purpose": "public"
}

Deployment

For manual deployment you can do the traditional terraform commands.

terraform init
terraform plan
terraform apply --auto-approve

For auto deployment you can do with the deploy.sh and destroy.sh scripts.

./deploy
./destroy

Troubleshooting

Please refer to the following:

• F5 Distributed Cloud
  • F5 Distributed Cloud
• Terraform
  • F5 Distributed Cloud Terraform Registry.

Support

For support, please open a GitHub issue. Note, the code in this repository is community supported and is not supported by F5 Networks. For a complete list of supported projects please reference SUPPORT.md.

Community Code of Conduct

Please refer to the F5 DevCentral Community Code of Conduct.

License

Apache License 2.0

Copyright

Copyright 2014-2022 F5 Networks Inc.

F5 Networks Contributor License Agreement

Before you start contributing to any project sponsored by F5 Networks, Inc. (F5) on GitHub, you will need to sign a Contributor License Agreement (CLA).

If you are signing as an individual, we recommend that you talk to your employer (if applicable) before signing the CLA since some employment agreements may have restrictions on your contributions to other projects. Otherwise by submitting a CLA you represent that you are legally entitled to grant the licenses recited therein.

If your employer has rights to intellectual property that you create, such as your contributions, you represent that you have received permission to make contributions on behalf of that employer, that your employer has waived such rights for your contributions, or that your employer has executed a separate CLA with F5.

If you are signing on behalf of a company, you represent that you are legally entitled to grant the license recited therein. You represent further that each employee of the entity that submits contributions is authorized to submit such contributions on behalf of the entity pursuant to the CLA.