Create App Stack Site
On This Page:
Objective
This document provides instructions on how to install F5® Distributed Cloud single-node or multi-node F5 Distributed Cloud App Stack sites on clusters of private Data Center (DC) devices. An App Stack site is a Distributed Cloud Customer Edge (CE) site engineered specifically for the purpose of managing DC clusters. To know more about Distributed Cloud sites, see Site. The F5 Distributed Cloud Platform also supports creating physical K8s (also called managed K8s) clusters for managing your applications on the created App Stack sites. See Create and Deploy Managed K8s for instruction on creating the managed K8s clusters.
Clusters of private DCs that are setup on geographically separated locations require an established direct communication link with each member of the cluster. An App Stack site helps achieving that while ensuring safety and reliability. You can define a DC cluster group in an App Stack site to which member nodes can be added dynamically. Such added members become part of the cluster group and automatically get full mesh connectivity with all other members of the group.
Using the instructions provided in this document, you can deploy a single-node or multi-node App Stack site on your private DC, define a cluster group, and add members to the cluster group. You can also enable the local API access for the managed K8s running on the sites so that it can be used like regular K8s.
App Stack Site vs Other CE Sites
The App Stack site differs from the regular Distrubted Cloud CE site that can be deployed with App Stack. An App Stack site simplifies the task of managing distributed apps across DC clusters while offering the option to establish full mesh connectivity among themselves. In the case of regular sites with App Stack functionality, you will need to explicitly create and manage site mesh groups for that purpose. With an App Stack site, you just need to add the site to the DC cluster group and connectivity is automatically established.
Also, a App Stack site provides support to manage local K8s while controlling communication between services of different namespaces. While regular Distributed Cloud sites provide virtual K8s (vK8s), the vK8s is per namespace per site, and managed local K8s is deployed across all namespaces of a App Stack site with a single kubeconfig. Therefore, if you require the ability to manage distributed apps across your private DC clusters with full mesh connectivity, an App Stack site with managed K8s is useful. For other requirements, you can use regular CE sites.
Reference Architecture
This reference architecture shows the recommended practice for setting up geographically distributed DC clusters using App Stack sites, privately connecting them using DC cluster group, and enabling managed K8s for deploying apps in those clusters.
The following image shows a sample reference architecture of the App Stack DC cluster site.
The DC clusters represent App Stack sites. These consist of interfaces towards storage network, interfaces in LACP towards DC switches, and dedicated or non-dedicated management interfaces. An App Stack site supports storage classes with dynamic PVCs. Bonded interfaces are also supported with bond interfaces for regular use in the case of a dedicated management interface. In the case of non-dedicated management interfaces, the fallback interface for internet connectivity in a bonded interface which must be assigned with a static IP address. The example image also shows TOR switches that can be connected with a single bond interface using MC-LAG or with 2 bond interfaces at L3 level. An App Stack site also supports establishing BGP peering with the TORs.
Bonding of interfaces is supported in LACP active/active or active/backup modes.
The following image shows sample reference deployment of an App Stack DC cluster sites that are deployed at different geographies.
The apps deployed in the managed K8s clusters in these sites can directly communicate with each other in CI/CD use cases or users can obtain access to managed K8s API using the Kubeconfig.
The following image shows service interaction for service deployed in different DC cluster sites:
The following image shows service interaction for service deployed in the same DC cluster site:
The following image shows service deployment in active/active and active/standby mode for remote clients:
Note: For instruction on accessing managed K8s clusters and deploying apps, see Create and Deploy Managed K8s guide.
Prerequisites
Note: If you do not have an account, see Create an Account.
- One or more physical DC devices consisting of interfaces with internet reachability.
Note: An App Stack site is supported only for the F5 IGW, ISV, and Dell Edger 640 Series devices.
- Resources required per site: Minimum 4 vCPUs and 14 GB RAM.
Deploy Site
Perform the steps provided in the following chapters to deploy a App Stack site.
Create App Stack Site Object
Log into F5 Distributed Cloud Console and perform the following steps:
Step 1: Start creating a App Stack site object.
-
In the
Cloud and Edge Sites
service, navigate toManage
->Site Management
and selectVoltStack Sites
. -
Click
Add App Stack Site
to open the App Stack site configuration form.
- Enter a name in the metadata section for your App Stack site object.
- Optionally select labels.
- Optionally enter a description.
Step 2: Set the fields for the basic configuration section.
- Select an option from the list of options for the
Generic Server Certified Hardware
field. The F5 Volterra ISV 8000 is selected by default. - Enter the names of master nodes in the
Master Nodes
field. ClickAdd item
to add more than one entry.
Note: Either a single node or 3 master nodes are supported.
-
Optionally, enter the names of worker nodes in the
Worker Nodes
field. ClickAdd item
to add more than one entry. -
Optionally, enter the following fields:
- Geographical Address - This derives geographical coordinates
- Coordinates - Latitude and longitude
Step 3: Configure bond interfaces.
Go to Bond Configuration
section and do the following:
- Select
Configure Bond Interfaces
for theSelect Bond Configuration
field.
- Click
Configure
under theConfigure Bond Interfaces
option to open bond interface configuration page.
-
Click
Add Item
under theBond Devices List
field in theBond Devices
section. -
Click on the
Bond Device Name
field on theBond Devices List
page and select a name from the list of options. You can also type a custom name and clickAdd item
to set the device name while also adding it to the existing options. -
Click on the
Member Ethernet Devices
field and select the ethernet devices that are part of this bond. UseAdd item
option to add more devices. -
Click on the
Select Bond Mode
field to update the bonding mode. LACP is selected by default for the bonding mode with the default LACP packet interval as 30 seconds. You can set the bond mode toActive/Backup
to set the bond members function in active and backup combination.
- Click
Add Item
.
Note: Use the
Add item
option in theBond Devices List
to add more than one bond device.
- Click
Apply
in theBond Devices
page to apply bond configuration to the App Stack site configuration.
Step 4: Perform network configuration.
Go to Network Configuration
section. Select Custom Network Configuration
for the Select to Configure Networking
field. Click Configure
under the Custom Network Configuration
option to open network configuration page.
Perform the following:
Step 4.1: Perform site local network configuration.
Site local network is applied with default configuration. Perform the following set of steps to apply custom configuration:
-
Select
Configure Site Local Network
for theSelect Configuration For Site Local Network
field. ClickConfigure
under theConfigure Site Local Network
field. -
Optionally, set labels for the
Network Labels
field in the network metadata section. -
Optionally, click
Show Advanced Fields
in theStatic Routes
section and selectManage Static Routes
for theManage Static Routes
field. ClickAdd Item
underManage Static Routes
field and do the following:- Enter IP prefixes for the
IP Prefixes
field. These all prefixes will be mapped to the same next-hop and attributes. - Select
IP Address
orInterface
orDefault Gateway
for theSelect Type of Next Hop
field and specify IP address or interface accordingly. In the case of interface, you can select an existing interface or create a new interface using the options for the interface field. - Optionally, select one or more options for the
Attributes
field to set attributes for the static route. - Click
Add Item
.
- Enter IP prefixes for the
-
Optionally, enable
Show Advanced Fields
option in theDc Cluster Group
section and do the following:-
Select
Member of DC Cluster Group
for theSelect DC Cluster Group
option. -
Click on the
Member of DC Cluster Group
field and select a DC cluster group. You can also selectCreate new dc cluster group
to create a new cluster group. Performing this adds this site to a DC cluster group, enabling full connectivity between the members of the group.Note: The
Not a Member
option is default.
-
- Click
Apply
.
Step 4.2: Perform interface configuration.
Bootstrap interface configuration is applied by default, and it is based on the certified hardware. Perform the following set of steps to apply custom interface configuration:
- Select
List of Interface
for theSelect Interface Configuration
field. ClickConfigure
under theList of Interface
field. This opens another interface list configuration page. - Click
Configure
under theList of Interface
field. - Click
Add Item
in theList of Interface
table. - Optionally enter an interface description
- Optionally select labels
- Select an option for the
Interface Config Type
field and set one of the interface types using the following instructions:
Ethernet Interface:
- Select
Ethernet Interface
and clickConfigure
under theEthernet Interface
field. This opens ethernet interface configuration page. - Select an option from the list of options of
Ethernet Device
field. You can also type a custom name to set the device name while also adding it to the existing options. - Select
Cluster, All Nodes of the Site
orSpecific Node
for theSelect Configuration for Cluster or Specific Node
field. In case of specific node, select the specific node from the displayed options of theSpecific Node
field. You can also type a custom name to set the device name while also adding it to the existing options. - Select
Untagged
orVLAN Id
for theSelect Untagged or VLAN tagged
field. In case of VLAN Id, enter the VLAN Id in theVLAN Id
field. - Select an option for the
Select Interface Address Method
field in theIP Configuration
section. The DHCP client is selected by default. In case you select a DHCP server, clickConfigure
under theDHCP Server
option and set the DHCP server configuration as per the options displayed on the DHCP server configuration page and clickApply
. This example shows the interface as DHCP client for brevity. - Select site local outside or site local inside network for the
Select Virtual Network
field of theVirtual Network
section. Site local outside network is selected by default. - Select if the interface is primary in the
Select Primary Interface
field. Default is not a primary interface. Ensure that you set only one interface as primary. - Click
Apply
.
Dedicated Interface:
- Select
Dedicated Interface
for theInterface config Type
field. - Select a device name from the displayed list for the
Interface Device
field. You can also type a custom name to set the device name while also adding it to the existing options. - Select
Cluster, All Nodes of the Site
orSpecific Node
for theSelect Configuration for Cluster or Specific Node
field. In case of specific node, select the specific node from the displayed options of theSpecific Node
field. You can also type a custom name to set the device name while also adding it to the existing options. - Select if the interface is primary in the
Select Primary Interface
field. Default is not a primary interface. Ensure that you set only one interface as primary. - Click
Add Item
.
Note: You can add more than one interface using the
Add item
option in theList of Interface
form.
Step 4.3: Perform security configuration.
In case of security configuration, network policy and forward policies are disabled. Go to Security Configuration
section and do the following to apply network and forward policies
-
Select
Active Network Policies
for theManage Network Policy
field. Click on theNetwork Policy
field and select a network policy from the displayed list of options. You can also create and apply a new network policy using theCreate a new network policy
option. You can apply more than one forward proxy policy using theAdd item
option. -
Select one of the following options for the
Manage Forward Proxy
field:- Select
Enable Forward Proxy With Allow All Policy
to allow all requests. - Select
Enable Forward Proxy and Manage Policies
to apply specific forward proxy policies. Select a network policy from the displayed list of options for theForward Proxy Policies
field. You can also create and apply a new network policy using theCreate a new forward proxy policy
option. You can apply more than one forward proxy policy using theAdd item
option.
- Select
Optionally, you can configure global networks in the Global Connections
section and BGP settings in the Advanced Configuration
section. This example does not include the configuration for these two for the purpose of brevity.
Step 5: Perform storage configuration.
Optionally, specify storage configuration for your site. Select Custom Storage Configuration
for the Select to Configure Storage
field in the storage configuration section. Click Configure
under the Custom Storage Configuration
option and perform configuration per the instructions included in the Fleet Storage guide.
Note: Storage configuration in App Stack site is similar to that of fleet.
Step 6: Perform advanced configuration.
- Go to
Advanced Configuration
section and enableShow Advanced Fields
option.
- Optionally, select
GPU Disabled
for theEnable/Disable GPU
field. This enables GPU capability for the site hardware. - Optionally, configure managed K8s for your site as per the following guidelines:
- Select
Enable Site Local K8s API access
for theSite Local K8s API access
field. - Click on the
Enable Site Local K8s API access
field and select a K8s cluster object from the list of the fields. You can also selectCreate new k8s cluster
option to create and apply the K8s cluster object.
- Select
- Optionally enable logs streaming and either select a select a log receiver or create a new log receiver.
- Optionally select a USB device policy. You can deny all USB devices, allow all USB devices, or allow specific USB devices.
- Optionally specify a Distributed Cloud software version. The default is the
Latest SW Version
. - Optionally specify an operating system version. The default is the
Latest OS Version
.
Note: The advanced configuration also includes managed K8s configuration. This is an important step in case you want to enable managed K8s access. This is possible only at the time of creating the App Stack site and cannot be enabled later by updating App Stack site.
Step 7: Complete creating the App Stack site.
Click Save and Exit
to complete creating the App Stack site.
Perform Site Registration
After creating the App Stack site object in Console, the App Stack site shows up in Console with Waiting for Registration
status. Install the nodes and ensure that the cluster name and host name for your nodes match with the App Stack site name and node name as per the Basic Configuration
section of App Stack site you configured. Perform registration as per the following instructions:
- Navigate to
Manage
>Site Management
>Registrations
in the system namespace. - Choose your site from the list of sites displayed under
Pending Registrations
tab. Click approve sign and start approval. - Ensure that the cluster name and hostname is matching with those of App Stack site.
- Click
Accept
to complete registration and the site turns online.