Jump to content
Welcome to our new Citrix community!
  • NetScaler ADC and OpenShift 4 Solution Brief


    Richard Faulkner
    • Validation Status: Validated
      Summary: Solution brief on NetScaler use on OpenShift Kubernetes solution
      Has Video?: No

    NetScaler ADC and OpenShift 4 Solution Brief

    Introduction to the issue OpenShift solves and OpenShift

    Red Hat OpenShift 4 is a Kubernetes platform that provides enterprise-grade foundation for on-premises, hybrid, and multi-cloud deployments.

    OpenShift Container Platform provides enterprise-ready enhancements to Kubernetes, including the following:

     

    Hybrid Cloud Deployments

    You can deploy OpenShift Container Platform clusters to variety of public cloud platforms or in your data center.

     

    Integrated Red Hat technology

    Major components in OpenShift Container Platform come from Red Hat Enterprise Linux and related Red Hat technologies. OpenShift Container Platform benefits from the intense testing and certification initiatives for Red Hat’s enterprise quality software.

     

    Open Source Development Model

    Development is completed in the open, and the source code is available from public software repositories. This open collaboration fosters rapid innovation and development.

    For a more detailed reference, see OpenShift Container Platform Architecture.

     

    OpenShift4 Requirement for External Load Balancer

    External load balancers give Kubernetes nodes the ability to communicate with subnets outside of their cluster. This is crucial to the operability of OpenShift deployments because pods and clusters need to know about incoming traffic to correctly scale up and scale down different containers, and the obvious necessity to direct the correct incoming traffic to corresponding containers. OpenShift requires external load balancers, which Citrix provides, to operate effectively.

    This means we can use our technology, specifically our containerized Application Delivery Controller (CPX) combined with our Citrix Ingress Controller (CIC) to support a fully functioning and optimized OpenShift deployment, along with our automated External NetScaler ADC form factors including VPX. MPX, and BLX.

     

    Benefits of NetScaler ADC and OpenShift Integration

    Production Grade Ingress

    NetScaler ADC is proven to work at scale, providing features like advanced load balancing, TLS termination, L3-L7 protocol optimizations, and redundancy solutions to the internet’s largest web properties and thousands of enterprises.

     

    Flexibility

    NetScaler ADC support architecture flexibility – Citrix has a complete array of ADC form factors for every environment for inside and outside your cluster.

     

    Visibility and Troubleshooting

    Citrix ADM with Service Graphs provides actionable insight into the health and performance of applications and offers proactive troubleshooting for any issues.

     

    For a more detailed reference, see Microservices-Based Application and Delivery with Citrix and Red Hat OpenShift.

     

    Implementation of OpenShift

    If you are currently an OpenShift ‘4.x’ customer, you know there are Network Topology Requirements for your deployment. In the following sections, you can find the necessary configuration prerequisites to begin your Citrix & OpenShift deployment.

    Openshift4 requires both Load Balancing Services and corresponding DNS mapping for each service as outlined in the following sections.

     

    External Load Balancing Services Prerequisites

    Before you install the OpenShift Container Platform, two layer-4 load balancing services must be provisioned. The first is required by the API server, and the second is necessary to provide ingress to applications.

    Also, there are certain ports that need to be accessible for the Network Topology Requirements.

     

    1. First, you must open ports 6443 (Kubernetes API Server) and 22623 (Machine Configuration Server) for the bootstrap and control plane. Ensure removal of the bootstrap machine from the load balancer after the control plane initialization. You must also open ports 443 (HTTPS traffic) and 80 (HTTP traffic) on router pods, compute, and workers.

      For a more detailed reference, visit the Network Topology Requirements on OpenShift4 Container Platform Documentation.

    2. External DNS Mapping Prerequisites:

    Cluster Nodes:

     master1.openshift4.example.com +short    10.217.101.X master2.openshift4.example.com +short    10.217.101.X master3.openshift4.example.com +short    10.217.101.X worker1.openshift4.example.com +short    10.217.101.X worker2.openshift4.example.com +short    10.217.101.X bootstrap.openshift4.example.com +short  10.217.101.X

    ETCD Nodes:

     etcd-0.openshift4.example.com +short     10.217.101.X etcd-1.openshift4.example.com +short     10.217.101.X etcd-2.openshift4.example.com +short     10.217.101.X

    API Endpoints:

     api.openshift4.example.com +short        10.217.101.X api-int.openshift4.example.com +short    10.217.101.X

    Wildcard DNS Entry:

    *.apps.openshift4.example.com +short     10.217.101.X

    SRV Records:

    $ dig _etcd-server-ssl._tcp.openshift4.example.com SRV +short 0 10 2380 etcd-0.openshift4.example.com   0 10 2380 etcd-1.openshift4.example.com   0 10 2380 etcd-2.openshift4.example.com

    Implementation of NetScaler ADC

    NetScaler ADC Configuration Overview

    We want to ensure that the correct Virtual IPs are corresponding to the correct Service Group Members. As you can see below, we have configured the machine-config-server to point to a Service Group that has three members with unique IP addresses (10.217.101.185, 10.217.101.186, 10.217.101.187).

     

    image.jpg.5e6f50c2e806d04477f88cc77fa95086.jpg

    image.jpg.f9140a375af7a1926e40a3923d62969b.jpg

     

    image.jpg.4a74a013a969914e14064a29bec87204.jpg

     

    Virtual Servers and Services in ADC

    Using the following images as a reference, ensure that your configuration has the appropriate Virtual Servers and Services running on the correct ports.

     

    Virtual Servers:

     

    image.jpg.fd8aca2786ac4ba45218634aeb99f2a9.jpg

     

    Services:

    image.thumb.jpg.b6256209d9188d878030123b482fa7bf.jpg

    Summary

    NetScaler ADC can seamlessly integrate into any OpenShift 4 cluster and provide integrated External Load Balancing services for the cluster node components for high availability and DNS support as required by the OpenShift4 install requirements. Additionally, NetScaler ADC can be integrated inside the OpenShift 4 cluster using the Citrix CPX and Citrix Ingress Controller to integrate with OpenShift4 for all containerized deployments.

    To learn more about the Citrix Cloud Native solutions, visit NetScaler ADC Platforms.


    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...