Install and Manage AKO using the AKO Operator

Overview

The AKO operator used to deploy, manage and remove an instance of the AKO Controller. This operator when deployed, creates an instance of the AKO Controller and installs all the relevant objects like:

  • AKO stateful set
  • Cluster role and Cluster role binding
  • Configmap required for the AKO Controller and other artifacts.

This article explains how to:

  1. Install the AKO operator
  2. Deploy and manage the AKO controller using the AKO operator

Pre-requisites

For successfully running AKO, the following are the pre-requisites:

  1. Ensure that the Avi Controller is of version 18.2.10/ 20.1.2 or higher.

  2. Configure an Avi Controller with a vCenter cloud.

  3. Ensure that a PG network is a part of the North-South IPAM configured in vCenter.

  4. If your POD CIDRs are not route-able, the data path flow is as described below:

    Data Path Flow

    • The client requests a specified hostname/path

    • The DNS virtual service returns an IP address corresponding to the hostname

    • The request is forwarded to the resolved IP address that corresponds to a virtual IP hosted on an Avi Service Engine. The destination IP in the packet is set as the POD IP address on which the application runs.

    • Service Engines use the static route information to reach the POD IP via the next-hop address of the host on which the pod is running.

    • The pod responds and the request is sent back to the client.

      • Create a Service Engine Group dedicated to a Kubernetes cluster.

    Note: If your POD CIDRs are route-able, then skip step 2. Ensure that you skip static route syncing in this case using the disableStaticRouteSync flag in the values.yaml of your helm chart.

  5. Ensure Kubernetes is on version 1.16.

  6. Ensure the Helm CLI is pointing to your Kubernetes cluster.

    Note: AKO only supports Helm 3.0.0.

Install Using Helm

To install AKO Operator using Helm,

  1. Create the avi-system namespace: 
    
 kubectl create ns avi-system
  2. Add this repository to your helm CLI: 
    
 helm repo add ako https://avinetworks.github.io/avi-helm-charts/charts/stable/ako

    Use the values.yaml from this repository to edit values related to Avi configuration. The values and their corresponding index can be found here.

  3. Search the available charts for AKO Operator: 
    
  helm search repo
     
  NAME                 	        CHART VERSION	APP VERSION	DESCRIPTION
  ako/ako-operator              1.3.1         1.3.1      	A helm chart for AKO Operator
  4. Install AKO Operator: 
    
  helm install  ako/ako-operator  --generate-name --version 1.3.1 -f values.yaml  --set ControllerSettings.controllerIP=<controller_ip> --set avicredentials.username=<avi-ctrl-username> --set avicredentials.password=<avi-ctrl-password> --namespace=avi-system

  5. Verify the installation: 
    
 helm list -n avi-system
    
 NAME          	            NAMESPACE
 ako-operator-2889212993	    avi-system

Note: Installing the AKO operator via helm will also add an AKOConfig object which in turn, will prompt the AKO operator to deploy the AKO Controller.

To know more about the AKOConfig object and how to manage the AKO Controller using this object, click here.

The list of CRDs added during the AKO operator installation:

  • AKOConfig
  • HostRule
  • HTTPRule

Uninstall AKO Operator Using Helm

To uninstall the AKO operator and the AKO controller, use the following steps:

  1. Remove the aviconfig object, this cleans up all the related artifacts for the AKO Controller.

    
 kubectl delete AKOConfig -n avi-system aviconfig

  2. Remove the AKO operator’s resources

    
 helm delete <ako-operator-release-name> -n avi-system

Note: The ako-operator-release-name is obtained by running the Helm list as shown here.

  1. Delete the avi-system namespace:

    
 kubectl delete ns avi-system

AKOConfig Custom Resource

The AKO Operator manages the AKO Controller. To deploy and manage the Controller, it takes in a custom resource object called AKOConfig. To view a sample configuration and understand the fields in the configuration, click here.

Deploying the AKO Controller

The AKO operator was installed using Helm, a default AKOConfig object called ako-config is already added and hence, this step is not required for Helm based installation.

Note: If the AKO operator was installed manually, then to install the AKO Controller, add an AKOConfig object to the avi-system namespace.


kubectl create -f ako-config.yaml -n avi-system

Managing the AKO Controller

To modify any property of the AKO Controller, change the AKOConfig object and save the changes.


kubectl edit akoconfig -n avi-system ako-config

Note: If the AKO Controller’s configmap/statefulset is edited out-of-band, the changes will be overwritten by the AKO operator.

Removing the AKO Controller

To remove the AKO Controller, simply delete the AKOConfig object:


kubectl delete akoconfig -n avi-system ako-config

Caveats with Existing AKO Installations

The AKO operator is not supported to work with the standalone deployments of AKO, via helm or otherwise (non-operator-based installations). The reason for being, that the AKO Operator completely manages the AKO Controller and the related artifacts. If users want to switch from a non-operator-based deployment of AKO to AKO operator:

  1. Uninstall the existing AKO.
  2. Install the AKO operator (follow this for helm based installation).
  3. Deploy and manage the AKO Controller (follow this for helm based installation) via the operator.

Document Revision History

Date Change Summary
December 18, 2020 Published the Install Guide for AKO Operator