Avi Kubernetes Operator All Versions

tunables.for.ako tenancy.in.ako restricting.fqdn.to.single.namespace namespace.sync.in.ako multiple.ako.instances.in.a.cluster cloud.connector.to.ako.migration install.avi.kubernetes.operator handling.of.kubernetes.openshift.and.avi.objects high.availability.support.in.ako enhanced.virtual.hosting.in.ako compatibility.guide.for.ako ako.deployment.in.openstack ako.optimisation.recommendations avi.kubernetes.operator.deployment.guide

Tenancy at Kubernetes/OpenShift Cluster Level

This section elaborates the steps to enable Tenancy in
AKO
 to map each Kubernetes/OpenShift cluster uniquely to a tenant in
Avi Load Balancer
.
To enable Tenancy in
AKO
, follow the steps below:
  1. Creating a Tenant.
    1. From the UI, navigate to
      Administration
      Accounts
      Tenants
      .
    2. Click
      Create
      .
    3. Enter the
      Name
       as
      billing
      .
    4. The
      New Tenant
       screen is as shown below:
    5. Click
      Save
      .
  2. Creating Roles: Create the required roles with appropriate privileges to the
    AKO
     user in the admin and the billing tenants. This can be created by POST to
    /api/role
    .
    1. Create the role .
    2. Create the role .
    3. Navigate to
      Administration
      Accounts
      Roles
      .
      The roles created are displayed as shown below:
  3. Assigning Tenants and Roles to users: Create users and assign tenants as required. To create users,
    1. Navigate to
      Administration
      Accounts
      Users
      .
    2. Click
      Create
      .
    3. Enter the
      User Information
       as required. In the
      Tenant & Role
       section, click
      Add
       and select the
      Roles
      .
    4. Under Individual Tenants, click
      Add
       and select the
      Tenant
      .
    5. Click
      Save
      .
In
AKO
, configure the following:
  • Set the
    ControllerSettings.tenantName
     to the tenant created in the earlier steps.
  • The
    avicredentials.username
     and
    avicredentials.password
     to the user credentials created above.
In the NodePort mode of
AKO
 (when
L7Settings.serviceType
 is set to
NodePort
), VRFContext permissions are not required in the admin tenant in the
Avi Load Balancer Controller
.

Content feedback and comments