In this Part 2 of my series on how to utilize VMware by Broadcom NSX ALB for Ingress Traffic for Container Network Functions I will explain the last bits what is needed.

Why do we need NSX ALB for Cloud Native Functions in Telco?

• All CNFs need resilient traffic for ingress/load balancing with Enterprise support
• We want observability and Visibility for our application and security layers
• There is a need for Central Orchestration of the life cycle of ALB Service Engines in multi-cloud environments where we have the applications running in different Regions and Availability Zones.
• Standardized API and Automation for all CNFs with integration for TCP stack and TCA
• Manual or Automatic Dynamic Scale when the traffic grows.

So now that we know the above let’s onboard NSX ALB AKO and a sample nginx application that requests a Load Balancer that will be instantiated in AVI NSX ALB by AKO.

Setup AKO with TCA, Telco Cloud Automation

To setup AVI AKO with TCA we need to first download AKO and upload it into our Harbor private registry.

To download AKO go to VMware Downloads Link an choose the version that is supported by the version of AVI that you run in your environment. In my case I am running AVI v22.1.5 and as such AKO 1.10.1 is supported.

AKO 1.10

For 21.1.x: 21.1.5 and above For 22.1.x: 22.1.3 and above

One downloaded, extract the tar.gz file and you will find two files one for the docker image and one helm chart.

tar -zxvf ako-1.10.1.tar.gz
ako/
ako/install_docs.txt
ako/ako-1.10.1-docker.tar.gz
ako/ako-1.10.1-helm.tgz

Change working directory to this path, cd ako/

Upload the AKO Helm chart:

helm push ako-1.10.1-helm.tgz oci://harbor.local/tcp-caas --insecure-skip-tls-verify
Pushed: harbor.local/tcp-caas/ako:1.10.1
Digest: sha256:f645b738d705ee19434b346a6578c878c054a0c5be444d010baea64ff36817c0

Also extract the ako-1.10.1-helm.tgz and edit the values file, this will be needed in the onboarding in TCA of AKO.

ls ako/
Chart.yaml crds templates values.yaml

Update the helm values.yaml with required AKO configurations(Controller IP/credentials, docker registry information etc)

Link to sample values.yaml file here, need to be renamed from values.txt to values.yaml

Verify in Harbor that the helm chart has been uploaded

Now let’s go into TCA UI and design the AKO CNF

Here we do the following
1. Onboard Cloud Native Network Function, name the funtion
2. Set the version on it
3. We drag a Helm chart in to the design canvas and set a name and the chart version as it is named in Harbor
4. we also specify a Helm Property Override and name it as values.yaml with a Type of: File

Next we instantiate the AKO CNF and select the values.yaml file that we saved and edited before.

As soon as the AKO CNF is instantiated we should see Completed in TCA.

Before we instantiate the nginx we want to add a AKO AviInfraSetting. Docs
This setting is what controls the traffic when requested by an ingress or load balancer with an annotation that is set on the CNFs where the traffic in NSX ALB will be forwarded to. It looks like this

We need to connect to the Kubernetes cluster inorder to apply this.
So we grab the kubeconfig from TCA from the cluster and then copy paste it into the /root/.kube/config file on our tool machine.

We apply the AviInfraSetting
kubectl apply -f custom_infrasetting.yaml

Next up we will instantiate a sample nginx CNF.
Just as we did before we download a nginx from bitnami.com and then upload it into Harbor Private Repository. We can do this with helm cli

helm search repo nginx

NAME CHART VERSION APP VERSION DESCRIPTION
bitnami/nginx 15.2.0 1.25.2 NGINX Open Source is a web server that can be a…
bitnami/nginx-ingress-controller 9.8.0 1.8.1 NGINX Ingress Controller is an
bitnami/nginx-intel 2.1.15 0.4.9 DEPRECATED NGINX Open Source for Intel is a 

helm pull bitnami/nginx --version 15.2.0

after this do an ls to list the .tgz file:
root@toolbox:~/nginx_15.2.0# ls
nginx-15.2.0.tgz

extract the file and edit the values.yaml file.
root@toolbox:~/nginx_15.2.0/nginx# ls
Chart.lock  charts  Chart.yaml  README.md  templates  values.schema.json  values.yaml

Login and then Push the nginx chart into the Private Harbor
helm registry login harbor.local
helm push nginx-15.2.0.tgz oci://harbor.local/tcp-caas --insecure-skip-tls-verify

Verify in Harbor the nginx chart is uploaded.

Now let’s go into TCA UI and design the NGINX CNF

We do the same thing as before but we set the name and version to reflect the nginx version instead:

When we edited the values.yaml file for the nginx we added an annotation that is naming the custom_infrasetting we are using for AKO.

In the NSX ALB UI we should now see that the AVI LB has been instatiated and our BGP sessions are Established

This concludes the configuration of ALB AKO for ingress and Load Balancing for CNFs.