Geo-Location Based Traffic Management with F5 BIG-IP for VMware Products (PoC): F5 BIG-IP LTM Configuration (SKKB1018)

In this article we will focus on the F5 BIG-IP Local Traffic Manager (LTM) configuration. This article assumes you have already deployed the LTM devices as described previously. We will take a look at LTM Monitors, Nodes, Pools , Load balancing and Virtual Servers.

Part 1: Geo-Location Based Traffic Management with F5 BIG-IP for vRA (PoC)
Part 2: Infrastructure Setup
Part 3: F5 BIG-IP LTM (this article)
Part 4: F5 BIG-IP GTM
Part 5: Infrastructure Setup (continued)
Part 6: Use Case 1
Part 7: Use Case 2

Lab Environment

The logical design of this lab can be seen HERE.

 

F5 BIG-IP LTM

Monitors

The BIG-IP® local traffic management system can monitor the health or performance of either pool members or nodes. The local traffic management system includes a wide variety of monitors. You can choose which types of monitors you want to associate with a given pool, pool member, or node.
For more info about configuring monitors, see Configuring Monitors
Depending on the use case you are implementing, different health monitors are needed.
Refer to the particular use case to identify the monitors necessary and use the steps below to create them.

Go to the each LTM device and navigate to [Local Traffic > Monitors]
Create a Monitor , according to your user case, with the following properties:

// vRealize Automation Center (vRA) Monitors

Name: vra-https-va-web
Description (optional): Health Monitor for the vRA Appliance
Type: HTTPS
Interval: 5 seconds
Timeout: 9 seconds
Send String: GET /vcac/services/api/status\r\n
Receive String: REGISTERED

Name: vra-https-iaas-mgr
Description (optional): Health Monitor for the vRA IaaS Manager
Type: HTTPS
Interval: 5 seconds
Timeout: 9 seconds
Send String: GET /\r\n
Receive String: ProxyAgentService

Name: vra-https-iaas-web
Description (optional): Health Monitor for the vRA IaaS Web
Type: HTTPS
Interval: 5 seconds
Timeout: 9 seconds
Send String: GET /WAPI/api/status\r\n
Receive String: true

Name: vra-https-postgress
Description (optional): Health Monitor for the vRA Postgress database
Type: HTTPS
Interval: 5 seconds
Timeout: 16 seconds
Send String: GET /vPostgresService.py\r\n
Receive String: Postgres.Master=true
User Name: <VAMI UserName>
Password: <VAMI Password>
Alias Service Port: 5480

Leave all other properties to their default values.

 

Nodes

Nodes are the basis for creating a load balancing pool. For any server that you want to be part of a load balancing pool, you must first create a node, that is, designate that server as a node. After designating the server as node, you can add the node to a pool as a pool member. You can also associate a health monitor with the node, to report the status of that server.
For information on adding nodes to load balancing pools, see Chapter 4, Configuring Load Balancing Pools.

In this case we will add the following nodes:

  • GeoApp LA Nodes to the LTM LA device (f5-ltm-a-01)
  • GeoApp NY Nodes to the LTM NY device (f5-ltm-b-01)

This is roughly represented by the diagram below:

Depending on the use case you are implementing, these nodes will represent different (application) server components. For example these nodes can represent a vRA Web , vRA IaaS Web , vRA Iaas Manager Service or vRO server.

Refer to the particular use case to identify the nodes necessary and use the steps below to create them.

Go to the f5-ltm-a-01 LTM and navigate to [Local Traffic > Nodes]
Create Nodes with the following properties:

Name: geoapp-la-01
Address: 172.16.60.50

Name: geoapp-la-02
Address: 172.16.60.51

Name: geoapp-la-03
Address: 172.16.60.52

Name: geoapp-la-04
Address: 172.16.60.53

Name: geoapp-la-05
Address: 172.16.60.54

Name: geoapp-la-06
Address: 172.16.60.55

Leave all other properties to their default values.

Go to the f5-ltm-b-01 LTM and navigate to [Local Traffic > Nodes]
Create Nodes with the following properties:

Name: geoapp-ny-01
Address: 172.16.70.50

Name: geoapp-ny-02
Address: 172.16.70.51

Name: geoapp-ny-03
Address: 172.16.70.52

Name: geoapp-ny-04
Address: 172.16.70.53

Name: geoapp-ny-05
Address: 172.16.70.54

Name: geoapp-ny-06
Address: 172.16.70.55

Leave all other properties to their default values.

 

 

Pools

A load balancing pool is a logical set of devices, such as web servers, that you group together to receive and process traffic. Instead of sending client traffic to the destination IP address specified in the client request, the BIG-IP system sends the request to any of the servers that are members of that pool. This helps to efficiently distribute the load on your server resources.

When you create a pool, you assign pool members to the pool. A pool member is a logical object that represents a physical node (and a service) on the network. A pool member can pertain to the default route domain on the BIG-IP system or to a specific route domain that you choose. You then associate the pool with a virtual server on the BIG-IP system. Once you have assigned a pool to a virtual server, the BIG-IP system directs traffic coming into the virtual server to a member of that pool. An individual pool member can belong to one or multiple pools, depending on how you want to manage your network traffic.

For more information about pool configuration, see Configuring Load balancing Pools

Refer to the particular use case you are implementing to identify the Pools necessary and how to create them.

 

 

Load Balancing

A load balancing pool is a logical set of devices, such as web servers, that you group together to receive and process traffic. Instead of sending client traffic to the destination IP address specified in the client request, the BIG-IP system sends the request to any of the servers that are members of that pool. This helps to efficiently distribute the load on your server resources.

When you create a pool, you assign pool members to the pool. A pool member is a logical object that represents a physical node (and a service) on the network. A pool member can pertain to the default route domain on the BIG-IP system or to a specific route domain that you choose. You then associate the pool with a virtual server on the BIG-IP system. Once you have assigned a pool to a virtual server, the BIG-IP system directs traffic coming into the virtual server to a member of that pool. An individual pool member can belong to one or multiple pools, depending on how you want to manage your network traffic.

The specific pool member to which the BIG-IP system chooses to send the request is determined by the load balancing method that you have assigned to that pool. A load balancing method is an algorithm that the BIG-IP system uses to select a pool member for processing a request. For example, the default load balancing method is Round Robin, which causes the BIG-IP system to send each incoming request to the next available member of the pool, thereby distributing requests evenly across the servers in the pool

For more information about LTM Load balancing, see Configuring Load Balancing Pools and Specifying the load balancing method.
Refer to the particular use case you are implementing to identify the Load Balancing configuration necessary and how to configure it.

 

Virtual Servers

A virtual server is a traffic-management object on the BIG-IP system that is represented by an IP address and a service. Clients on an external network can send application traffic to a virtual server, which then directs the traffic according to your configuration instructions. The main purpose of a virtual server is often to balance traffic load across a pool of servers on an internal network. Virtual servers increase the availability of resources for processing client requests.

Not only do virtual servers distribute traffic across multiple servers, they also treat varying types of traffic differently, depending on your traffic-management needs. For example, a virtual server can enable compression on HTTP request data as it passes through the BIG-IP system, or decrypt and re-encrypt SSL connections and verify SSL certificates. For each type of traffic, such as TCP, UDP, HTTP, SSL, SIP, and FTP, a virtual server can apply an entire group of settings, to affect the way that the BIG-IP system manages that traffic type.

A virtual server can also enable session persistence for a specific traffic type. Through a virtual server, you can set up session persistence for HTTP, SSL, SIP, and MSRDP sessions, to name a few.

For more information about virtual servers, see Configuring Virtual Servers

Refer to the particular use case you are implementing to identify the Virtual Servers necessary and how to create them.

 

DISCLAIMER; This is a personal blog. Any views or opinions represented in this blog are personal and belong solely to the blog owner and do not represent those of people, institutions or organizations that the owner may or may not be associated with in professional or personal capacity, unless explicitly stated. Any views or opinions are not intended to malign any religion, ethnic group, club, organization, company, or individual.
All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.
Photos
Unless stated, all photos are the work of the blog owner and are licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License. If used with watermark, no need to credit to the blog owner. For any edit to photos, including cropping, please contact me first.
Recipes
Unless stated, all recipes are the work of the blog owner and are licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License. Please credit all recipes to the blog owner and link back to the original blog post.
Downloadable Files
Any downloadable file, including but not limited to pdfs, docs, jpegs, pngs, is provided at the user’s own risk. The owner will not be liable for any losses, injuries, or damages resulting from a corrupted or damaged file.
Comments
Comments are welcome. However, the blog owner reserves the right to edit or delete any comments submitted to this blog without notice due to
– Comments deemed to be spam or questionable spam
– Comments including profanity
– Comments containing language or concepts that could be deemed offensive
– Comments containing hate speech, credible threats, or direct attacks on an individual or group
The blog owner is not responsible for the content in comments.
This policy is subject to change at anytime.