-
VIRTUALIZEMYDC.CA
MARCH 27, 2015
YOU ARE HERE: HOME / OTHER / INITIAL F5 BIG-IP PROVISIONING
& CONFIGURATION
Initial F5 Big-IP Provisioning & ConfigurationMARCH 29, 2014
BY ANDREY POGOSYAN LEAVE A COMMENT
Ill be honest, I dont work with load balancers all that much,
other than
a configuration for a Client Access Server Array for Exchange
or
maybe even Load balancing Connection servers for VMware
Horizon
View. However, I think its something that I find to be quite
interesting
because it touches base with both applications and networking.
With
that said, I came across an article that Chris Wahl from
Wahlnetwork
wrote about the F5 Lab licenses, and that got me very
interested
because 1) we use F5 Load Balancers at work and 2) because I
have a lab where I needed a
load balancer countless times to test a feature here and there.
It is also useful for when
preparing for an exam, like Chris mentions in his article.
With that said, I went ahead and purchased a virtual lab edition
license for $126 at the time of
this post. I went through CDW and in all, it took about 1 week
to receive the license key. The
email with the license comes from F5 Networks, so be on the look
out! Once I got my license,
it was time to download the F5 Big-IP OVA and import it into
vSphere. Of course, from reading
other articles, it seems like it could also work with VMware
Workstation and Fusion.
F5 BIG-IP VIRTUAL EDITION MINIMUM SYSTEM REQUIREMENTS
2 x Virtual CPUs
4GB of RAM for a 2-core CPU
8GB of RAM for a 4-core CPU
PCnet32 LANCE for Management interface
HOME ABOUT HOME LAB VMWARE CITRIX MICROSOFT @ANDREY_PO
pagina 1 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
3 x VMXNET3 virtual network adapters
1 x 100GB SCSI disk (default)
1 x 50GB SCSI disk (for extra modules)
More information on the system requirements can be found
here.
ESXi CPU REQUIREMENTS
64 bit architecture
Support for AMD-V or Intel-VT (Must be Enabled)
Support for multi-threaded CPU
More information on the system requirements can be found
here.
INSTALLING AND PROVISIONING F5 LOAD BALANCER
One of the first things we need to do, is define the necessary
IP addresses for the appliance,
makes sense right? When deploying the OVA, during the deployment
process, you will be
asked to provide 4 networks to use.
1. Management - For Managing your F5 Big-IP Appliance
2. Internal - Internal private network
3. External - External Network such as a DMZ subnet
4. HA - High Availability Network that will be used when
creating an HA pair
pagina 2 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
These interfaces are pretty self-explanatory so once youve
defined the proper networks for
each interface and successfully imported the appliance, well
then need to turn it on in order
to provision it. Provisioning will be the very first step we
take before we can start using the
appliance. The process typically involves applying the license,
enabling the necessary
components such as LTM, APM, GTM, Firewall, Link Control,
Carrier Grade NAT, configuring
static IP addresses, specifying a new admin password, creating
the necessary access
accounts, updates, etc.
By default, if you have DHCP enabled on your management
interface subnet, the F5 Big-IP
appliance should automatically obtain an IP address, that IP
address will then be listed in the
Virtual Machine general info section.
You can also use IFCONFIG to pull the IP address that was
automatically assigned. Another
option is to use a network scanner if you have one
available.
Default Password information
Console Access: Username: root Password: default
pagina 3 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Web Interface Access: Username: admin Password: admin
Upon a successful login, we should be presented with a Welcome
screen and a Setup Utility
that well be using to configure the F5 appliance
When we start the Setup Utility, one of the very first steps, is
to provide a license to the
appliance. The way it works, is that the License will allow you
to use certain features of the
appliance. You must be connected to the internet in order to
successfully activate the license,
VERY IMPORTANT. Once the license has been activated, youll see
the license data, active,
optional, and inactive modules
pagina 4 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Now things are starting to get interesting. The next step, is
resource provisioning, in other
words, we need to specify what modules we want to enable and
use. Below is a screenshot of
all the modules that are licensed and unlicensed
pagina 5 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Lets cover the basics of the modules were going to play with in
the lab:
Carrier Grade NAT (CGNAT) Is a Large Scale NAT, in other words,
it allows for
translation of internal private IPv4 Addresses (multiple PCs)
into public IPv4 addresses.
Local Traffic Manager (LTM) LTM is a module that allows us to
create an abstraction
layer between the user and the infrastructure in order to
leverage high availability, load
balancing, secure, and optimize application traffic between the
end user and
infrastructure. Essentially, this post will concentrate on LTM
since this is the load
balancing piece of this product
Application Security (ASM) Provides a security layer for
applications by allowing
control through access policies and insight into application
access, violations, and
tampering
Global Traffic (GTM) This is an interesting component, as this
will provide GSLB (Global
Server Load Balancing), which if youve worked on DR site design,
youll know that with
certain types of applications like Exchange, can leverage this
module and make the
disaster recovery a lot smoother. Something I will cover in
another post.
Link Controller (LC) Allows us to link multiple connections (ISP
for example, mentioned
in the article) and provides features such as topology based
routing, load balancing by
link costs, integrated route shaping, and so on
Access Policy (APM) APM is a feature that allows for secure
access to corporate
applications through the use of policies
As you can see from modules above, not all of them are licensed,
and thats normal, were
only using a lab license so in my case, these unlicensed
features are not required. However
you can get them licensed, but youd have to use a different
license, costs a lot more!
Heres something interesting I find about the provisioning
process, as you start adding module,
youll notice that the Memory, Disk, and CPU allocation at the
top will change to
accommodate the new modules (see below). Its interesting,
because it gives us an idea into
the amount of resources that will be required, so keep that in
mind when provision the virtual
or physical appliance
pagina 6 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
At the next step, we can configure the appliance to use a
certificate, however for this blog
post, we wont be configuring a certificate because I will be
making a separate post about it
later on
Now, we need to assign a static IP, Time zone, hostname,
rood/admin password, and SSH
access
pagina 7 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Once the Platform section has been completed, we can end the
Setup by clicking on Finish.
We will then be logged off and will be required to log back in,
however this time, youll notice
that we now see something different, we now see the Big-IP Main
menu where we can start
configuring the modules that weve enabled earlier. If by some
reason, you forgot to enable
module, you can always go back and do so at a later time.
pagina 8 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
That should be it for the initial configuration. I will be
creating more post on how to configure
the load balancer with VMware View Connection servers and
Exchange 2010/2013. Stay
tuned!
Be Sociable, Share!
FILED UNDER: OTHER
TAGGED WITH: BIG-IP, F5, LOAD BALANCER
Leave a Reply
SEARCH
Search this website
FOLLOW US FOR FREE!
Related
pagina 9 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Stay up to date with the latest content
from virtualizemydc.ca!
Email Address
SIGN ME UP!
RECOMMENDED BLOGS
Bas Van Kaam
Chris Stark
Cormac Hogan
Derek Seaman (VCDX)
Everything Virtual Simon Davies
ESX Virtualization Vladan Seget
Frank Denneman (VCDX)
Iam all vIRTUAL Lior Kamrat
Josh Odgers (VCDX)
LazyWinAdmin Francois-Xavier Cat
VCDX133 Rene Van Den Bedem
vHorizon Dale Scriven
VMFocus Craig Kilborn
Virtually Mike Brown
Wahl Network (VCDX) Chris Wahl
Yellow-Bricks (VCDX) Duncan Epping
pagina 10 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Copyright 2015 News Pro Theme on Genesis Framework WordPress Log
in
pagina 11 van 11Initial F5 Big-IP Provisioning &
Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/