Virtualize My Lab-F5
description
Transcript of Virtualize My Lab-F5
-
VIRTUALIZEMYDC.CA
MARCH 27, 2015
YOU ARE HERE: HOME / OTHER / INITIAL F5 BIG-IP PROVISIONING & CONFIGURATION
Initial F5 Big-IP Provisioning & ConfigurationMARCH 29, 2014 BY ANDREY POGOSYAN LEAVE A COMMENT
Ill be honest, I dont work with load balancers all that much, other than
a configuration for a Client Access Server Array for Exchange or
maybe even Load balancing Connection servers for VMware Horizon
View. However, I think its something that I find to be quite interesting
because it touches base with both applications and networking. With
that said, I came across an article that Chris Wahl from Wahlnetwork
wrote about the F5 Lab licenses, and that got me very interested
because 1) we use F5 Load Balancers at work and 2) because I have a lab where I needed a
load balancer countless times to test a feature here and there. It is also useful for when
preparing for an exam, like Chris mentions in his article.
With that said, I went ahead and purchased a virtual lab edition license for $126 at the time of
this post. I went through CDW and in all, it took about 1 week to receive the license key. The
email with the license comes from F5 Networks, so be on the look out! Once I got my license,
it was time to download the F5 Big-IP OVA and import it into vSphere. Of course, from reading
other articles, it seems like it could also work with VMware Workstation and Fusion.
F5 BIG-IP VIRTUAL EDITION MINIMUM SYSTEM REQUIREMENTS
2 x Virtual CPUs
4GB of RAM for a 2-core CPU
8GB of RAM for a 4-core CPU
PCnet32 LANCE for Management interface
HOME ABOUT HOME LAB VMWARE CITRIX MICROSOFT @ANDREY_PO
pagina 1 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
3 x VMXNET3 virtual network adapters
1 x 100GB SCSI disk (default)
1 x 50GB SCSI disk (for extra modules)
More information on the system requirements can be found here.
ESXi CPU REQUIREMENTS
64 bit architecture
Support for AMD-V or Intel-VT (Must be Enabled)
Support for multi-threaded CPU
More information on the system requirements can be found here.
INSTALLING AND PROVISIONING F5 LOAD BALANCER
One of the first things we need to do, is define the necessary IP addresses for the appliance,
makes sense right? When deploying the OVA, during the deployment process, you will be
asked to provide 4 networks to use.
1. Management - For Managing your F5 Big-IP Appliance
2. Internal - Internal private network
3. External - External Network such as a DMZ subnet
4. HA - High Availability Network that will be used when creating an HA pair
pagina 2 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
These interfaces are pretty self-explanatory so once youve defined the proper networks for
each interface and successfully imported the appliance, well then need to turn it on in order
to provision it. Provisioning will be the very first step we take before we can start using the
appliance. The process typically involves applying the license, enabling the necessary
components such as LTM, APM, GTM, Firewall, Link Control, Carrier Grade NAT, configuring
static IP addresses, specifying a new admin password, creating the necessary access
accounts, updates, etc.
By default, if you have DHCP enabled on your management interface subnet, the F5 Big-IP
appliance should automatically obtain an IP address, that IP address will then be listed in the
Virtual Machine general info section.
You can also use IFCONFIG to pull the IP address that was automatically assigned. Another
option is to use a network scanner if you have one available.
Default Password information
Console Access: Username: root Password: default
pagina 3 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Web Interface Access: Username: admin Password: admin
Upon a successful login, we should be presented with a Welcome screen and a Setup Utility
that well be using to configure the F5 appliance
When we start the Setup Utility, one of the very first steps, is to provide a license to the
appliance. The way it works, is that the License will allow you to use certain features of the
appliance. You must be connected to the internet in order to successfully activate the license,
VERY IMPORTANT. Once the license has been activated, youll see the license data, active,
optional, and inactive modules
pagina 4 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Now things are starting to get interesting. The next step, is resource provisioning, in other
words, we need to specify what modules we want to enable and use. Below is a screenshot of
all the modules that are licensed and unlicensed
pagina 5 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Lets cover the basics of the modules were going to play with in the lab:
Carrier Grade NAT (CGNAT) Is a Large Scale NAT, in other words, it allows for
translation of internal private IPv4 Addresses (multiple PCs) into public IPv4 addresses.
Local Traffic Manager (LTM) LTM is a module that allows us to create an abstraction
layer between the user and the infrastructure in order to leverage high availability, load
balancing, secure, and optimize application traffic between the end user and
infrastructure. Essentially, this post will concentrate on LTM since this is the load
balancing piece of this product
Application Security (ASM) Provides a security layer for applications by allowing
control through access policies and insight into application access, violations, and
tampering
Global Traffic (GTM) This is an interesting component, as this will provide GSLB (Global
Server Load Balancing), which if youve worked on DR site design, youll know that with
certain types of applications like Exchange, can leverage this module and make the
disaster recovery a lot smoother. Something I will cover in another post.
Link Controller (LC) Allows us to link multiple connections (ISP for example, mentioned
in the article) and provides features such as topology based routing, load balancing by
link costs, integrated route shaping, and so on
Access Policy (APM) APM is a feature that allows for secure access to corporate
applications through the use of policies
As you can see from modules above, not all of them are licensed, and thats normal, were
only using a lab license so in my case, these unlicensed features are not required. However
you can get them licensed, but youd have to use a different license, costs a lot more!
Heres something interesting I find about the provisioning process, as you start adding module,
youll notice that the Memory, Disk, and CPU allocation at the top will change to
accommodate the new modules (see below). Its interesting, because it gives us an idea into
the amount of resources that will be required, so keep that in mind when provision the virtual
or physical appliance
pagina 6 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
At the next step, we can configure the appliance to use a certificate, however for this blog
post, we wont be configuring a certificate because I will be making a separate post about it
later on
Now, we need to assign a static IP, Time zone, hostname, rood/admin password, and SSH
access
pagina 7 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Once the Platform section has been completed, we can end the Setup by clicking on Finish.
We will then be logged off and will be required to log back in, however this time, youll notice
that we now see something different, we now see the Big-IP Main menu where we can start
configuring the modules that weve enabled earlier. If by some reason, you forgot to enable
module, you can always go back and do so at a later time.
pagina 8 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
That should be it for the initial configuration. I will be creating more post on how to configure
the load balancer with VMware View Connection servers and Exchange 2010/2013. Stay
tuned!
Be Sociable, Share!
FILED UNDER: OTHER
TAGGED WITH: BIG-IP, F5, LOAD BALANCER
Leave a Reply
SEARCH
Search this website
FOLLOW US FOR FREE!
Related
pagina 9 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Stay up to date with the latest content
from virtualizemydc.ca!
Email Address
SIGN ME UP!
RECOMMENDED BLOGS
Bas Van Kaam
Chris Stark
Cormac Hogan
Derek Seaman (VCDX)
Everything Virtual Simon Davies
ESX Virtualization Vladan Seget
Frank Denneman (VCDX)
Iam all vIRTUAL Lior Kamrat
Josh Odgers (VCDX)
LazyWinAdmin Francois-Xavier Cat
VCDX133 Rene Van Den Bedem
vHorizon Dale Scriven
VMFocus Craig Kilborn
Virtually Mike Brown
Wahl Network (VCDX) Chris Wahl
Yellow-Bricks (VCDX) Duncan Epping
pagina 10 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
-
Copyright 2015 News Pro Theme on Genesis Framework WordPress Log in
pagina 11 van 11Initial F5 Big-IP Provisioning & Configuration - virtualizemydc.ca
27-3-2015http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/