Transcription

Cisco UCS Director F5 BIG-IP Management Guide, Release 6.5First Published: 2017-07-26Americas HeadquartersCisco Systems, Inc.170 West Tasman DriveSan Jose, CA 95134-1706USAhttp://www.cisco.comTel: 408 526-4000800 553-NETS (6387)Fax: 408 527-0883

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITHTHE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain versionof the UNIX operating system. All rights reserved. Copyright 1981, Regents of the University of California.NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS.CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OFMERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUTLIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERSHAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, networktopology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentionaland coincidental.Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnershiprelationship between Cisco and any other company. (1110R) 2016Cisco Systems, Inc. All rights reserved.

CONTENTSCHAPTER 1New and Changed Information for this Release 1New and Changed Information for this Release 1CHAPTER 2Overview 3About the F5 Big-IP LTM Load Balancer 3About the Workflow Task for F5 Application Container Setup 4CHAPTER 3Managing the F5 BIG-IP Load Balancer 5F5 Load Balancing 6Understanding Load Balancing Terminology 7Adding a Network Element 8Viewing Application Services 9Creating an Application Service 9Virtual Servers 11Creating a Virtual Server 11Viewing Virtual Servers 13Viewing Virtual Server Statistics 14Viewing Virtual Addresses 15Updating Traffic Groups for Virtual Addresses 16Creating a Pool 16Adding Members to a Pool 17Viewing Pool Statistics 18Viewing Node Lists 19Viewing Node Statistics 20Viewing TCP Profiles 21Viewing UDP Profiles 21Partition 22Creating a Partition 22Cisco UCS Director F5 BIG-IP Management Guide, Release 6.5iii

ContentsViewing Device Groups 23Creating a Device Group 23Viewing Traffic Groups 24Viewing Traffic Group Device Statistics 25Creating a Traffic Group 26Forcing a Traffic Group to a Standby State 27Viewing Device Information 27Viewing HA Groups 28Cisco UCS Director F5 BIG-IP Management Guide, Release 6.5iv

CHAPTER1New and Changed Information for this ReleaseThis chapter contains the following sections: New and Changed Information for this Release, page 1New and Changed Information for this ReleaseNo significant changes were made to this guide for the current release.Cisco UCS Director F5 BIG-IP Management Guide, Release 6.51

New and Changed Information for this ReleaseNew and Changed Information for this ReleaseCisco UCS Director F5 BIG-IP Management Guide, Release 6.52

CHAPTER2Overview About the F5 Big-IP LTM Load Balancer, page 3 About the Workflow Task for F5 Application Container Setup, page 4About the F5 Big-IP LTM Load BalancerCisco UCS Director supports the F5 BIG-IP Local Traffic Manager (LTM) product module, which provideslocal load balancing based on a reverse proxy architecture, increases operational efficiency, and ensures peaknetwork performance by providing a flexible, high-performance application delivery system. Cisco UCSDirector supports basic and critical configuration in the LTM module through its generic tasks and reports.You can manage the LTM through Cisco UCS Director. In this document, references to F5 or BIG-IP or the"load balancer" all refer to this F5 product.For specific information about the F5 product releases supported by Cisco UCS Director and for relatedinformation, refer to the Cisco UCS Director Release Notes.Cisco UCS Director includes the following features and capabilities to support the F5 BIG-IP LTM productmodule: iApps Application Services and Templates Virtual Server creation, deletion, updates, and management, including inventories, processing metrics,and reports. Pool list creation, deletion, updates, and management, including inventories, processing metrics, andreports. Pool member inventory and reports. Node list inventory, processing metrics, and reports. TCP and UDP profile reports. Device group creation, deletion, updates, and management, including inventories, processing metrics,and reports.Cisco UCS Director F5 BIG-IP Management Guide, Release 6.53

OverviewAbout the Workflow Task for F5 Application Container Setup Traffic group creation, deletion, updates, and management, including inventories, processing metrics,and reports. Device information reports. HA group reports.About the Workflow Task for F5 Application Container SetupCisco UCS Director includes an F5 BIG-IP workflow task to aid in connecting to the Load Balancer usingthe Workflow Designer. The crucial workflow tasks are: Allocate Container VM Resources Provision Container - Network Provision Container - VM Re-synch Container - VMs Setup Container Gateway Setup Container F5 Load Balancer Send Container EmailFor more information on the F5 BIG-IP workflow task, see the Cisco UCS Director Application ContainerGuide.Cisco UCS Director F5 BIG-IP Management Guide, Release 6.54

CHAPTER3Managing the F5 BIG-IP Load Balancer F5 Load Balancing, page 6 Understanding Load Balancing Terminology, page 7 Adding a Network Element, page 8 Viewing Application Services, page 9 Creating an Application Service, page 9 Virtual Servers, page 11 Creating a Pool, page 16 Adding Members to a Pool, page 17 Viewing Pool Statistics, page 18 Viewing Node Lists, page 19 Viewing Node Statistics, page 20 Viewing TCP Profiles, page 21 Viewing UDP Profiles, page 21 Partition, page 22 Viewing Device Groups, page 23 Creating a Device Group, page 23 Viewing Traffic Groups, page 24 Viewing Traffic Group Device Statistics, page 25 Creating a Traffic Group, page 26 Forcing a Traffic Group to a Standby State, page 27 Viewing Device Information, page 27 Viewing HA Groups, page 28Cisco UCS Director F5 BIG-IP Management Guide, Release 6.55

Managing the F5 BIG-IP Load BalancerF5 Load BalancingF5 Load BalancingCisco UCS Director supports the creation and monitoring of F5 load balancers.Although load balancing may be prevalent in the routing environment, it is also of growing importance in thevirtual networking and VM environment. Server load balancing is a mechanism for distributing traffic acrossmultiple virtual servers, offering high application and server resource utilization.Server load balancing (SLB) is the process of deciding to which server a load-balancing device should senda client request for service. For example, a client request can consist of an HTTP GET for a web page or anFTP GET to download a file. The job of the load balancer is to select the server that can successfully fulfillthe client request and do so in the shortest amount of time without overloading either the server or the serverfarm as a whole.Depending on the load-balancing algorithm or predictor that you configure, the F5 BIG-IP performs a seriesof checks and calculations to determine the server that can best service each client request. F5 BIG-IP basesserver selection on several factors, including the server with the fewest connections regarding load, source ordestination address, cookies, URLs, or HTTP headers.A high-level process flow of load balancing is as follows:1 A client attempts to connect with a service on the load balancer.2 The load balancer accepts the connection.3 The load balancer decides which host should receive the connection and changes the destination IP address(or port) in order to match the service of the selected host.4 The host accepts the load balancer's connection and responds to the original source, to the client (throughits default route), and to the load balancer.5 The load balancer acquires the return packet from the host and changes the source IP address (or port) tocorrespond to the virtual server IP address and port, and forwards the packet back to the client.6 The client receives the return packet, assuming it came from the virtual server, and continues the rest ofthe process.Cisco UCS Director enables the management, orchestration, and monitoring of the F5 load balancer. Followingis a summary of the crucial processes:1 Add the F5 load balancer. To add the F5 load balancer, choose Administration Physical Accounts. Onthe Physical Accounts page, click Managed Network Elements and then click Add Network Element.2 On adding the F5 load balancer as a managed element, Cisco UCS Director triggers Cisco UCS Directortask inventory collection. The polling interval configured on the System Tasks specifies the frequencyof inventory collection.3 After the F5 load balancer is added to the Pod, it is listed with all other components of the pod environmentat the account level. To see the F5 component information, choose Physical Network. On the Networkpage, choose the Pod and click Managed Network Elements.There are two ways to implement load balancing on an F5 device using Cisco UCS Director:1 Use an iApps (BIG-IP) application service.Cisco UCS Director F5 BIG-IP Management Guide, Release 6.56

Managing the F5 BIG-IP Load BalancerUnderstanding Load Balancing TerminologyiApps application templates let you configure the BIG-IP system for your HTTP applications, by functioningas an interface to consistently deploy, manage, and monitor your servers. You can use default iAppstemplates or create and customize a template to implement load balancing on the F5 device.2 Use Cisco UCS Director to: Set up a managed element Create a Pool Add pool members Create a virtual serverUnderstanding Load Balancing TerminologyThis section describes common terms found in the F5 BIG-IP environment. In a load-balancing environment,a virtual server is a construct that allows multiple physical servers to appear as one for load-balancing purposes.A virtual server is bound to physical services running on real servers in a server farm and uses IP address andport information to distribute incoming client requests to the servers in the server farm according to a specifiedload-balancing algorithm. Virtual servers—In a load-balancing environment, a virtual server is a construct that allows multiplephysical servers to appear as one for load-balancing purposes. A virtual server is bound to physicalservices running on real servers in a server farm and uses IP address and port information to distributeincoming client requests to the servers in the server farm according to a specified load-balancing algorithm. Pools—A pool is a collection of virtual servers that provide similar services available on multiple hosts.(See the pool members or nodes entry for additional information.) Pool members or nodes—When creating a pool, you assign one or more pool members to it. A poolmember or node is a logical object that represents a physical node (and a service) on the network. Whenyou add a virtual server to a pool, it becomes a pool member. A member or node includes the TCP portof the actual application that is receiving traffic.TipA virtual server can be a member of multiple pools. In a different pool, it can havedifferent attributes and play a different role. For example, a virtual server could be abackup resource for a different type of requests, such as requests from a different partof the world. Nodes—Physical servers that receive traffic from a load balancer. Profiles—A profile can be either local or roaming. We recommended that you operate using roamingprofiles rather than local profiles. Using roaming profiles assures you that your settings are alwaysavailable to you at all times.Cisco UCS Director F5 BIG-IP Management Guide, Release 6.57

Managing the F5 BIG-IP Load BalancerAdding a Network ElementAdding a Network ElementIn order to create a virtual server that supports load balancing, first add a network element in Cisco UCSDirector. After a Load Balancer is added as a network element in Cisco UCS Director, it appears on theManaged Network Element screen.Before You BeginYou must be logged in to the appliance to complete this task.Step 1Step 2Choose Administration Physical Accounts.On the Physical Accounts page, click Managed Network Elements.Step 3Step 4Click Add Network Element.On the Add Network Element screen, complete the following fields:NameDescriptionPod drop-down li