Beruflich Dokumente
Kultur Dokumente
ca
pagina 1 van 11
VIRTUALIZEMYDC.CA
HOME
ABOUT
HOME LAB
VMWARE
CITRIX
MICROSOFT
@ANDREY_PO
YOU ARE HERE: HOME / OTHER / INITIAL F5 BIG-IP PROVISIONING & CONFIGURATION
Ill be honest, I dont work with load balancers all that much, other than
a configuration for a Client Access Server Array for Exchange or
maybe even Load balancing Connection servers for VMware Horizon
View. However, I think its something that I find to be quite interesting
because it touches base with both applications and networking. With
that said, I came across an article that Chris Wahl from Wahlnetwork
wrote about the F5 Lab licenses, and that got me very interested
because 1) we use F5 Load Balancers at work and 2) because I have a lab where I needed a
load balancer countless times to test a feature here and there. It is also useful for when
preparing for an exam, like Chris mentions in his article.
With that said, I went ahead and purchased a virtual lab edition license for $126 at the time of
this post. I went through CDW and in all, it took about 1 week to receive the license key. The
email with the license comes from F5 Networks, so be on the look out! Once I got my license,
it was time to download the F5 Big-IP OVA and import it into vSphere. Of course, from reading
other articles, it seems like it could also work with VMware Workstation and Fusion.
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015
pagina 2 van 11
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015
pagina 3 van 11
These interfaces are pretty self-explanatory so once youve defined the proper networks for
each interface and successfully imported the appliance, well then need to turn it on in order
to provision it. Provisioning will be the very first step we take before we can start using the
appliance. The process typically involves applying the license, enabling the necessary
components such as LTM, APM, GTM, Firewall, Link Control, Carrier Grade NAT, configuring
static IP addresses, specifying a new admin password, creating the necessary access
accounts, updates, etc.
By default, if you have DHCP enabled on your management interface subnet, the F5 Big-IP
appliance should automatically obtain an IP address, that IP address will then be listed in the
Virtual Machine general info section.
You can also use IFCONFIG to pull the IP address that was automatically assigned. Another
option is to use a network scanner if you have one available.
Default Password information
Console Access: Username: root Password: default
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015
pagina 4 van 11
Upon a successful login, we should be presented with a Welcome screen and a Setup Utility
that well be using to configure the F5 appliance
When we start the Setup Utility, one of the very first steps, is to provide a license to the
appliance. The way it works, is that the License will allow you to use certain features of the
appliance. You must be connected to the internet in order to successfully activate the license,
VERY IMPORTANT. Once the license has been activated, youll see the license data, active,
optional, and inactive modules
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015
pagina 5 van 11
Now things are starting to get interesting. The next step, is resource provisioning, in other
words, we need to specify what modules we want to enable and use. Below is a screenshot of
all the modules that are licensed and unlicensed
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015
pagina 6 van 11
Lets cover the basics of the modules were going to play with in the lab:
Carrier Grade NAT (CGNAT) Is a Large Scale NAT, in other words, it allows for
translation of internal private IPv4 Addresses (multiple PCs) into public IPv4 addresses.
Local Traffic Manager (LTM) LTM is a module that allows us to create an abstraction
layer between the user and the infrastructure in order to leverage high availability, load
balancing, secure, and optimize application traffic between the end user and
infrastructure. Essentially, this post will concentrate on LTM since this is the load
balancing piece of this product
Application Security (ASM) Provides a security layer for applications by allowing
control through access policies and insight into application access, violations, and
tampering
Global Traffic (GTM) This is an interesting component, as this will provide GSLB (Global
Server Load Balancing), which if youve worked on DR site design, youll know that with
certain types of applications like Exchange, can leverage this module and make the
disaster recovery a lot smoother. Something I will cover in another post.
Link Controller (LC) Allows us to link multiple connections (ISP for example, mentioned
in the article) and provides features such as topology based routing, load balancing by
link costs, integrated route shaping, and so on
Access Policy (APM) APM is a feature that allows for secure access to corporate
applications through the use of policies
As you can see from modules above, not all of them are licensed, and thats normal, were
only using a lab license so in my case, these unlicensed features are not required. However
you can get them licensed, but youd have to use a different license, costs a lot more!
Heres something interesting I find about the provisioning process, as you start adding module,
youll notice that the Memory, Disk, and CPU allocation at the top will change to
accommodate the new modules (see below). Its interesting, because it gives us an idea into
the amount of resources that will be required, so keep that in mind when provision the virtual
or physical appliance
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015
pagina 7 van 11
At the next step, we can configure the appliance to use a certificate, however for this blog
post, we wont be configuring a certificate because I will be making a separate post about it
later on
Now, we need to assign a static IP, Time zone, hostname, rood/admin password, and SSH
access
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015
pagina 8 van 11
Once the Platform section has been completed, we can end the Setup by clicking on Finish.
We will then be logged off and will be required to log back in, however this time, youll notice
that we now see something different, we now see the Big-IP Main menu where we can start
configuring the modules that weve enabled earlier. If by some reason, you forgot to enable
module, you can always go back and do so at a later time.
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015
pagina 9 van 11
That should be it for the initial configuration. I will be creating more post on how to configure
the load balancer with VMware View Connection servers and Exchange 2010/2013. Stay
tuned!
Be Sociable, Share!
Related
Leave a Reply
SEARCH
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015
pagina 10 van 11
SIGN ME UP!
RECOMMENDED BLOGS
Chris Stark
Cormac Hogan
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015
pagina 11 van 11
http://www.virtualizemydc.ca/2014/03/29/load-balancers-home-lab/
27-3-2015