Jump to content

guru

Administrators
  • Content Count

    66
  • Joined

  • Last visited

Community Reputation

1 Neutral

About guru

  • Rank
    Advanced Member
  1. Pool For this Application Template the following needs to be checked Properties LB mode: [ dynamic-ratio-member,dynamic-ratio-node,fastest-app-response,fatest-node,least-connections-member,least-connections-node,least-sessions,observed-member,observed-node,predictive-member,predictive-node,ratio-least-connections-member,ratio-least-connections-node,ratio-member,ratio-node,ratio-session,round-robin,weighted-least-connections-member,weighted-least-connections-node ] (Load-balancing mode) Monitors: [ http,https,icmp,tcp-half-open,tcp ] (List of health monitors (each by name or AS3 pointer) Members Service port: 80 (Service L4 port (optional port-discovery may override)) Administration State: [enabled,disable,offline] (Setting adminState to enable will create the node in an operational state. Set to disable to disallow new connections but allow existing connections to drain. Set to offline to force immediate termination of all connections) Share Nodes: Enabled checked (If enabled, nodes are created in /Common instead of the tenant) Server addresses: Editable (Static IP addresses of servers (nodes) Slow ramp time: 300 (AS3 slowly the connection rate to a newly-active member slowly during this interval (seconds)) JSON Detail { "properties": { "class": {}, "members": { "type": "array", "items": { "type": "object", "properties": { "servicePort": { "type": "number", "default": 80 }, "adminState": { "type": "string", "default": "enable" }, "shareNodes": { "type": "boolean", "default": true, "const": true }, "serverAddresses": { "type": "array" } } } }, "monitors": { "type": "array", "default": [ "http" ] }, "loadBalancingMode": { "type": "string", "default": "least-connections-member", "const": "least-connections-member" }, "slowRampTime": { "type": "number", "default": 300, "const": 300 } }, "type": "object", "additionalproperties": false } Here are the options that are not selected
  2. Persist All default options (nothing customized for this template) JSON Detail { "properties": { "class": {}, "persistenceMethod": { "type": "string" } }, "type": "object", "additionalProperties": false }
  3. HTTP_Profile All default options (nothing customized for this template) JSON Detail { "properties": { "class": {} }, "type": "object", "additionalproperties": false }
  4. Analytics_Profile For this Application Template the following needs to be checked Collected Statistics Internal Logging (Specifies that statistics logs are stored in the system) Collect Max TPS and Throughput (Specifies that the system collects statistics for the maximum number of transactions per second, and the maximum amount of traffic moving through the system, both request and response throughput values) Collect Page Load Time (Specifies that the system collects statistics of the round-trip latency between client end-users and the servers) Collect Client-Side Statistics (Specifies that the system collects statistics regarding the HTTP request and response times) Collect URL (Specifies that the system collects statistics of requested URLs) Collect Countries (Specifies that the system collects statistics of the name of the countries from which that traffic was sent) Collect Client IP Addresses (Specifies that the system collects statistics of the IP addresses of where the traffic came from) Collect Client Subnet (Specifies that the system collects statistics of client subnets) Collect Response Code (Specifies that the system collects statistics about the distribution of HTTP response codes returned by the servers) Collect User Agent (Specifies that the system collects statistics about browsers used to send traffic) Collect Method (Specifies that the system collects statistics about the distribution of HTTP methods found in requests) Collect Operating System and Browser (Specifies that the system collect statistics about the OSs and Browsers used to send requests) Which produces the following JSON Detail { "properties": { "class": {}, "collectUserAgent": { "type": "boolean", "default": true, "const": true }, "collectClientSideStatistics": { "type": "boolean", "default": true, "const": true }, "collectGeo": { "type": "boolean", "default": true, "const": true }, "collectUrl": { "type": "boolean", "default": true, "const": true }, "collectOsAndBrowser": { "type": "boolean", "default": true, "const": true }, "collectMethod": { "type": "boolean", "default": true, "const": true }, "collectResponseCode": { "type": "boolean", "default": true, "const": true }, "collectSubnet": { "type": "boolean", "default": true, "const": true }, "collectIp": { "type": "boolean", "default": true, "const": true }, "collectPageLoadTime": { "type": "boolean", "default": true, "const": true }, "collectMaxTpsAndThroughput": { "type": "boolean", "default": true, "const": true } }, "type": "object", "additionalproperties": false } The following are not selected Capture Filter Request Captured Parts [ all,body,headers,none ] (Specifies which parts of the request data the system captures) Response Captured Parts [ all,body,headers,none ] (Specifies which parts of the response data the system captures) DoS Activity [ any,mitigated-by-dosl7 ] (Specifies whether the system captures traffic data mitigated by the D0S Layer 7 Enforcer, or traffic regardless of DoS activity) Captured Protocols [ all, ] Qualified for JavaScript Injection Enabled (not checked by default) Virtual Servers Node Addresses Response Status Codes HTTP Methods URL Filter Type URL Path Prefixes User Agent Substrings Client IP Addresses Request Content Filter Search Request Content Filter Search String Response Content Filter Search Part Response Content Filter Search String Collected Statistics External Logging Captured Traffic Internal Logging Captured Traffic External Logging externalLogging Use (AS3 pointer to log publisher declaration) Bigip (pathname of existing BIG-IP log publisher) Notification by syslog Notification by SNMP Notification by Email E-mail Notification Recipients Publish iRule Statistics Collect User Sessions URLs for Statistics Collection Countries for Statistics Collection Subnets for Statistics Collection Session Cookie Security [ ssl-only,always-secure,never-secure ] (Specify whether to secure session cookies) Session Timeout in Minutes 5 (The number of minutes of user non-activity to allow before the system considers the session to be over)
  5. Add Classes to your AS3 Application Template Go through and select the following for this template Analytics_Profile HTTP_Profile Persist Pool Service_HTTP TCP_Profile NEXT its time to customize each class which creates the JSON Detail
  6. Here is the template used in BIG-IQ name: http-app-v1 tenant: check Editable Description: Custom HTTP template PROPERTIES { "type": "object", "properties": { "class": { "type": "string", "const": "Application" }, "template": {}, "schemaOverlay": {}, "label": {}, "remark": {} }, "additionalProperties": { "allOf": [ { "anyOf": [ { "properties": { "class": { "const": "Analytics_Profile" } } }, { "properties": { "class": { "const": "HTTP_Profile" } } }, { "properties": { "class": { "const": "Pool" } } }, { "properties": { "class": { "const": "Service_HTTP" } } }, { "properties": { "class": { "const": "Persist" } } }, { "properties": { "class": { "const": "TCP_Profile" } } } ] }, { "if": { "properties": { "class": { "const": "Analytics_Profile" } } }, "then": { "$ref": "#/definitions/Analytics_Profile" } }, { "if": { "properties": { "class": { "const": "HTTP_Profile" } } }, "then": { "$ref": "#/definitions/HTTP_Profile" } }, { "if": { "properties": { "class": { "const": "Pool" } } }, "then": { "$ref": "#/definitions/Pool" } }, { "if": { "properties": { "class": { "const": "Service_HTTP" } } }, "then": { "$ref": "#/definitions/Service_HTTP" } }, { "if": { "properties": { "class": { "const": "Persist" } } }, "then": { "$ref": "#/definitions/Persist" } }, { "if": { "properties": { "class": { "const": "TCP_Profile" } } }, "then": { "$ref": "#/definitions/TCP_Profile" } } ] }, "required": [ "class" ], "definitions": { "Analytics_Profile": { "properties": { "class": {}, "collectUserAgent": { "type": "boolean", "default": true, "const": true }, "collectClientSideStatistics": { "type": "boolean", "default": true, "const": true }, "collectGeo": { "type": "boolean", "default": true, "const": true }, "collectUrl": { "type": "boolean", "default": true, "const": true }, "collectOsAndBrowser": { "type": "boolean", "default": true, "const": true }, "collectMethod": { "type": "boolean", "default": true, "const": true }, "collectResponseCode": { "type": "boolean", "default": true, "const": true }, "collectSubnet": { "type": "boolean", "default": true, "const": true }, "collectIp": { "type": "boolean", "default": true, "const": true }, "collectPageLoadTime": { "type": "boolean", "default": true, "const": true }, "collectMaxTpsAndThroughput": { "type": "boolean", "default": true, "const": true } }, "type": "object", "additionalproperties": false }, "HTTP_Profile": { "properties": { "class": {} }, "type": "object", "additionalproperties": false }, "Pool": { "properties": { "class": {}, "members": { "type": "array", "items": { "type": "object", "properties": { "servicePort": { "type": "number", "default": 80 }, "adminState": { "type": "string", "default": "enable" }, "shareNodes": { "type": "boolean", "default": true, "const": true }, "serverAddresses": { "type": "array" } } } }, "monitors": { "type": "array", "default": [ "http" ] }, "loadBalancingMode": { "type": "string", "default": "least-connections-member", "const": "least-connections-member" }, "slowRampTime": { "type": "number", "default": 300, "const": 300 } }, "type": "object", "additionalproperties": false }, "Service_HTTP": { "properties": { "class": {}, "virtualPort": { "type": "number", "default": 80 }, "profileAnalytics": { "type": "object", "properties": { "use": { "type": "string", "default": "Analytics_Profile" } } }, "profileHTTP": { "type": "object", "properties": { "use": { "type": "string", "default": "HTTP_Profile" } } }, "virtualAddresses": { "type": "array" }, "pool": { "type": "string", "default": "Pool" }, "enable": { "type": "boolean", "default": true }, "snat": { "type": "object", "properties": { "bigip": { "type": "string" } } }, "iRules": { "type": "array" }, "metadata": { "type": "object", "properties": { "value": { "type": "string" } } }, "profileTCP": { "type": "object", "properties": { "use": { "type": "string" } } }, "persistenceMethods": { "type": "array", "default": [ "cookie" ] }, "clonePools": { "type": "object", "properties": { "ingress": { "type": "object", "properties": { "bigip": { "type": "string" } } }, "egress": { "type": "object", "properties": { "bigip": { "type": "string" } } } } } }, "type": "object", "additionalproperties": false }, "Persist": { "properties": { "class": {}, "persistenceMethod": { "type": "string" } }, "type": "object", "additionalProperties": false }, "TCP_Profile": { "properties": { "class": {} }, "type": "object", "additionalProperties": false } } }
  7. Just run this command to see what your uptime is on your F5 BIG-IP # tmsh run /util bash -c uptime 15:12:56 up 302 days, 15:10, 1 user, load average: 2.92, 3.23, 3.16
  8. Upgrade Instructions on how I upgraded our BIG-IQ from 6.1.0 to 7.0.0 First download the .iso from support.f5.com Log into BIG-IQ GUI and click on System - Software Management Click on Images and then the button Upload Image then browse to that .iso you just downloaded and click open. Then you have to click Upload and you'll see a status bar similar to the one I show below Now that the image uploaded now its time to install the image. So now click on System - Software Management - Installations Click the Upgrade button Now you need to select whether you want to do a Rolling Upgrade or Regular Upgrade. (Rolling Upgrade is great if you don't want any interruption and Regular Upgrade is for anyone that is okay with your BIG-IQ being down for awhile and if you have less than 3 DCDs) NOTE: the system will upgrade all DCD's first so you still have full use of BIG-IQ until it upgrades the BIG-IQ system appliance When they are at 100% you'll loose connection and it take a long long time before you get anything to pop backup on the GUI which below is one of the several screens that are displayed when its booting back up
  9. I have played aroune with Sublime Text, Atom, Eclipse IDE and I have been recently told to try Visual Studio Code. I have been trying not to since it has the name Microsoft in the name but I'll be honest, its pretty nice. I learned that this is very much like Atom or Sublime. Atom slows down with large projects where VS Code doesn't slow down at all. Some extensions I installed to help me out include: Rest Client – quick and easy testing of REST API (not as feature rich as POSTMAN, but good for quick testing) Python Prettier – For making JSON look indented (having issues installing based on a corrupt zip file) YAML – for ansible ANSIBLE Indented block highlighting – for highlighting the JSON block you are in (useful for F5 AS3) Project Manager – for easily switching between multiple projects There are so many videos to help you get going with VS Code.
  10. Waiting for the new version has been very painful as they keep pushing it back due to issues with BIG-IP 14.x Some major difference with 7.x from the current 6.1.0 support for clone pools support for one-connect Creation of applications using AS3 application templates (this is monsterous since now you will be able to create applications in the GUI that would mimic if you created the application via an API call to AS3 which allows user to control pool members).. its a requirement. We are trying to migrate from current Legacy LTMs to NEW LTMs which involves us 1. Export Certificate & Key from Legacy LTM 2. Import Cert & Key on BIG-IQ 3. Create SSL Client Profile using imported Cert & Key and cipher settings and options. Now when you deploy that application using AS3, you'll reference the SSL-Client profile.
  11. This example we are adding cache to our internal GTMs that are the first DNS servers configured on most servers so if we could get rid of alot of the noise coming to the Infoblox servers it would be nice. DNS cache settings are set with optimum values considering the cpu & memory resources available. None of these settings settings are propagated to other GTMs in sync group. DNS cache is something very local to the box ( configuration and maintenance ). Here are the instructions we run on each of our four internal GTMs Implementation:- 1.Create DNS cache as per below. DNS -> Caches -> click create Name:- non-wideip-resolver-cache Keep all default values. click Finished. Note:- Modifying cache size by default clears the cache of the respective field changed. 2.Apply cache created to the DNS profile which will eventually apply to the DNS listeners DNS ›› Delivery : Profiles : DNS ›› Properties : internal_dns DNS cache -> Enabled. DNA cache name:- non-wideip-resolver-cache Click Update Backout:- 1.Remove cache from the DNS profile which will eventually apply to the DNS listeners DNS ›› Delivery : Profiles : DNS ›› Properties : internal_dns DNS cache -> Disabled. Click Update 2.Delete DNS cache as per below. DNS -> Caches -> select cache name as per below. Name:- non-wideip-resolver-cache click Delete. Test plan:- 1.Please perform 100 digs and make sure it is server from the cache based of splunk logs. dig @10.11.12.234 www.int.mywiseguys.com 2.Observe cache hits count increasing. tmsh show ltm dns cache resolver 3. Run the following command on each iGTM that will show Clientside queries and responses tmsh show ltm dns View resouce record cache size (its pretty large so you may want to round to first 1000 records) tmsh show ltm dns cache records rrset cache non-wideip-transparent-cache View resource record cache size count tmsh show ltm dns cache records rrset cache non-wideip-transparent-cache count-only Clear/Delete cache synatx: tmsh delete <cache-type> type <record-type> cache <cache-name> example to delete the a records from the resource record cache of the resolver cache named non-wideip-transparent-cache: tmsh delete rrset type a cache non-wideip-transparent-cache
  12. 1) Move the txsat1slbco12 guest to another slot You need to Provision the vCMP Guest, change slot (in this case I moved it to 4) and watched the status state Guest Migration, then click Deploy.
  13. Looks to me like the bug is confirmed. Here is where the issue appears to lie: As you can see, txsat1slbco12 and txsat1slbco36 are reporting the same rebroad_mac address (far column on right). We have 4 options here: 1) Move the txsat1slbco12 guest to another slot 2) apply the workaround specified in bugtracker - --Disable clusterd from sending packets over tmm_bp by turning off the db variable clusterd.communicateovertmmbp: modify sys db clusterd.communicateovertmmbp value false. 3) Escalate and request and EHF to address this issue. 4) upgrade to v14 line as that appears unaffected. Any option will likely require a change record to cover yourself. Upgrading to v14 or EHF would be the most impactful as the other 2 can be run without a reboot.
  14. A quick breakout of the operating system for your reference
  15. If you want to send curl multiple times you can use (below its 20 times) for i in 'seq 1 20';do curl https://10.44.88.98/sahealth/f5chk.html
×
×
  • Create New...