Run multiple F5 Agents in different environments¶
You can manage the same BIG-IP device or cluster with multiple instances of the F5 Agent for OpenStack Neutron when the instances run in differentiated service environments. A differentiated service environment is a uniquely-named environment that has:
- a dedicated F5 Driver,
- a dedicated messaging queue, and
- a dedicated F5 Agent.
In a multiple-agent setup, each F5 Agent manages a distinct environment that corresponds to a specific BIG-IP partition.
Important
- The F5 environment generator, a tool built in to the F5 Driver for OpenStack LBaaSv2, creates new service environments for you and configures Neutron to use the new service provider drivers.
- Differentiated service environments are not compatible with Virtual Clustered Multiprocessing (vCMP) systems. BIG-IP devices cannot share data or resources across differentiated service environments; this precludes the use of vCMP because vCMP guests share global VLAN IDs
Set up a new service environment¶
Generate a new custom environment on the Neutron controller.
Example: Add a custom environment called “dev1”¶add_f5agent_environment dev1Tip
The environment name field must be eight (8) characters or less.
Check the Neutron LBaaS configuration file to verify that the new service provider driver is active.
less /etc/neutron/neutron_lbaas.conf ... [service_providers] service_provider = LOADBALANCERV2:F5Networks:neutron_lbaas.drivers.f5.driver_v2.F5LBaaSV2Driver:default service_provider = LOADBALANCERV2:dev1:neutron_lbaas.drivers.f5.driver_v2.F5LBaaSV2Driver ...
Set up F5 Agent to use the new environment¶
In the F5 Agent configuration file:
Replace the default
environment_prefixwith the name of the new service environment.vi /etc/neutron/services/f5/f5-openstack-agent.ini # # environment_prefix = 'dev1' #
Add/update the iControl endpoints and login credentials for the BIG-IP devices you want to include in the service group.
# icontrol_hostname = 1.2.3.4, 5.6.7.8 # ... # icontrol_username = myusername ... # icontrol_password = mypassword #
Save the file with a new name.
Example¶:w f5-openstack-agent_dev1.ini
Set up the new environment on additional hosts¶
[OPTIONAL]
Take the step below if you want to run the F5 Agent in differentiated service environments on multiple hosts. [1]
Copy the F5 Agent, Neutron, and Neutron LBaaS configuration files from the Neutron controller to each additional host.
cp /etc/neutron/services/f5/f5-openstack-agent_dev1.ini <hostname>:/etc/neutron/services/f5/f5-openstack-agent_dev1.ini cp /etc/neutron/neutron.conf <hostname>:/etc/neutron/neutron.conf cp /etc/neutron/neutron_lbaas.conf <hostname>:/etc/neutron/neutron_lbaas.conf
Restart the services¶
Restart Neutron.
systemctl restart neutron-server \\ CENTOS service neutron-server restart \\ UBUNTU
Restart the F5 Agent.
CENTOS¶systemctl restart f5-openstack-agentUBUNTU¶service f5-oslbaasv2-agent restartImportant
Restart the F5 Agent on each host to which you copied the updated configuration file.
Create a load balancer in the new service environment¶
When you create a new load balancer, pass in the name of the new service environment using the
--providerflag.(neutron) lbaas-loadbalancer-create --name lb_dev1 --provider dev1 b3fa44a0-3187-4a49-853a-24819bc24d3e Created a new loadbalancer: +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | admin_state_up | True | | description | | | id | fcd874ce-6dad-4aef-9e69-98d1590738cd | | listeners | | | name | lb_dev1 | | operating_status | OFFLINE | | provider | dev1 | | provisioning_status | PENDING_CREATE | | tenant_id | 1b2b505dafbc487fb805c6c9de9459a7 | | vip_address | 10.1.2.7 | | vip_port_id | 079eb9e5-dc63-4dbf-bc15-f38f5fdeee92 | | vip_subnet_id | b3fa44a0-3187-4a49-853a-24819bc24d3e | +---------------------+--------------------------------------+
Note
Specifying the service provider driver determines which LBaaS driver messaging queue receives the task and, ultimately, which BIG-IP device/cluster gets the requested load balancer.
Learn more¶
When the F5 Agent for OpenStack Neutron uses the default service environment prefix – Project – the F5 Driver for OpenStack LBaaSv2 assigns LBaaS tasks to each F5 Agent instance from the global messaging queue.
When you create a new service environment (for example, “dev”, “prod”, “test”, etc.), you’re really creating a new LBaaS service provider driver and uniquely-named messaging queue.
The F5 environment generator creates the driver and adds it to the service providers list in the Neutron LBaaS config file.
When you issue a neutron lbaas-loadbalancer-create command with the --provider flag, that F5 Driver instance receives the task in its dedicated messaging queue; it then assigns the task to an F5 Agent instance in its environment group.
By default, F5 Agent instances in an environment group receive tasks in a round-robin fashion; you can set up capacity-based scale out for a greater degree of control over how the F5 Driver for OpenStack LBaaSv2 chooses which F5 Agent instances receive tasks.
Use Case¶
Use differentiated service environments if:
- You want to run multiple F5 Agent instances on the same host to manage the same BIG-IP device/cluster. Each unique service environment corresponds to a distinct BIG-IP partition, so the F5 Agent processes don’t overlap and cause errors.
- You want a finer degree of control over which BIG-IP device the F5 Agent creates LBaaS objects on. In the default set-up, the F5 Driver for OpenStack LBaaSv2 assigns tasks from the global messaging queue to the first available F5 Agent instance it finds. This means that, when using the default environment, you can’t control which BIG-IP device gets any given object. Custom service environments allow you to specify which F5 Agent instance/group – and, therefore, which BIG-IP device/cluster – should handle a given LBaaS task.
Footnotes
| [1] | Running F5 Agent instances on one (1) or more additional hosts provides redundancy and a degree of protection against individual host failure. See F5 Agent for OpenStack Neutron Redundancy and Scale-out for more information. |