Cloud Docs Home > F5 Public Cloud Integrations Index

Amazon Web Services: Solutions 101

You can create BIG-IP VE configurations quickly, reliably, and without being an expert in cloud or BIG-IP VE by using the AWS CloudFormation templates (CFTs) on https://github.com/F5Networks.

Each CFT creates a pre-configured BIG-IP VE solution, saving you the time and effort involved in a manual configuration.

CFTs can create configurations like:

  • Two BIG-IP VE instances with failover/high availability
  • A BIG-IP VE web application firewall (WAF), with more instances created when traffic requires it (Auto Scaling)
  • A standard 3-NIC BIG-IP VE, with internal, external, and management VLANs
  • And more

Additionally, each CFT can:

  • Introduce a BIG-IP VE into an existing environment (useful when you already have apps in the cloud and want to add BIG-IPs), or
  • Create all new resources (useful when you want to test how a configuration works).

Note: AWS CFTs that create new resources are in an experimental folder in github and F5 does not support them. However, you’re welcome to play with them to see how things work.

Working in github

Github is a source control system where CFTs and related resources live.

To get started with AWS CFTs, visit https://github.com/F5Networks/f5-aws-cloudformation. This is a landing page for the latest release of AWS CFTs created by F5.

The CFTs themselves that F5 supports are in a folder called supported.

The experimental folder contains CFTs that have not been as rigorously tested as the supported CFTs, but that you can still use them in test environments.


../_images/github_callouts_aws.png

The quickest, easiest way to deploy a CFT is to open the folder called supported and navigate until you find the CFT you want.

Then view the associated README, scroll down, and click github_launchaws. The CFT opens in the AWS console.


../_images/aws_create_stack.png

To deploy the solution, follow the steps in the wizard.

Important: If you have never deployed an instance in AWS before, you must go to the AWS Marketplace and accept the software licensing terms, or the deployment will fail. You will see a button that looks like this:

../_images/accept_terms.png

How to copy a CFT

If you want your own copy of the CFTs, so you can ensure you don’t accidentally edit someone else’s CFT, there are a few ways to do this.

Create a clone

To create a personal copy of the project and its CFTs, the easiest thing to do is click clone_button in the top right.

You can then download a zip file, use the GIT command line or SSH, or if you have GitHub Desktop installed, download and work with the files there.

For more information about installing Git, see this page.

To use the GIT command line, open a command window, navigate to the folder where you want to put the content, and type git clone with the URL.

For example, git clone https://github.com/F5Networks/f5-aws-cloudformation.git

Create a fork

If you want a web-accessible location for your personal CFTs, create a fork of the F5 github project.

To do this, click fork_button in the top right. You can edit files in your fork without affecting anyone else’s work.

Best practices

How you work in github is up to you, but here are some do’s and don’ts:

  • Do create a clone or fork of the project and mess with files there.
  • Don’t create a branch when you’re in the f5networks project. The developers at F5 use these branches to manage their workflow.
  • Don’t use experimental templates in production environments. F5 does not support it.
  • Do use supported templates, and edit only the custom configuration section detailed below.

How to edit a CFT

Each CFT contains the code required to deploy a specific BIG-IP VE configuration.

If you want the CFT to do additional configuration of the BIG-IP VE, you can. For example, you can add tmsh commands to configure a virtual server to receive traffic for your application.

The following example shows how to customize a 3-NIC configuration.

  1. In your personal copy of the project, click the supported folder and then standalone > 3nic. A list of files appears.

  2. Determine which template makes sense, based on the F5 license.

    ../_images/github_aws_files.png

  3. For this example, open your local copy of f5-existing-stack-hourly-3nic-bigip.template.

  4. Now add custom content to configure BIG-IP VE. Find the section of the template that looks like this:

    "### START CUSTOM CONFIGURATION\n",
    "### END CUSTOM CONFIGURATION"
    

    This is the only section of the file that you can edit if you want F5 to support the CFT.

  1. In this section, you can paste custom content. For example:

    "### START CUSTOM CONFIGURATION\n",
    "tmsh create ltm node demo_node fqdn { name testinstance.westus.cloudapp.azure.com }\n",
    "tmsh create sys application service Test-Instance-HTTP template f5.http variables add { pool__addr { value 0.0.0.0 } pool__mask { value 0.0.0.0 }} tables add { pool__members { column-names { addr port } rows { { row { demo_node 80 } } }}} traffic-group none\n",
    "### END CUSTOM CONFIGURATION\n"
    

    This code instantiates an HTTP iAPP, setting up a VIP and an FQDN pool membership. Then when the BIG-IP deployment is complete, the application is ready as well.

How to deploy a CFT

You can deploy a template a few different ways.

AWS Management Console

To deploy the CFT, you can log in to the AWS console and go to CloudFormation. Ensure you are in the correct region, and then deploy your CFT.

For more information about how to use CFTs in AWS, see this AWS walkthrough.

Bash

If you’d prefer to use bash, most CFTs have a corresponding bash example.

For an example of this file, see this file.

Save the .sh file and then in bash, run the corresponding command, called Example Command at the top of the file.

The command looks like this snippet:

# Example Command: ./deploy_via_bash.sh --stackName <value> --licenseType Hourly --sshKey <value> --subnet2Az1 <value> --etc

View release details

By default, the main github page shows the latest release of the CFTs. Every six weeks or so, F5 releases a new version.

F5 recommends you use the latest release whenever possible.

The file called aws-bigip-version-matrix.md shows a list of releases, for example:

../_images/github_matrix_aws.png

The most recent release is the default when you go to https://github.com/F5Networks/f5-aws-cloudformation.

To choose an older release, select a branch tag. For example:

../_images/github_branchtags.png

What is an AMI ID?

When you’re working with CFTs, it’s good to know about AMI IDs. An AMI is an Amazon Machine Image.

Every BIG-IP VE image in the AWS Marketplace has an image identifier, or AMI ID.

When you view any F5 offering in the Marketplace, you can continue past the first page, and view AMI IDs on the Manual Launch tab:

../_images/AMI_IDs.png

The CFTs include lists of AMI IDs. These IDs determine which image AWS uses when it creates the BIG-IP VE instance.

Get help

To ask questions to the F5 dev team and other community members, join the F5 Slack channel.