F5 Container Integrations v1.3

Current Page

Application Services Proxy

Cloud Foundry

Kubernetes / OpenShift

Mesos Marathon

Support

Troubleshooting

Tutorials

Cloud Docs Home > F5 Container Integrations Index

F5 Container Integration - Cloud Foundry

This document provides general information regarding the F5 Integration for Cloud Foundry. For deployment and usage instructions, please refer to the guides below.

Overview

The F5 Container Integration for Cloud Foundry consists of the BIG-IP Controller for Cloud Foundry, or cf-bigip-ctlr. The BIG-IP Controller for Cloud Foundry lets you use your F5 BIG-IP device as an Application Delivery Controller (ADC) in Cloud Foundry, serving North-South traffic. You can use the BIG-IP Controller with Cloud Foundry or Pivotal Cloud Foundry (PCF).

General Prerequisites

The F5 Integration for Cloud Foundry’s documentation set assumes that you:

  • already have a functional Cloud Foundry or Pivotal Cloud Foundry deployment;
  • are familiar with the Cloud Foundry CLI and API;
  • already have a BIG-IP device licensed and provisioned for your requirements; and
  • are familiar with BIG-IP LTM concepts and tmsh commands.

BIG-IP Controller for Cloud Foundry

The BIG-IP Controller for Cloud Foundry is a Docker container-based application that runs on a Cloud Foundry Diego cell.

You can deploy the F5 BIG-IP Controller for Cloud Foundry using an Application Manifest. The Application Manifest tells Cloud Foundry and the BIG-IP Controller

  • how to deploy the BIG-IP Controller into the Cloud Foundry environment,
  • how to log in to the BIG-IP device,
  • how to set up the BIG-IP device when you launch the BIG-IP Controller for the first time, and
  • how to access orchestration information from the environment.

Once the BIG-IP Controller for Cloud Foundry is running, it

  • creates BIG-IP virtual servers, which serve as the entry points for traffic into the cloud;
  • creates a BIG-IP Local Traffic policy with rules for each HTTP route it finds in Cloud Foundry;
  • creates a pool for each TCP and HTTP route, with members for each application instance;
  • associates each application’s traffic policy rule with its pool.

Attention

  • The BIG-IP Controller can create two (2) L7 virtual servers for Cloud Foundry: one (1) for HTTP and one (1) for HTTPS.
  • The BIG-IP Controller creates an HTTP virtual server by default.
  • The BIG-IP Controller creates an L4 (TCP) virtual server for each mapped route to a TCP domain.

Key Cloud Foundry Concepts

The BIG-IP Controller configurations are “global”, meaning a single set of configurations apply to all of the pools/pool members created for Cloud Foundry Routes and Applications. The Cloud Foundry Application Manifest file is the means via which you can identify the BIG-IP policies, profiles, etc., you want to apply.

Important

Some policy and profile configurations only apply to L7 (HTTP) virtual servers. See the cf-bigip-ctlr configuration parameters table for more information.

Routes, NATS, and Routing API

In Cloud Foundry, the Gorouter component routes all incoming L7 traffic. The TCP Router component routes all incoming L4 traffic. Similarly, the BIG-IP Controller uses Cloud Foundry’s routing tables to direct traffic to the correct virtual machine(s) for a requested application. The BIG-IP Controller watches the NATS bus and Routing API for route updates; when the Controller discovers changes, it configures the BIG-IP device(s) accordingly.

When you deploy a new application with a mapped HTTP route in Cloud Foundry, the BIG-IP Controller automatically creates a BIG-IP pool, pool members, and traffic policy rule for the new route. When you deploy a new application with a mapped TCP route in Cloud Foundry, the BIG-IP Controller automatically creates a BIG-IP virtual server, pool, and pool members for the new route.

See also

The Pivotal Cloud Foundry documentation provides instructions for adding an external load balancer to your Cloud Foundry deployment.

See Cloud Foundry’s Routes and Domains documentation for more information about how Gorouter creates and maps routes for applications.

BIG-IP Local Traffic Manager Services

You can apply existing BIG-IP health monitors, policies, profiles, and SSL profiles to the virtual server(s) and pools the BIG-IP Controller creates for HTTP routes (these configurations do not apply to objects managed for TCP routes). Likewise, you can select any BIG-IP load balancing mode (applies to both HTTP and TCP pools). Define the cf-bigip-ctlr configuration parameters in your Application Manifest.

Tip

You can apply additional BIG-IP configurations to achieve greater feature parity with Gorouter. For example, you can add ‘X_FORWARDED_PROTO: HTTP’ and ‘X_FORWARDED_PROTO: HTTPS’ headers using BIG-IP policies and profiles.

See Deploy the BIG-IP Controller for Cloud Foundry for instructions.