F5 Container Integrations v1.2

Current Page

Application Services Proxy

Cloud Foundry

Kubernetes

Mesos Marathon

OpenShift

Support

Troubleshooting

Tutorials

Cloud Docs Home > F5 Container Integrations Index

Deploy the BIG-IP Controller for Cloud Foundry

This document describes the steps required to deploy the BIG-IP Controller for Cloud Foundry in Cloud Foundry or Pivotal Cloud Foundry using an Application Manifest.

Before you begin

Create an Application Manifest

Create a new Application Manifest file defining the BIG-IP Controller for Cloud Foundry configuration parameters you want to apply for your cloud.

The bigip section of the example BIG-IP Controller manifest below does the following:

  • provides the IP address and user account credentials for the BIG-IP device;
  • defines the existing BIG-IP partition in which BIG-IP Controller should create objects;
  • sets the load balancing method for the virtual server to round-robin;
  • sets the interval at which the BIG-IP Controller attempts to verify BIG-IP settings;
  • assigns an external IP address to the virtual server;
  • assigns an existing BIG-IP traffic policy (/Common/bigip-traffic) to the virtual server; and
  • assigns an existing BIG-IP health monitor (/Common/tcp_half_open) to the virtual server.
Example App Manifest for cf-bigip-ctlr
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
applications:
  - name: cf-bigip-ctlr
    health-check-type: http
    health-check-http-endpoint: /health
    env:
      BIGIP_CTLR_CFG: |
                      bigip:
                        url: https://1.2.3.4
                        user: myUsername
                        pass: myPassword
                        partition:
                          - cf
                        balance: round-robin
                        verify_interval: 1000000
                        external_addr: 10.100.100.101
                        policies:
                          prerouting:
                            - /Common/bigip-traffic
                        health_monitors:
                          - /Common/tcp_half_open


                      status:
                        user: admin
                        pass: admin
                      nats:
                        - host: 10.100.100.25
                          port: 4222
                          user: nats
                          pass: "myNatsPassword"

                      logging:
                        file: /tmp/cf-bigip.ctlr.log
                        syslog: vcap.cf-bigip-ctlr
                        level: debug
                        loggregator_enabled: false
                        metron_address: "localhost:3457"

                      go_max_procs: -1
                      prune_stale_droplets_interval: 30s
                      droplet_stale_threshold: 120s
                      suspend_pruning_if_nats_unavailable: false

                      oauth:
                        token_endpoint: uaa.service.cf.internal
                        client_name: "gorouter"
                        client_secret: <myGoRouterSecret>
                        port: 8443
                        skip_ssl_validation: true
                        ca_certs:

                          #routing_api:
                          #uri: http://routing-api.service.cf.internal
                          #port: 3000
                          #auth_disabled: false

                      start_response_delay_interval: 20s

                      token_fetcher_max_retries: 3
                      token_fetcher_retry_interval: 5s
                      token_fetcher_expiration_buffer_time: 30

manifest.yaml

Tip

If you want to use “x-forwarded-for” and “x-forwarded-proto” headers, add a BIG-IP traffic policy for each before you launch the BIG-IP Controller app. Add the policies configuration parameter to the Application Manifest to assign the policies to the virtual server(s).

Push the BIG-IP Controller App to Cloud Foundry

Use the Cloud Foundry CLI cf push command to deploy the BIG-IP Controller App.

cf push -o https://hub.docker.com/r/f5networks/cf-bigip-ctlr/ -f manifest.yaml

Verify Creation of BIG-IP Objects

Policies

The BIG-IP Controller for Cloud Foundry turns Cloud Foundry route tables into BIG-IP Local Traffic policies. You should see a new policy on your BIG-IP device (there will be two if you’re using https), with a rule for each route in your Cloud Foundry deployment.

  1. Log in to the BIG-IP configuration utility at the management IP address (for example, https://10.190.25.228/xui).
  2. Choose the “cf” partition from the Partition dropdown menu.
  3. Go to Local Traffic ‣ Policies to view a list of all policies in the partition.

Pools

The BIG-IP Controller for Cloud Foundry also creates a pool and pool members for every route in your Cloud Foundry deployment.

You can use the BIG-IP configuration utility to verify that the pools and pool members exist.

  1. Log in to the BIG-IP configuration utility at the management IP address (for example, https://10.190.25.228/xui).
  2. Choose the “cf” partition from the Partition dropdown menu.
  3. Go to Local Traffic ‣ Pools to view a list of all pools in the partition.