F5 Container Integrations v1.1

Current Page

Application Services Proxy

Cloud Foundry

Kubernetes

Mesos Marathon

OpenShift

Support

Troubleshooting

Tutorials

Cloud Docs Home > F5 Container Integrations Index

Manage BIG-IP LTM objects in Marathon

The BIG-IP Controller for Marathon watches the Mesos/Marathon API for Applications with associated F5 Application Labels. These Application Labels define the BIG-IP LTM objects BIG-IP Controller creates/manages.

The example JSON blob shown below tells BIG-IP Controller to create one (1) virtual server - with one (1) health monitor and one (1) pool - in the /mesos partition on the BIG-IP device.

Example F5 Application Labels defining a BIG-IP virtual server
    "labels": {
      "F5_PARTITION": "mesos",
      "F5_0_MODE": "http",
      "F5_0_PORT": "8080"
    }
}

Create a BIG-IP virtual server for a Marathon Application

Note

The code samples below use the basic Hello Marathon App.

  1. Create a JSON file containing the App service definitions and F5 labels.

    Note

    This sample App definition shows labels that use the default port index (0).

    // REMOVE ALL COMMENTS FROM THIS FILE BEFORE USING
    {
        "id": "basic-0",
        "cmd": "while [ true ] ; do echo 'Hello Marathon' ; sleep 5 ; done",
        "cpus": 0.1,
        "mem": 10.0,
        "instances": 1,
        "labels": {
          // BIG-IP partition
          "F5_PARTITION": "mesos",
          // Assigns an IP address to the BIG-IP front-end virtual server
          // Omit this label if creating pools without virtual servers (Not available in v1.0)
          "F5_0_BIND_ADDR": "10.190.25.70",
          "F5_0_MODE": "http",
          "F5_0_PORT": "8080"
        }
    }
    

    hello-marathon-example.json

  2. Deploy the application in Marathon via the REST API using the JSON file.

    curl -X POST -H 'Content-Type: application/json' -H 'Accept: application/json' http://10.190.25.75:8080/v2/apps -d @hello-marathon-example.json
    
  3. Verify creation of the virtual server, pool, and member in the App’s BIG-IP partition via tmsh or the configuration utility.

    TMSH

    admin@(bigip)(cfg-sync Standalone)(Active)(/mesos)# tmsh show ltm virtual
    ------------------------------------------------------------------
    Ltm::Virtual Server: basic-0_8080
    ------------------------------------------------------------------
    Status
      Availability     : unknown
      State            : enabled
      Reason           : The children pool member(s) either don't have service checking enabled, or service check results are not available yet
      CMP              : enabled
      CMP Mode         : all-cpus
      Destination      : 10.190.25.70:8080
    ...
    

Tip

In the above example, the “Availability” is “unknown” because there are no health monitors associated with the virtual server. When you add health checks to the App in Marathon, the BIG-IP Controller creates corresponding BIG-IP health monitors.

Update a BIG-IP front-end virtual server

  1. Edit the Application’s JSON service definition.

  2. Send the updated file to the Marathon API server.

    user@mesos-master:~$ curl -X PUT http://10.190.25.75:8080/v2/apps/basic-0 -d @hello-marathon-example.json -H "Content-type: application/json"
    {"version":"2017-02-21T21:48:12.755Z","deploymentId":"02529d16-258b-41d4-ba06-9765c4d1f8d3"}
    
  3. Verify your changes on the BIG-IP via tmsh or the configuration utility.

    TMSH

    tmsh show ltm virtual

Delete BIG-IP LTM objects

  1. Remove the F5 Application Labels from the Application’s service definition.

  2. Send the updated Application to the Marathon API server.

    user@mesos-master:~$ curl -X PUT http://10.190.25.75:8080/v2/apps/basic-0 -d @hello-marathon-example.json -H "Content-type: application/json"
    {"version":"2017-02-21T21:58:11.111Z","deploymentId":"8bdf03d2-8568-46b3-a5a3-61cc397185a1"}
    
  3. Verify the BIG-IP LTM object(s) no longer exist.

    admin@(bigip)(cfg-sync Standalone)(Active)(/mesos)(tmos)$ show ltm virtual
    admin@(bigip)(cfg-sync Standalone)(Active)(/mesos)(tmos)$
    

Use IPAM to assign IP addresses to BIG-IP virtual servers

The BIG-IP Controller for Marathon has a built-in hook that allows you to integrate an IPAM system using a custom plugin. The basic elements required are:

  1. Add the F5 application labels for unattached pools to the App definition. The BIG-IP Controller for Marathon creates a BIG-IP pool that isn’t attached to a virtual server.
  2. Set your IPAM system to add the F5_{n}_BIND_ADDR label and IP address to the Application definition. This tells the BIG-IP Controller for Marathon to create a BIG-IP virtual server with the designated IP address and attach the pool to it.

Connectivity for down or replaced Applications

If you need to take down a Marathon Application temporarily and want to keep the associated BIG-IP LTM objects, keep the F5 Application Labels in the application’s service definition. The BIG-IP Controller will continue to manage the associated BIG-IP LTM objects when the App comes back up. If you deploy a new App with the same name as the one you took down, the BIG-IP Controller associates the existing BIG-IP LTM objects with the new Service.

If you take down an Application and want to remove its corresponding BIG-IP LTM objects, delete the F5 Application Labels from its service definition.

Manage pools without virtual servers

The BIG-IP Controller for Marathon can create and manage BIG-IP Local Traffic Manager (LTM) pools that aren’t attached to a front-end BIG-IP virtual server (also referred to as “unattached pools”). When you create unattached pools, the BIG-IP Controller for Marathon applies the following naming convention to BIG-IP pool members: <application-name>_<F5_{n}_PORT>. For example, pool-only-0_8080.

Important

Your BIG-IP device must have a virtual server with an iRule, or a local traffic policy, that can direct traffic to the unattached pool. After creating an unattached pool, add its member(s) to the iRule or traffic policy to ensure proper handling of client connections to your back-end applications.

Create a pool without a virtual server

  1. Create a JSON file containing the App service definitions and F5 application labels, without the F5_{n}_BIND_ADDR application label.

    Note

    This sample App definition uses the default port index (0).

    // REMOVE ALL COMMENTS FROM THIS FILE BEFORE USING
    {
        "id": "pool-only-0",
        "cmd": "while [ true ] ; do echo 'Hello Marathon' ; sleep 5 ; done",
        "cpus": 0.1,
        "mem": 10.0,
        "instances": 1,
        "labels": {
          // BIG-IP partition
          "F5_PARTITION": "mesos",
          "F5_0_MODE": "http",
          "F5_0_PORT": "8080"
        }
    }
    

    hello-marathon-pool-only-example.json

  2. Deploy the application in Marathon via the REST API.

    curl -X POST -H 'Content-Type: application/json' -H 'Accept: application/json' http://10.190.25.75:8080/v2/apps -d @hello-marathon-pool-only-example.json
    

Attach a pool to a virtual server

  1. Add the the F5_{n}_BIND_ADDR label to the Application’s JSON service definition using the Marathon Web Interface.

    • Applications ‣ <App name> ‣ Configuration ‣ Edit ‣ Labels
    • Click the plus sign (+).
    • Add F5_{n}_BIND_ADDR and the desired IP address.
    • Click Change and deploy configuration.
  2. Use the BIG-IP configuration utility to verify the pool attached to the virtual server.

    Local Traffic ‣ Virtual Servers

Tip

You can use an IPAM system to populate the F5_{n}_BIND_ADDR label automatically.

Delete an unattached pool

  1. Remove the F5 Application Labels from the Application’s service definition using the Marathon Web Interface.

    • Applications ‣ <App name> ‣ Configuration ‣ Edit ‣ Labels
    • Click the minus sign (-) next to each F5 App Label.
    • Click Change and deploy configuration.
  2. Use the BIG-IP configuration utility to verify deletion of the pool.

    Local Traffic ‣ Pools

Detach a pool from a virtual server

If you want to delete a front-end BIG-IP virtual server, but keep its associated pool(s)/pool member(s):

  1. Remove the F5_{n}_BIND_ADDR label from the App’s service definition using the Marathon Web Interface.

    • Applications ‣ <App name> ‣ Configuration ‣ Edit ‣ Labels
    • Click the minus sign (-) next to F5_{n}_BIND_ADDR.
    • Click Change and deploy configuration.
  2. Use the BIG-IP configuration utility to verify the virtual server no longer exists.

    Local Traffic ‣ Virtual Servers