F5 Container Integrations v2.0

Current Page

Cloud Foundry

Kubernetes / OpenShift

Mesos Marathon

Support

Troubleshooting

Tutorials

Cloud Docs Home > F5 Container Integrations Index

Deploy the BIG-IP Controller for Cloud Foundry

Complete the steps provided below to deploy the BIG-IP Controller for Cloud Foundry in Cloud Foundry or Pivotal Cloud Foundry using an Application Manifest.

Before you begin

Create an application manifest

Create a new Application Manifest file defining the cf-bigip-ctlr configuration parameters you want to apply for your cloud.

The bigip section of the example BIG-IP Controller manifest below does the following:

  • provides the IP address and user account credentials for the BIG-IP device;
  • defines the existing BIG-IP partition in which BIG-IP Controller should create objects;
  • sets the load balancing method desired for all pools created by the BIG-IP Controller;
  • sets the interval at which the BIG-IP Controller attempts to verify BIG-IP settings; and
  • assigns an external IP address to the virtual server.

Note

  • To support L7 (HTTP) routing, you must include the nats section in the Controller manifest.
  • To support L4 (TCP) routing, you must define the following sections:
    • routing_api (REQUIRED)
    • oauth (REQUIRED)
    • route_mode (OPTIONAL)

See the cf-bigip-ctlr configuration parameters table for more information.

Example App Manifest for cf-bigip-ctlr
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
applications:
  - name: cf-bigip-ctlr
    health-check-type: http
    health-check-http-endpoint: /health
    env:
      BIGIP_CTLR_CFG: |
                      bigip:
                        url: https://1.2.3.4
                        user: <myUsername>
                        pass: <myPassword>
                        partition:
                          - cf
                        balance: round-robin
                        verify_interval: 30
                        external_addr: 10.100.100.101

                      route_mode: all

                      nats:
                        - host: 10.100.100.25
                          port: 4222
                          user: <myNatsUser>
                          pass: <myNatsPassword>

                      logging:
                        level: info

                      oauth:
                        token_endpoint: uaa.system.cf.local
                        client_name: <myAdminUser>
                        client_secret: <myAdminSecret>
                        port: 443
                        skip_ssl_validation: true

                      routing_api:
                        uri: http://api.system.cf.local
                        port: 80
                      auth_disabled: false

manifest.yaml

Tip

If you want to use the “x-forwarded-for” and “x-forwarded-proto” headers, take the steps below before you launch the BIG-IP Controller app:

  1. Add a BIG-IP profile with “x-forwarded-for” enabled.
  2. Add a BIG-IP traffic policy to set the “x-forwarded-proto” header.
  3. Add these objects to the Application Manifest using the profiles and policies configuration parameters, respectively.

Push the BIG-IP Controller app to Cloud Foundry

Use the Cloud Foundry CLI cf push command to deploy the BIG-IP Controller App.

cf push -o f5networks/cf-bigip-ctlr -f manifest.yaml

Verify creation of BIG-IP objects

Virtual Servers

The BIG-IP Controller for Cloud Foundry creates and manages BIG-IP virtual servers. You should see one (1) virtual server per TCP route configured in your Cloud Foundry deployment. You should also have at least one (1) virtual server handling unencrypted HTTP traffic on port 80. If the configuration manifest contains an SSL profile, the Controller creates another L7 virtual server on port 443.

  1. Log in to the BIG-IP configuration utility at the management IP address (for example, https://10.90.25.228/xui).
  2. Choose the configured partition (“cf” in our examples) from the Partition dropdown menu.
  3. Go to Local Traffic ‣ Virtual Servers to view the virtual server(s) created in the partition.

Policies

The BIG-IP Controller for Cloud Foundry turns Cloud Foundry route tables into BIG-IP Local Traffic policies. You should see a new policy on your BIG-IP device, with a rule for each route in your Cloud Foundry deployment.

  1. Log in to the BIG-IP configuration utility at the management IP address (for example, https://10.190.25.228/xui).
  2. Choose the configured partition (“cf” in our examples) from the Partition dropdown menu.
  3. Go to Local Traffic ‣ Policies to view a list of all policies in the partition.

Pools

The BIG-IP Controller for Cloud Foundry also creates a pool and pool members for every route in your Cloud Foundry deployment.

You can use the BIG-IP configuration utility to verify that the pools and pool members exist.

  1. Log in to the BIG-IP configuration utility at the management IP address (for example, https://10.190.25.228/xui).
  2. Choose the configured partition (“cf” in our examples) from the Partition dropdown menu.
  3. Go to Local Traffic ‣ Pools to view a list of all pools in the partition.