Cloud Docs Home > F5 Container Integrations Index

F5 Container Integration - Marathon

This document provides general information regarding the F5 Integration for Marathon. Please refer to the guides below for deployment and usage instructions.

Overview

The BIG-IP Controller for Marathon (marathon-bigip-ctlr) configures BIG-IP objects for Applications in a Mesos cluster, serving North-South traffic. The BIG-IP Controller is a container-based Marathon Application that runs within the Marathon cluster. It configures the BIG-IP device as needed to handle traffic for Apps within the cluster. You can launch the BIG-IP Controller in Marathon via the Marathon REST API or the Marathon Web Interface [1].

Solution design: The Container Connector runs as an App within the cluster; it configures the BIG-IP device as needed to handle traffic for Apps in the cluster

The BIG-IP Controller watches the Marathon API for special “F5 Application Labels” that tell it:

  • what Marathon Application we want it to manage, and
  • what BIG-IP LTM objects we want to create for that specific Application.

When the BIG-IP Controller discovers new or updated Marathon Applications with the F5 Application Labels, it dynamically applies the desired settings to the BIG-IP device.

Diagram demonstrating how the BIG-IP Controller picks up configurations from F5 Application labels and applies the desired config to BIG-IP devices.

You can use the BIG-IP Controller to:

General Prerequisites

The F5 Container Integration for Mesos Marathon documentation set assumes that you:

  • already have a Mesos cluster running;
  • are familiar with the Marathon Web Interface ;
  • are comfortable using HTTP methods to make REST API calls;
  • already have a BIG-IP device licensed and provisioned for your requirements; and
  • are familiar with BIG-IP Local Traffic Manager (LTM) concepts and tmsh commands.
[1]Per the Marathon documentation, the Marathon Web Interface is no longer actively developed. Use the Marathon REST API to access the latest Marathon features.

Key Apache Mesos/Marathon Concepts

Application Labels

In Marathon, you can associate labels with Application tasks for tracking/reporting purposes. The custom “F5 Application Labels” notify the BIG-IP Controller that it has work to do. When the BIG-IP Controller discovers Applications with new or updated F5 Application Labels, it dynamically creates BIG-IP virtual servers, pools, pool members, and HTTP health monitors for each of the Application’s tasks.

See the marathon-bigip-ctlr reference documentation for the full list of F5 Application Labels.

Tip

You can download the code example used in the following sections and modify it to suit your environment.

f5-marathon-bigip-ctlr-example_pm_hc.json

iApps Application Labels

You can use the BIG-IP Controller to deploy BIG-IP iApps using a special set of customizable iApps Application Labels. The iApp you want to deploy must already exist on the BIG-IP device (can be in the /Common partition).

A few of the key iApp Application Labels depend on the iApp you want to deploy, as well as your environment and needs. See the marathon-bigip-ctlr reference documentation for more information about the Application labels required for iApp deployment.

Port Mapping

In Marathon, container-based applications using Docker BRIDGE mode must have port mappings configured. [2] For Applications proxied by the BIG-IP Controller, these port mappings make it possible for the BIG-IP device to route external traffic to service ports inside the Apache Mesos cluster. You can define multiple port mappings for a Marathon Application.

Most F5 Application Labels let you specify an index into the port mapping array, beginning at 0. These parameters include {n} in the label key; simply replace {n} with the port index to which you want the setting to apply.

For example:

The code sample below defines an Application with three (3) port indices.

Define an Application 3 port indices
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
// REMOVE ALL COMMENTS BEFORE USING
{
  "id": "server-app4",
  "cpus": 0.1,
  "mem": 16.0,
  "instances": 2,
  "container": {
    "type": "DOCKER",
    "docker": {
      "image": "docker-user/node-web-app",
      "network": "BRIDGE",
      "forcePullImage": false,
      "portMappings": [
        { "containerPort": 8088,
          "hostPort": 0,
          "protocol": "tcp" },
        { "containerPort": 8188,
          "hostPort": 0,
          "protocol": "tcp" },
        { "containerPort": 8288,
          "hostPort": 0,
          "protocol": "tcp" }
      ]
    }
  },

In the labels section, we specify that we want to create HTTP virtual servers on the BIG-IP device for port indices 0 and 1. In this example, 0 refers to the first mapping defined above ("containerPort": "8088") and 1 refers to the second ("containerPort": "8188").

BIG-IP Controller labels defining BIG-IP objects for two (2) port indices
26
27
28
29
30
31
32
33
34
35
36
37
38
  "labels": {
    "F5_PARTITION": "mesos",
    // Assigns an IP address to the BIG-IP front-end virtual server
    // Omit this label if creating pools without virtual servers (Not available in v1.0)
    "F5_0_BIND_ADDR": "10.190.25.240",
    "F5_0_MODE": "http",
    "F5_0_PORT": "8080",
    // Assigns an IP address to the BIG-IP front-end virtual server
    // Omit this label if creating pools without virtual servers (Not available in v1.0)
    "F5_1_BIND_ADDR": "10.190.25.242",
    "F5_1_MODE": "http",
    "F5_1_PORT": "8090"
  },
[2]See the Docker Networking documentation for more information.

Marathon Health Checks

The BIG-IP Controller provides compatibilty with existing Marathon Health Checks. For ports configured with Marathon health checks, the BIG-IP Controller:

  • creates corresponding BIG-IP health monitors;
  • checks the specified port’s health status before adding it to a BIG-IP pool. [3]

To continue the previous example:

Create health checks for each of the Application’s port indices
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
  "healthChecks": [
    {
      "protocol": "HTTP",
      "portIndex": 0,
      "path": "/",
      "gracePeriodSeconds": 5,
      "intervalSeconds": 20,
      "maxConsecutiveFailures": 3
    },
    {
      "protocol": "HTTP",
      "portIndex": 1,
      "path": "/",
      "gracePeriodSeconds": 5,
      "intervalSeconds": 20,
      "maxConsecutiveFailures": 3
    },
    {
      "protocol": "HTTP",
      "portIndex": 2,
      "path": "/",
      "gracePeriodSeconds": 5,
      "intervalSeconds": 20,
      "maxConsecutiveFailures": 3
    }
  ]
}
[3]Occurs when F5_CC_USE_HEALTHCHECK’s value is “True”.