BIG-IP Next Central Manager Sizing Guidelines¶
Overview¶
This document details the supported scale limits for F5® BIG-IP® Next™ Central Manager (BIG-IP Next Central Manager) and its high availability setup with three nodes for the 20.3.0 release, considering both standard and large images across various configurations and usage dimensions. Due to the extensive range of services supported by Central Manager and the diverse customer configurations, F5 cannot test all possible combinations. The information provided here offers guidance on maximum numbers and averages that customers can anticipate in their environment. These figures should serve as a starting point for customers to conduct their own sizing exercises and tailor them to their specific configuration and workload. It’s important to note that in addition to Central Manager product performance, scale limits are influenced by factors beyond F5 control, such as host CPU speed, memory, networking, storage performance, infrastructure being dedicated or shared, virtualization software, and more. As a result, the scale limits experienced in a customer environment may vary significantly. Also, work with your F5 representative before enabling and using any system in a production environment.
BIG-IP Next Central Manager Image options¶
BIG-IP Next Central Manager is available in two image options: Standard and Large.
Standard Image: Recommended for environments with fewer applications and lower throughput requirements. See Standard image BIG-IP Next Central Manager specific objects.
Large Image: Recommended for environments with a higher number of applications and greater throughput needs. See Large image BIG-IP Next Central Manager specific objects.
BIG-IP Next Central Manager Latency requirement¶
The network latency between the BIG-IP Next Central Manager High Availability (HA) nodes should not exceed 200 milliseconds.
Standalone Setup¶
Device | Version |
---|---|
BIG-IP Next Central Manager | BIG-IP-Next-CentralManager-20.3.0-0.16.18 |
BIG-IP Next | BIG-IP-Next-20.3.0-0.16.18 |
High Availability (HA) Setup¶
Device | Version |
---|---|
BIG-IP Next Central Manager | BIG-IP-Next-CentralManager-20.3.0-0.16.18 |
BIG-IP Next | BIG-IP-Next-20.3.0-0.16.18 |
Scale Test on BIG-IP Next Central Manager and BIG-IP Next versions: Standard Image¶
The following section details the supported scale limits for BIG-IP Next Central Manager with the standard image for the BIG-IP-Next-CentralManager-20.3.0 release across various configurations and usage scenarios.
BIG-IP Next Central Manager and BIG-IP Next Hardware configuration¶
BIG-IP Next Central Manager and BIG-IP Next comes with the following hardware configuration for standard image:
Component | vCPUs | RAM | Disk space | Image |
---|---|---|---|---|
BIG-IP Next Central Manager | 8 | 16 GB | 350 GB | Standard |
BIG-IP Next | 4 | 8 GB | 80 GB | Standard |
Scale guidance configuration for Standard image BIG-IP Next Central Manager specific objects¶
Modules | Metrics | Max number of devices discovered in CM Standalone (1 node) | Max number of devices discovered in CM High Availability (3 nodes) |
---|---|---|---|
No. of Instances | 100 | 100 | |
No. of Concurrent Sessions1 | 4 | 4 | |
LTM | LTM apps2 | 10000 | 15000 |
No. of Pools | 20000 | 30000 | |
No. of Pool Members / End Points | 20000 | 30000 | |
No. of iRules supported | 10000 | 15000 | |
No. of Certificates | 10000 | 15000 | |
Max LTM apps (max per instance) | 1000 | 1000 | |
WAF | WAF apps2 | 1000 | 1000 |
No. of WAF Policies - non-rating | 500 | 500 | |
No. of WAF Policies - rating | 500 | 500 | |
No. of WAF Policies - non-rating (max per instance) | 500 | 500 | |
No. of WAF Policies - rating (max per instance) | 500 | 500 | |
WAF Events peak throughput | 1150 events/seconds | 900 events/second | |
WAF Logs | 7 million | 7 million | |
Access | Access apps2 | 1000 | 1000 |
Max access sessions (per instance) | 800 | 1000 | |
SSLO | SSLO apps2 | 1000 | 1000 |
Layer3 inspection services (per instance) | 10 | 10 | |
SSLO service chains with inspection 2+ services assigned (per instance) | 10 | 10 | |
SSLO policies with 30+ rules and 10 service chains (per instance) | 20 | 20 | |
Max SSLO apps (per instance) | 1000 | 1000 | |
Retention | WAF Analytics3 | 24 days | 24 days |
WAF Events4 | 15 hrs | 15 hrs | |
Server error Analytics5 | 20 min | 20 min | |
Rate of data injection (average)6 | 500 events/sec per instance | 383 events/sec per instance |
Table Notes:¶
Number of Concurrent Sessions: The user is simultaneously deploying apps, invoking APIs for app listings, WAF policy listings, and other use cases.
The applications (LTM, WAF, Access, SSLO) are evenly distributed across all BIG-IP Next instances discovered by BIG-IP Next Central Manager.
WAF Analytics: The retention of the WAF Analytics index is based on the deployed applications and is estimated accordingly.
WAF Events: The retention of the WAF-events index is determined by the events generated per second during the traffic tests.
Server Error Analytics: According to the retention policy, the server-error-analytics index roll over every 10 minutes with two index shards. It is designed to retain 20 minutes of data.
Rate of data injection: The data injection rate refers to the number of events generated by applications deployed on an instance per unit of time.
Scale Testing on BIG-IP Next Central Manager and BIG-IP Next: Large Image¶
The following section outlines the supported scale limits for BIG-IP Next Central Manager with the large image for the BIG-IP-Next-CentralManager-20.3.0 release across various configurations and usage scenarios.
BIG-IP Next Central Manager and BIG-IP-Next Hardware configuration:¶
BIG-IP Next Central Manager and BIG-IP Next comes with the following hardware configuration for large image:
Component | vCPUs | RAM | Disk space | Image |
---|---|---|---|---|
BIG-IP Next Central Manager | 16 | 64 GB | 1 TB | Large |
BIG-IP Next | 8 | 16 GB | 180 GB | Large |
Scale guidance configuration for Large image BIG-IP Next Central Manager specific objects¶
Modules | Metrics | Max number of devices discovered in CM Standalone (1 node) | Max number of devices discovered in CM High Availability (3 nodes) |
---|---|---|---|
No. of Instances | 100 | 100 | |
No. of Concurrent Sessions1 | 6 | 6 | |
LTM | LTM apps2 | 25000 | 37500 |
No. of Pools | 50000 | 75000 | |
No. of Pool Members / End Points | 50000 | 75000 | |
No. of iRules supported | 25000 | 37500 | |
No. of Certificates | 25000 | 37500 | |
Max LTM apps (max per instance) | 1000 | 1000 | |
WAF | WAF apps2 | 2500 | 2500 |
No. of WAF Policies - non-rating | 1250 | 1250 | |
No. of WAF Policies - rating | 1250 | 1250 | |
No. of WAF Policies - non-rating (max per instance) | 500 | 500 | |
No. of WAF Policies - rating (max per instance) | 500 | 500 | |
WAF Events peak throughput | 2875 events/seconds | 2250 events/second | |
WAF Logs | 30 million | 30 million | |
Access | Access apps2 | 2500 | 2500 |
Max access sessions (per instance) | 800 | 800 | |
SSLO | SSLO apps2 | 2500 | 2500 |
Layer3 inspection services (per instance) | 10 | 10 | |
SSLO service chains with inspection 2+ services assigned (per instance) | 10 | 10 | |
SSLO policies with 30+ rules and 10 service chains (per instance) | 20 | 20 | |
Max SSLO apps (per instance) | 1000 | 1000 | |
Retention | WAF Analytics3 | 90 days | 90 days |
WAF Events4 | 90 hrs | 90 hrs | |
Server error Analytics5 | 20 min | 20 min | |
Rate of data injection (average)6 | 1250 events/sec per instance | 1000 events/sec per instance |
Table Notes:¶
Number of Concurrent Sessions: The user is simultaneously deploying apps, invoking APIs for app listings, WAF policy listings, and other use cases.
The applications (LTM, WAF, Access, SSLO) are evenly distributed across all BIG-IP Next instances discovered by BIG-IP Next Central Manager.
WAF Analytics: The retention of the WAF Analytics index is based on the deployed applications and is estimated accordingly.
WAF Events: The retention of the WAF-events index is determined by the events generated per second during the traffic tests.
Server Error Analytics: According to the retention policy, the server-error-analytics index roll over every 10 minutes with two index shards. It is designed to retain 20 minutes of data.
Rate of data injection: The data injection rate refers to the number of events generated by applications deployed on an instance per unit of time.
The table below describes the types of metrics/events stored in the indices.
Index | Type of Metrics/Events |
---|---|
WAF events | All WAF traffic events |
Server Error Analytics | Endpoint responses |
WAF Analytics | WAF events aggregations (blocked, legal, alarmed, dropped etc.). |