Example Declarations

Advanced Routing: Multiple Route Tables, Routes, Nexthops and Subscriptions

The following examples leverage the object called “routeGroupDefintions” (released in v1.5.0) to support advanced routing scenarios. NOTE: In AWS and Azure, routeGroupDefintions translates to route tables. GCP does not have the concept of route tables so it translates to groups or collections of routes. Advanced routing examples include operating in shared services and/or sandwich architectures with multiple BIG-IP clusters (which may share networks) that require per-route table granularity.

AWS Advanced Routing

AWS Advanced Routing
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
{
  "class":"Cloud_Failover",
  "environment":"aws",
  "controls":{
     "class":"Controls",
     "logLevel":"silly"
  },
  "externalStorage":{
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverAddresses":{
     "enabled":true,
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverRoutes":{
     "enabled":true,
     "routeGroupDefinitions":[
        {
           "scopingName":"rtb-11111111111111111",
           "scopingAddressRanges":[
              {
                 "range":"100.100.101.0/29"
              },
              {
                 "range":"100.100.102.0/29"
              }
           ],
           "defaultNextHopAddresses":{
              "discoveryType":"static",
              "items":[
                 "10.0.12.11",
                 "10.0.22.11"
              ]
           }
        },
        {
           "scopingName":"rtb-22222222222222222",
           "scopingAddressRanges":[
              {
                 "range":"0.0.0.0/0"
              }
           ],
           "defaultNextHopAddresses":{
              "discoveryType":"static",
              "items":[
                 "10.0.13.11",
                 "10.0.23.11"
              ]
           }
        }
     ]
  }
}

awsMultipleRoutingTables.json

GCP Advanced Routing

GCP Advanced Routing
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
{
    "class":"Cloud_Failover",
    "environment":"gcp",
    "controls":{
       "class":"Controls",
       "logLevel":"silly"
    },
    "externalStorage":{
       "scopingTags":{
          "f5_cloud_failover_label":"mydeployment"
       }
    },
    "failoverAddresses":{
       "enabled":true,
       "scopingTags":{
          "f5_cloud_failover_label":"mydeployment"
       }
    },
    "failoverRoutes":{
       "enabled":true,
       "routeGroupDefinitions":[
          {
             "scopingName":"default-route-for-applications",
             "defaultNextHopAddresses":{
                "discoveryType":"static",
                "items":[
                   "10.0.13.11",
                   "10.0.13.12"
                ]
             }
          },
          {
             "scopingName":"route-name-2",
             "defaultNextHopAddresses":{
                "discoveryType":"static",
                "items":[
                   "10.0.14.11",
                   "10.0.14.12"
                ]
             }
          }
       ]
    }
 }

gcpMultipleRoutingTables.json

Azure Advanced Routing

Azure Advanced Routing
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
{
  "class":"Cloud_Failover",
  "environment":"azure",
  "controls":{
     "class":"Controls",
     "logLevel":"silly"
  },
  "externalStorage":{
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverAddresses":{
     "enabled":true,
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverRoutes":{
     "enabled":true,
     "defaultResourceLocations":[
        {
           "subscriptionId":"1111"
        },
        {
           "subscriptionId":"2222"
        }
     ],
     "routeGroupDefinitions":[
        {
           "scopingName":"myroutetable-1",
           "scopingAddressRanges":[
              {
                 "range":"100.100.101.0/29"
              },
              {
                 "range":"100.100.102.0/29"
              }
           ],
           "defaultNextHopAddresses":{
              "discoveryType":"static",
              "items":[
                 "10.0.12.11",
                 "10.0.12.12"
              ]
           }
        },
        {
           "scopingName":"myroutetable-2",
           "scopingAddressRanges":[
              {
                 "range":"0.0.0.0/0"
              }
           ],
           "defaultNextHopAddresses":{
              "discoveryType":"static",
              "items":[
                 "10.0.13.11",
                 "10.0.13.12"
              ]
           }
        }
     ]
  }
}

azureMultipleRoutingTables.json

Route Failover Using Route Tags

For backwards compatability, you can use tags on the route tables to discover them and provide nexthop Self-IP address mappings. For example, the route table will need two tags, one with the scoping tag (arbitrary key/value) and one with the special key f5_self_ips and value value that contains a comma-separated list of addresses mapping to a Self-IP address on each instance in the cluster.

  • "f5_cloud_failover_label": "route-table-1"
  • "f5_self_ips": "10.0.0.10,10.0.0.11"

Once the route table is tagged with above, the below declaration shows how to configure the solution to look for those tags and nexthop Self-IP address mappings.

Note

You do not need to add the additional tag with the nexthop Self-IP address mapping if you use the static option for discoveryType in the CFE declaration. Instead, you will list the nexthop addresses within the declaration. See the Failover Routes section for more information.

Route Failover using Route Tags
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
{
  "class":"Cloud_Failover",
  "environment":"aws",
  "externalStorage":{
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverAddresses":{
     "enabled":true,
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverRoutes":{
     "enabled":true,
     "routeGroupDefinitions":[
        {
           "scopingTags":{
              "f5_cloud_failover_label":"DMZ-RouteTable"
           },
           "scopingAddressRanges":[
              {
                 "range":"192.168.1.0/24"
              },
              {
                 "range":"192.168.1.1/24"
              }
           ],
           "defaultNextHopAddresses":{
              "discoveryType":"routeTag"
           }
        },
        {
           "scopingTags":{
              "f5_cloud_failover_label":"Internal-RouteTable"
           },
           "scopingAddressRanges":[
              {
                 "range":"0.0.0.0/0"
              }
           ],
           "defaultNextHopAddresses":{
              "discoveryType":"routeTag"
           }
        }
     ]
  }
}

advancedRouteDefinitionsTags.json

Multiple Next Hop addresses

This example shows a declaration for Route Failover for Multiple Route Tables and routes pointing at different BIG-IP interfaces/Self-IP nexthops. In the example below, two route tables are tagged with the same tag (f5_cloud_failover_label":"mydeployment) to provide scoping for the deployment (BIG-IP instance or cluster) but the different Self-IP nexthop mappings are provided explicitly in the declaration (vs. with a f5_self_ips tag).

Note

F5 Recommends using the newer routeGroupDefinitions object instead. See Advanced Routing: Multiple Route Tables, Routes, Nexthops and Subscriptions.

Multiple Next Hop Addresses
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
{
  "class":"Cloud_Failover",
  "environment":"aws",
  "externalStorage":{
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverAddresses":{
     "enabled":true,
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverRoutes":{
     "enabled":true,
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     },
     "scopingAddressRanges":[
        {
           "range":"192.168.11.0/24",
           "nextHopAddresses":{
              "discoveryType":"static",
              "items":[
                 "192.0.1.12",
                 "192.0.1.13"
              ]
           }
        },
        {
           "range":"192.168.12.0/24",
           "nextHopAddresses":{
              "discoveryType":"static",
              "items":[
                 "192.0.2.12",
                 "192.0.2.13"
              ]
           }
        }
     ]
  }
}

multipleNextHopAddresses.json

AWS IPv6 Route Failover

This example shows a declaration for IPv6 routes.

AWS IPv6 Route Failover
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
{
  "class":"Cloud_Failover",
  "environment":"aws",
  "controls":{
     "class":"Controls",
     "logLevel":"silly"
  },
  "externalStorage":{
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverAddresses":{
     "enabled":true,
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverRoutes":{
     "enabled":true,
     "routeGroupDefinitions":[
        {
           "scopingName":"myroutetable-1",
           "scopingAddressRanges":[
              {
                 "range":"0.0.0.0/0"
              },
              {
                 "range":"2001:db8:2:2::/64"
              }
           ],
           "defaultNextHopAddresses":{
              "discoveryType":"static",
              "items":[
                 "10.0.13.11",
                 "10.0.23.11",
                 "2600:1f13:12f:a803:5d15:e0e:1af9:8221",
                 "2600:1f13:12f:a804:5d15:e0e:1af9:8222"
              ]
           }
        }
     ]
  }
}

ipv6RouteFailover.json

Azure Route Tables in Multiple Subscriptions

This example shows a BIG-IP cluster managing route tables in multiple subscriptions. The identity (MSI) assigned to each BIG-IP instance must have appropriate access to the additional subscriptions, see Create and assign a Managed Service Identity (MSI) for more details.

Note

By default, the cloud failover extension looks in the subscription in which the instances are deployed. The example below looks in three different subscriptions, the one the instances are deployed in as well as 1111 and 2222.

Azure Route Tables in Multiple Subscriptions
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
{
    "class":"Cloud_Failover",
    "environment":"azure",
    "externalStorage":{
       "scopingTags":{
          "f5_cloud_failover_label":"mydeployment"
       }
    },
    "failoverAddresses":{
       "enabled":true,
       "scopingTags":{
          "f5_cloud_failover_label":"mydeployment"
       }
    },
    "failoverRoutes":{
       "enabled":true,
       "scopingTags":{
          "f5_cloud_failover_label":"mydeployment"
       },
       "scopingAddressRanges":[
          {
             "range":"192.168.1.0/24"
          }
       ],
       "defaultNextHopAddresses":{
          "discoveryType":"static",
          "items":[
             "192.0.2.10",
             "192.0.2.11"
          ]
       },
       "defaultResourceLocations":[
          {
             "subscriptionId":"1111"
          },
          {
             "subscriptionId":"2222"
          }
       ]
    }
 }

azureRouteTablesInMutipleSubscriptions.json

Example Declaration Setting the Log Level

You set the log level in the controls class. To see more information about editing the controls class, see Logging.

Setting the Log Level
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
{
  "class":"Cloud_Failover",
  "environment":"aws",
  "controls":{
     "class":"Controls",
     "logLevel":"silly"
  },
  "externalStorage":{
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  },
  "failoverAddresses":{
     "enabled":true,
     "scopingTags":{
        "f5_cloud_failover_label":"mydeployment"
     }
  }
}

settingLogLevel.json


Note

To provide feedback on Cloud Failover Extension or this documentation, you can file a GitHub Issue.