Clustering Examples

This section contains examples for clustering BIG-IP devices.

Clustered declaration

The following is an example declaration that onboards a clustered BIG-IP system. See Clustering for specific details on this example.

{
    "schemaVersion": "1.0.0",
    "class": "Device",
    "async": true,
    "label": "Onboard BIG-IP into an HA Pair",
    "Common": {
        "class": "Tenant",
        "hostname": "bigip1.example.com",
        "myLicense": {
            "class": "License",
            "licenseType": "regKey",
            "regKey": "AAAAA-BBBBB-CCCCC-DDDDD-EEEEEEE"
        },
        "myDns": {
            "class": "DNS",
            "nameServers": [
                "8.8.8.8",
                "2001:4860:4860::8844"
            ],
            "search": [
                "f5.com"
            ]
        },
        "myNtp": {
            "class": "NTP",
            "servers": [
                "0.pool.ntp.org",
                "1.pool.ntp.org",
                "2.pool.ntp.org"
            ],
            "timezone": "UTC"
        },
        "root": {
            "class": "User",
            "userType": "root",
            "oldPassword": "foo",
            "newPassword": "bar"
        },
        "admin": {
            "class": "User",
            "userType": "regular",
            "password": "asdfjkl",
            "shell": "bash"
        },
        "anotherUser": {
            "class": "User",
            "userType": "regular",
            "password": "foobar",
            "partitionAccess": {
                "Common": {
                    "role": "guest"
                }
            }
        },
        "myProvisioning": {
            "class": "Provision",
            "ltm": "nominal"
        },
        "internal": {
            "class": "VLAN",
            "tag": 4093,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.2",
                    "tagged": false
                }
            ]
        },
        "internal-self": {
            "class": "SelfIp",
            "address": "10.10.0.100/24",
            "vlan": "internal",
            "allowService": "default",
            "trafficGroup": "traffic-group-local-only"
        },
        "external": {
            "class": "VLAN",
            "tag": 4094,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": false
                }
            ]
        },
        "external-localself": {
            "class": "SelfIp",
            "address": "10.20.0.100/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-local-only"
        },
        "external-self": {
            "class": "SelfIp",
            "address": "10.20.0.200/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-1"
        },
        "default": {
            "class": "Route",
            "gw": "10.10.0.1",
            "network": "default",
            "mtu": 1500
        },
        "configsync": {
            "class": "ConfigSync",
            "configsyncIp": "/Common/internal-self/address"
        },
        "failoverAddress": {
            "class": "FailoverUnicast",
            "address": "/Common/internal-self/address"
        },
        "failoverGroup": {
            "class": "DeviceGroup",
            "type": "sync-failover",
            "members": [
                "bigip1.example.com",
                "bigip2.example.com"
            ],
            "owner": "/Common/failoverGroup/members/0",
            "autoSync": true,
            "saveOnAutoSync": false,
            "networkFailover": true,
            "fullLoadOnSync": false,
            "asmSync": false
        },
        "trust": {
            "class": "DeviceTrust",
            "localUsername": "admin",
            "localPassword": "pass1word",
            "remoteHost": "/Common/failoverGroup/members/0",
            "remoteUsername": "admin",
            "remotePassword": "pass2word"
        }
    }
}

Back to top


Clustered declaration with IP addresses for Device Group owner and members

The following is an example declaration that onboards a clustered BIG-IP system, but shows how you can use an IP address for the Device Group members and owner.

See Device Group class for more information.

{
    "class": "Device",
    "schemaVersion": "1.0.0",
    "async": true,
    "label": "BIG-IP declaration for declarative onboarding",
    "Common": {
        "class": "Tenant",
        "hostname": "do.example.1",
        "configSync": {
            "class": "ConfigSync",
            "configsyncIp": "10.0.0.1"
        },
        "failoverAddress": {
            "class": "FailoverUnicast",
            "address": "10.0.0.1"
        },
        "trust": {
            "class": "DeviceTrust",
            "localUsername": "exampleUsername",
            "localPassword": "examplePassword",
            "remoteHost": "10.0.0.1",
            "remoteUsername": "exampleUsername",
            "remotePassword": "examplePassword"
        },
        "failoverGroup": {
            "class": "DeviceGroup",
            "type": "sync-failover",
            "members": [
                "10.0.0.1",
                "10.0.0.2"
            ],
            "owner": "/Common/failoverGroup/members/0",
            "autoSync": true,
            "saveOnAutoSync": false,
            "networkFailover": false,
            "fullLoadOnSync": false,
            "asmSync": false
        }
    }
}

Back to top


Configuring multiple failover unicast addresses

This example shows how to specify multiple failover unicast addresses using Declarative Onboarding 1.15 and later. The unicast addresses you specify are the main address that other devices in the device group use to communicate continually with the local device to assess the health of that device. For more information on failover on the BIG-IP, see Failover documentation.

For additional information, see Failover Unicast class on the Clustering page. See FailoverUnicast in the Schema Reference for DO usage and options.

To use this feature:

  • The failover unicast addresses must be pointing at IP addresses on the BIG-IP system (Self IP addresses)
  • Self IPs require a VLAN. Some systems, such as 1 NIC BIG-IP systems, are not able to have multiple VLANs. Check the device on which you are deploying a declaration using this feature.

In the following example, the declaration creates a VLAN, that is then used by 2 external Self IP addresses, and then updates the device with two Failover Unicast addresses.

{
    "schemaVersion": "1.15.0",
    "class": "Device",
    "label": "Configuring System",
    "Common": {
        "class": "Tenant",
        "failoverUnicastMgmt": {
            "class": "FailoverUnicast",
            "addressPorts": [
                {
                    "address": "10.0.0.0",
                    "port": 356
                },
                {
                    "address": "10.1.1.0"
                }
            ]
        },
        "external": {
            "class": "VLAN",
            "tag": 4094,
            "mtu": 1500,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": true
                }
            ],
            "cmpHash": "src-ip"
        },
        "external-self": {
            "class": "SelfIp",
            "address": "10.0.0.0/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-local-only"
        },
        "external-self2": {
            "class": "SelfIp",
            "address": "10.1.1.0/24",
            "vlan": "external",
            "allowService": "none",
            "trafficGroup": "traffic-group-local-only"
        }
    }
}

Back to top


Configuring connection and persistence mirroring

This example shows how you can include connection and persistence mirroring information in a Declarative Onboarding declaration.

The connection and persistence mirroring feature allows you to configure BIG-IP systems in a high availability (HA) configuration to duplicate connection and persistence information to peer members of the BIG-IP device group. This feature provides higher reliability but may affect system performance. For more information, see the Overview of connection and persistence mirroring article on AskF5.

See MirrorIp in the Schema Reference for DO usage and options. Also see MirrorIp class on the Clustering page.

{
    "schemaVersion": "1.16.0",
    "class": "Device",
    "async": true,
    "Common": {
        "class": "Tenant",
        "hostname": "bigip.example.com",
        "newVlan": {
            "class": "VLAN",
            "tag": 100,
            "interfaces": [
                {
                    "name": "1.1",
                    "tagged": true
                }
            ]
        },
        "newSelfIp": {
            "class": "SelfIp",
            "address": "10.1.0.20/0",
            "vlan": "newVlan"
        },
        "myMirror": {
            "class": "MirrorIp",
            "primaryIp": "10.1.0.20",
            "secondaryIp": "any6"
        }
    }
}

Back to top


Configuring Failover Multicast settings

This example shows how you can configure Failover Multicast settings in a Declarative Onboarding declaration using the FailoverMulticast class introduced in DO 1.17. When you use this class, the system sends multicast messages associated with failover on the interface, address, and port you specify. For more information on Failover options on the BIG-IP, see Managing Failover in the product documentation.

When configuring Failover Multicast, all three fields (interface, address, and port) are required. The address cannot have a CIDR.

If you do not specify an available interface name, the system will show an error which includes a list of available interfaces. If you specify a value none for the interface, DO disables Failover Multicast on the BIG-IP.

See FailoverMulticast in the Schema Reference for DO usage and options.

Note

The following example only includes the FailoverMulticast class, which can be used as a part of a larger declaration.

{
    "schemaVersion": "1.17.0",
    "class": "Device",
    "controls": {
        "traceResponse": true
    },
    "label": "Configuring System",
    "Common": {
        "class": "Tenant",
        "failoverMulticastTest": {
            "class": "FailoverMulticast",
            "interface": "eth0",
            "address": "10.2.3.4",
            "port": 1029
        }
    }
}

Back to top