F5 BIG-IQ Centralized Management Lab > BIG-IQ All Labs > Class 5: BIG-IQ Device Management > Module 8: Declarative Onboarding and VE Creation on AWS Source | Edit on
Lab 8.2: AWS BIG-IP VE Creation¶
Note
Estimated time to complete: 10 minutes
Lab environment access¶
If you have not yet visited the page Getting Started, please do so.
Tasks¶
- Prerequisites to this module:
- Run the script creation file at the end of the previous lab
- An AWS account with full access permissions for the following AWS resources
- Instances
- IAM role/rolePolicy/InstanceProfile containing
- List
- Create
- Delete
Note
VE Creation may not require the BIG-IQ and created BIG-IP’s to communicate (Utility Licensing or Declarative Onboarding). The BIG-IQ targets the public AWS API for VE Creation and the BIG-IP VE public IP for Onboarding.
- Verify your BIG-IQ “Cloud Provider” for AWS
Navigate to Applications > Environments > Cloud Providers
View the Cloud Provider object with your AWS ephemeral account information.
- Verify your BIG-IQ “Cloud Environment” for AWS
Navigate to Applications > Environments > Cloud Environments
The Cloud Environment is where our BIG-IP will be deployed. If your credentials were valid, utilizing your just created Cloud Provider will expose resources available to you in your AWS account.
Several parts of the Cloud Environment you may not want to be configured because you are planning on using F5 Declarative Onboarding. - Device Templates are used for Service Scaling Groups, not a single or cluster of BIG-IP. - You must accept Programmatic Deployments for any BIG-IP you wish to deploy from the BIG-IQ interface, not doing this will fail to launch. - Two types of Licensing, Utility will utilize the instance billing directly to the consumer, BYOL billing would be handled from a BIG-IQ License Pool. Alternatively, if you are planning to have F5 Declarative Onboarding specify a license, you will not define anything
- Creating your BIG-IP in AWS
Navigate to Devices > BIG-IP VE Creation > and choose Create
Fill in the Create BIG-IP VE Options.
Note
You MUST accept the terms of the instance in AWS before you can launch the image. Accept the EULA here
| BIG-IP VE Creation | |
|---|---|
| Task Name | Deploy BIG-IP VE in AWS |
| BIG-IP VE Name | bigipvm01 |
| Description | Created with BIG-IQ |
| Cloud Environment | demo-7424-aws-environment |
| Number of BIG-IP VE to Create | 1 |
Once all the attributes are configured Create the VE.
BIG-IQ will gather all the needed pieces from our Provider, Environment, and Creation options. These will be sent to the AWS API for building out our instance.
By logging into the AWS Console with your ephemeral account, you can see the newly created EC2 instances. BIG-IQ has also created a Network Interface Card, Security Group, Storage Account, and a Public IP Address.
Warning
You cannot change these options at this time, a Public address will be created, and the Security Group will have ports (22,8443,443,4353) open from Any source. If you delete the BIG-IP, you will need to manually clean up the Security Group created.
BIG-IP VE Creation is complete from here we can see BIG-IQ harvested the Public IP address.
Note
All deployments are Single-NIC so that management will be on 8443. If you need to create additional NICs, you will need to do it through the cloud provider UI or API.
Lab 2 of this module will cover Onboarding the newly created AWS VE.
Note
If you try to open BIG-IP web interface, to bypass the Google Chrome “Your connection is not private” Warning, just type in blindly thisisunsafe.
See Class 2 Module 4 Lab 6 for help with Troubleshooting.