Deploy an AWS High-Availability-aware virtual server across two Availability Zones

Login to the active Big-IP1 Configuration utility (Web UI). The “HA_Across_AZs” iApp will already be deployed in the Common partition.

Download the latest tcp iApp template from https://s3.amazonaws.com/f5-public-cloud/f5.tcp.v1.0.0rc2.tmpl.

../../_images/1_download_tcp_iapp1.png

iApps -> Templates -> import. Import f5.tcp.v1.0.0rc2.tmpl to the primary BigIP. The secondary BigIP should pick up the configuration change automatically.

../../_images/2_create_tcp_iapp1.png ../../_images/3_open_tcp_iapp1.png ../../_images/4_upload_tcp_iapp1.png

Deploy an iApp using the f5.tcp.v1.0.0rc2.tmpl template.

iApps => Application Serves => Select f5.tcp.v1.0.0rc2 template from the dropdown. Name: virtual_server_1.

Configure iApp: Select “Advanced” from “Template Selection”.

../../_images/5_tcp_iapp_dropdown1.png

Traffic Group: UNCHECK “Inherit traffic group from current partition / path”

Question value
Name: virtual_server_1
Inherit traffic group from current partition / path uncheck
High Availability. What IP address do you want to use for the virtual server? VIP IP of Big-IP1
What is the associated service port? HTTP (80)
What IP address do you wish to use for the TCP virtual server in the other data center or availability zone? VIP IP of Big-IP2
Do you want to create a new pool or use an existing one? service_discovery_pool

From the Super-NetOps terminal. Invoke terraform output and copy the value for Big-IP1 => VIP IP. Use this value in the iApp as explained in the chart above.

../../_images/6_terraform_copy_vip11.png

From the Super-NetOps terminal. Invoke terraform output and copy the value for Big-IP2 => VIP IP. Use this value in the iApp as explained in the chart above.

../../_images/7_terraform_copy_vip21.png ../../_images/8_vs_finish1.png

The iApp will create two virtual servers on both Big-IP’s. The iApp deployment on Big-IP1 will automatically and immediately sync to Big-IP2.

../../_images/9_two_vs1.png

From the Super-NetOps terminal. Invoke terraform output and copy the value for the primary Big-IP’s Elastic IP. Open a browser tab and HTTP to this Elastic IP.

../../_images/10_http_vs1.png

In order to enable request logging and apply a client SSL profile, let’s re-configure our TCP / Fast L4 virtual server to a Standard virtual server with an http profile applied.

iApps => Application Services => select the “virtual_server_1” iApp we just deployed.

../../_images/11_select_iapp1.png

Properties => uncheck/disable “Strict Updates”

../../_images/12_disable_strict1.png

Local Traffic => Virtual Servers => virtual_server1. Change only the values below and leave the rest as they are.

Question value
Type Standard
Service Port 443 / HTTPS
HTTP Profile http
SSL Profile (Client) clientssl

[Update]

../../_images/13_vs_changes_11.png ../../_images/14_vs_changes_21.png

From the Super-NetOps terminal. Invoke terraform output and copy the value for the primary Big-IP’s Elastic IP. Let’s test the http profile and clientssl profile are working. Open a browser tab and HTTPS (different than before, when we accessed our example application via HTTP) to this Elastic IP.

../../_images/15_https_test_vs11.png