3.2. Deploying an Application

3.2.1. TLS Certificates and Keys

Note

The wildcard.f5labs.com certificate and key has been pre-loaded into the BIG-IP CM, so you will not need to import any certificates at this time.

  1. In the top left corner of the BIG-IP Central Manager GUI, click on the Workspace icon (it looks like a waffle pattern) to show the Workspace Menu.

    ../../_images/workspace-menu-1.png

  2. Click on Applications to navigate to the Applications workspace.

    ../../_images/workspace-menu-2.png

  3. Click on Certificates & Keys in the left menu.

    ../../_images/certs.png

  4. Click on wildcard.f5labs.com to view the certificate properties panel.

  5. Click on the Cancel & Exit button to close the panel.

3.2.2. Create an HTTPS Application

Now, you will create a simple HTTPS application.

  1. In the Applications menu, click on My Application Services.

  2. Click on the Start Adding Apps button to open the Add Application panel.

  3. Enter my-app-1 in the Application Service Name field.

  4. Leave the Application Service type selection as Standard (default).

    ../../_images/add-app-1.png

  5. Click on the Start Creating button to open the Application Service Properties panel.

  6. Enter My first application in the Description field.

  7. Click on the Start Creating button to reveal the Virtual Server and Pool configuration options.

    ../../_images/add-app-1b.png

  8. Click on Pools to show the Pool configuration options.

    ../../_images/add-app-2.png

  9. Click on + Create to add a new Pool.

    • Enter my-pool in the Pool Name field.

    • Change the Service Port to 443 (default value was 80)

    • Click on the Monitor Type field to show the available options.

    • De-select http and select icmp

    • Click outside of the list to use the selected options.

    ../../_images/add-app-3.png

  10. Click on Virtual Servers to switch to back to the Virtual Server configuration options.

    • Enter my-app in the Virtual Server Name field.

    • In the Pool field, select the my-pool pool.

    • Change the Virtual Port to 443 (default value was 80)

  11. In the Protocols & Profiles field, click on edit-icon (edit icon) to open the settings panel.

    ../../_images/add-app-4.png

  12. Enable (toggle on) the Enable HTTPS (Client-Side TLS) option to show additional settings.

    • In the SPECIFY THE CERTIFICATES DETAILS FOR THIS APPLICATION section, click on the Add button to open the configuration panel.

    • In the Add Client-Side TLS panel, enter wildcard.f5labs.com as the name

    • Select wildcard.f5labs.com in the RSA certificate dropdown list box. This certificate was pre-installed in your lab environment.

    • Click on the Save button to close the panel.

    ../../_images/add-app-5.png

  13. Scroll down to see the other Protocol & Profiles options.

  14. Enable (toggle on) the Enable Server-side TLS option.

  15. Ensure that the Enable SNAT and Enable Auto SNAT options are enabled (default).

  16. Disable (toggle off) the Enable Connection Mirroring option.

    ../../_images/add-app-6.png

  17. Click on the Save button to the close the Protocols & Profiles panel.

    Notice that the TLS and HTTPS labels were added, and MIRRORING was removed.

    ../../_images/add-app-7.png

  18. At the bottom right corner, click on the Review & Deploy button to open the Deploy panel.

    • Click on the Start Adding button.

    • Select the instance named bigip-next.f5labs.com.

    • Click on the + Add to List button to see the additional deployment settings.

    ../../_images/add-app-7b.png

  19. In the Virtual Address field, enter 10.1.10.20 .

    ../../_images/add-app-8.png

  20. You will see 0 in the Members column, click on the down arrow and then click + Pool Members to define Pool Members.

    • Click on the + Add Row button 3 times to create empty entries.

    • Add the following entries:

      • Name: mbr-192.168.100.11, IP Address: 192.168.100.11

      • Name: mbr-192.168.100.12, IP Address: 192.168.100.12

      • Name: mbr-192.168.100.13, IP Address: 192.168.100.13

    • Click on the Save button to close the Pool settings panel.

    ../../_images/add-app-9.png

  21. Click on the Validate All button to validate the pending configuration changes.

    ../../_images/add-app-10.png

  22. If validation is successful, you will see Validated and a link to View Results. Click on the link to view the configuration (JSON format) in a new panel.

    ../../_images/add-app-11.png

  23. Click on the Exit button to close the panel.

  24. Click on the Deploy Changes button. Then, click on the Yes, Deploy button to send the application configuration to the BIG-IP Next instance.

    ../../_images/add-app-12.png

When the deployment has completed, the Application Services dashboard will show the status of the new application.

../../_images/add-app-13.png