f5aws is a tool for deploying F5 BIG-IP in various possible architectures within an AWS EC2 Virtual Private Cloud.
This tool is not made for production usage. Rather the goal is to allow users to evaluate the deployment architectures which best fit their application model.
Further, this library shows how BIG-IP can be orchestrated using open-source configuration management and workflow engines like Ansible. These examples demonstrate the programmable APIs available from TMOS, include TMSH, iControlSoap, and iControlREST.
These examples are provided in order to demonstrate how BIG-IP can be used to manage the availability, performance, and security of applications running in AWS and other public cloud environments.
As of now, these deployment models are:
-single-standalone (single big-ip and application server in one availability zone)
-standalone-per-zone (big-ips in multiple availability zones, fronted by big-ip running gtm in each AZ, application hosts in each AZ, and a host in the external subnet for traffic generation)
This code is provided as is and should be used as a reference only. It is not provided as a production-ready tool and F5 support will not field requests for this work.
- Install Virtual Box and Vagrant
Install virtual box (tested using 4.3.26)
https://www.virtualbox.org/wiki/Downloads
Install vagrant (tested using 1.7.2)
http://docs.vagrantup.com/v2/installation/
-
Clone this code to your desktop:
git clone https://github.com/F5Networks/aws-deployments.git -
Setup the virtualbox host with vagrant:
cd aws-deployments/vagrant
vagrant up -
When prompted by the vagrant, choose network interface attached to the internet.
-
Once the virtual box has started, login to the machine:
vagrant ssh -
Edit/Copy (manually with VIM/Nano or SCP) your credentials and environment variables over to your vagrant guest:
- ~/.ssh/<your_aws_ssh_key>
- ~/.aws/credentials
- ~/.f5aws
An example of copying your your AWS SSH private key over to vagrant guest:
user1@desktop:demo $scp -P 2222 /.ssh/AWS-SSH-KEY.pem [email protected]:/.ssh/AWS-SSH-KEY.pem
Warning: Permanently added '[127.0.0.1]:2222' (RSA) to the list of known hosts.
[email protected]'s password:
AWS-SSH-KEY.pem 100% 1696 1.7KB/s 00:00
- To create a new environment, use the 'init' command. This will initialize the set of ansible variables necessary for deployment (known as an 'inventory'. After execution of this playbook, inspect '~/vars/f5aws/env/env_name'.You must choose the availability zones in which you want to deploy.
./bin/f5aws init <your env> --extra-vars '{"deployment_model": "standalone-per-zone", "region": "us-east-1", "zones": ["us-east-1b","us-east-1c"]}'
Note that the length of list passed to the "zones" variable must not strictly be 2, i.e. 3 is also possible:
./bin/f5aws init <your env> --extra-vars '{"deployment_model": "standalone-per-zone", "region": "us-east-1", "zones": ["us-east-1b","us-east-1c", "us-east-1d"]}'
You can also try out the single-standalone deployment model (no gtm, no client host for generating traffic)
./bin/f5aws init <your env> --extra-vars '{"deployment_model": "single-standalone", "region": "us-east-1", "zone": "us-east-1c"}'
- Deploy and manage the environment you instantiated in step 1. This creates all the resources associated with environment, including AWS EC2 hosts, a VPC, configuration objects on BIG-IP and GTM, and docker containers.
./bin/f5aws deploy <your env>
- When you are done, just teardown the environment:
./bin/f5aws teardown <your env>
- At any time, you can list all the deployments which are under management:
./bin/f5aws list
- List additional details about an environment via the info command, which has three subcommands:
-
display login information for hosts deployed in ec2
./bin/f5aws info login <your env> -
print the ansible inventory (dynamic inventory groups like bigips, apphosts, gtms, etc are not printed)
./bin/f5aws info inventory <your env> -
print the status of deployed infrastructure and output from cloudformation stacks
./bin/f5aws info resources <your env>