TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 - - PowerPoint PPT Presentation

tackling big ip blue green deployments in private cloud
SMART_READER_LITE
LIVE PREVIEW

TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 - - PowerPoint PPT Presentation

Apr 23, 2023 304 likes •577 views

TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES Eric McLeroy, Payal Singh, Sr. Specialist Solutions Architect, Principal Solution Engineer, Ansible by Red Hat F5 Networks eric.mcleroy@redhat.com

slide-1
SLIDE 1

TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES

1

Eric McLeroy,

  • Sr. Specialist Solutions Architect,

Ansible by Red Hat eric.mcleroy@redhat.com Payal Singh, Principal Solution Engineer, F5 Networks payal.singh@f5.com

slide-2
SLIDE 2

AGENDA

  • Networking automation use cases
  • F5 BIG-IP: Introduction
  • Blue green deployment use case
  • Demo
  • Playbook walkthrough
slide-3
SLIDE 3

3

TOP 3 F5 BIG-IP AND ANSIBLE USE CASES

1) Gather facts Allows gathering of information about your environment 2) Making changes Provides the ability to make small changes as needed 3) Scaling out Provides the ability to launch entire applications stacks

slide-4
SLIDE 4

4

BIG-IP INTRODUCTION

slide-5
SLIDE 5

5

F5 INTRODUCTION

Load Balancing DDoS Protection Firewall

Internet

Devices Data Center

LTM APM ASM BIG-IP Local Traffic Manager BIG-IP Access Policy Manager BIG-IP Application Security Manager

BIG-IP

slide-6
SLIDE 6

6

RECAP

Previous Webinars

  • Automate BIG-IP in customer environments using Ansible
  • Basic F5 playbook
  • Ansible F5 modules
  • Fast application deployment and customer use case with Ansible and F5 BIG-IP
  • Onboarding
  • Using iApps to deploy configuration on BIG-IP
  • WWT: BUILDING A F5 SOLUTION WITH ANSIBLE TOWER
  • Using Tower to configure the BIG-IP
slide-7
SLIDE 7

7

F5 AND ANSIBLE SOLUTION

slide-8
SLIDE 8

Private cloud

F5 Virtual Editions F5 VIPRION BIG-IP Platform

Public cloud

LTM DNS

Amazon Web Services Microsof t Azure Google Cloud Platform

Ansible Host

Playbooks REST/SOAP API calls

bigsuds, f5-sdk

1 2 3

F5 Ansible Modules officially supported : https://f5.com/support/support-policies F5 and Ansible Solution

Ansible Versions 2.3 + TMOS v12.X +

slide-9
SLIDE 9

9

BLUE GREEN DEPLOYMENTS

slide-10
SLIDE 10

BLUE GREEN DEPLOYMENTS

Users ADC Blue Environment Green Environment 100%

slide-11
SLIDE 11

USE F5 BIG-IP DNS

BIG-IP

Data Center 1 Devices/Users Data Center 2

Servers Servers

Global Load Balancing Geographic load balancing Infrastructure Monitoring

BIG-IP LTM BIG-IP LTM

LTM VIP visibility into BIG-IP DNS

slide-12
SLIDE 12

HOW IT WORKS

Wide IP (my-wide-ip.example.com )

Pool LTM1 Virtual IP LTM2 Virtual IP Members Users

VIP down OR Pool down Pool of Servers Pool of Servers

100%

BIG-IP BIG-IP

LTM

slide-13
SLIDE 13

13

DEMO 1) PROVISION AND LICENSE A VIRTUAL BIG-IP ‘LTM2’ IN VMWARE 2) SWITCH TRAFFIC FROM ‘LTM1’ TO ‘LTM2’

slide-14
SLIDE 14

Demo Part1 Develop an automated workflow to provision, license and configure a BIG-IP in a VMware environment

Spin up BIG-IP in vCenter

* BIG-IP VE template is created on vcenter

Reconfigure the network adaptor settings Grab the VM IP assigned by DHCP to the BIG-IP VE License the BIG-IP VE Onboard the BIG-IP (Hostname/NTP/DNS/SSHD) Network the BIG-IP (VLAN/Self-IP) Import and activate the ASM policy Add pool members and pool Add virtual server and attach the ASM policy to it Ansible Tower Playbook Provision the BIG-IP with ASM module 1 2

vCenter

BIG-IP LTM2

slide-15
SLIDE 15

15

DEMO PART1: VIDEO AND PLAYBOOK WALKTHROUGH

slide-16
SLIDE 16

Demo Part2

Steps:

  • Setup connectivity between LTM2 and DNS
  • Add LTM2 to DNS WideIP pool
  • For traffic switch: Disable the virtual server on LTM1

MGMT IP – 10.192.73.218 Self-IP – 10.168.68.10 Virtual IP – 10.168.68.11 BIG-IP

Data Center

BIG-IP LTM1 VE

MGMT IP – 10.192.73.246 Self-IP – 10.168.68.5 Virtual IP – 10.168.68.12 MGMT IP – 10.192.73.219 Self-IP – 10.168.68.100 Listener Virtual IP – 10.168.68.101 (53)

BIG-IP LTM2 VE

Setup complete with DNS Connectivity to be setup with DNS

slide-17
SLIDE 17

17

DEMO PART2: VIDEO AND PLAYBOOK WALKTHROUGH

slide-18
SLIDE 18

Alternative Solutions

If a Static MGMT IP needs to be assigned to the BIG-IP instead of using DHCP for MGMT IP (BIG-IP Version 13.1+) 1) Edit the OVA file using a tool like COT (Common OVF Tool) cot edit-properties <source filename>.ova -p net.mgmt.addr=""+string -p net.mgmt.gw=""+string –p user.root.pwd=""+string -p user.admin.pwd=""+string -u -o <destination filename>.ova 2) Edit the OVA (template) properties so that when you deploy BIG-IP VE, you can specify values for the management IP address and default passwords. Example snippet 3) Use an Ansible playbook to execute deploying the OVA file (Step 2) https://github.com/f5rstahl/simple-ansible-playbook https://github.com/payalsin/f5-ansible/tree/master/playbooks/spinup-demo/static

slide-19
SLIDE 19

Alternative Solutions BIG-IQ to be used for licensing BIG-IP

Ansible Tower Playbook

BIG-IQ

Private/Public cloud

F5 Virtual Editions F5 VIPRION BIG-IP Platform

License

Sample Playbook https://github.com/payalsin/f5-ansible/tree/master/playbooks/spinup-demo/big-iq

slide-20
SLIDE 20

20

GET STARTED

slide-21
SLIDE 21

21

Automation is not a tool

  • It’s a strategy, it’s a journey

Learn automation practices

  • Super NetOps training courses can

help

  • Join existing Ansible network

automation communities Start small…

  • Create Playbooks that read or check
  • nly
  • Create simple jobs that eliminate the

annoying network tasks

WHERE DO I BEGIN

slide-22
SLIDE 22

22

Please contribute.. Your BIG-IP roles for community! https://galaxy.ansible.com/list#/roles?page=1&page_size=10&autocomplete=bigip https://galaxy.ansible.com/payalsin/bigip-ansible-ha-setup/ BIG-IP on Ansible Galaxy MORE WORKFLOWS

slide-23
SLIDE 23

23

Where can I learn more about Ansible & F5

www.ansible.com/f5

What is in the roadmap

– “More modules” in general using YOUR inputs: – https://github.com/F5Networks/f5-ansible/projects

What do I do if I have an issue with an existing F5 module

– Open an GitHub issue: https://github.com/F5Networks/f5-ansible/issues

I love it - I want to try out Ansible-Tower

– www.ansible.com/tower-trial/ – Email: gettingstarted@ansible.com

Email: devops@f5.com

FAQ

slide-24
SLIDE 24

24

Get started on your automation journey:

  • www.f5.com/supernetops

Learn more about solution: (webinars, modules, blogs)

– www.ansible.com/f5

Solution Overview:

  • https://www.f5.com/pdf/solution-center/f5-ansible-overview.pdf

Whitepaper:

– https://f5.com/Portals/1/PDF/Partners/automating-f5-big-ip-platform-with-ansible.pdf

Current F5 modules in Ansible core:

– http://docs.ansible.com/ansible/list_of_network_modules.html#f5

Request feature-enhancements:

– https://github.com/F5Networks/f5-ansible/issues Download Current Ansible (2.6): – http://releases.ansible.com/ansible/

REFERENCES

slide-25
SLIDE 25

25

Blue-Green deployment

  • https://github.com/payalsin/f5-ansible/tree/master/playbooks/spinup-demo

Static IP assignment

  • https://devcentral.f5.com/articles/ve-on-vmware-part-1-custom-properties-29787
  • https://devcentral.f5.com/articles/ve-on-vmware-part-2-ansible-deployment-29790
  • https://github.com/f5rstahl/simple-ansible-playbook
  • https://github.com/F5Networks/f5-vmware-vcenter-templates
  • https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ve-setup-vmware-esx

i-13-1-0/3.html BIG-IQ licensing

  • https://github.com/payalsin/f5-ansible/tree/master/playbooks/spinup-demo/big-iq

REFERENCES

slide-26
SLIDE 26

26

THANK YOU