Forum Discussion
EmployeeF5 and Ansible Integration webinar
F5 and Ansible have been working together for some time now, with the goal to make application deployments easy through automation. For those wanting an introduction to the integration between F5 & Ansible, I recommend that you check out getting-started-with-ansible – a blog by my colleague Tim Rupp. Over the past few months there has been improvements to the existing F5 modules as well as the addition of new F5 modules which provide greater flexibility to manage and configure the BIG-IP platforms. Based on customer interest, we added modules for creation and configuration of Virtual servers, SNMP, VLANS, GTM configurations, etc. We will be addressing use-cases like onboarding and networking the BIG-IP, application deployment, pool-member monitoring and state, etc.
To learn more Join F5 and Ansible for our webinaron Tuesday March 28th, 2017 from 2PM to 3PM EST where we will:
- Explain F5 and Ansible integration
- Cover Existing F5 modules for Ansible and the current development work
- Show how to use Ansible playbooks to bootstrap F5 BIG-IP and webservers
- Configure F5 BIG-IP to securely load balance applications using Ansible F5 modules
Don't miss out! We are looking forward to sharing with you.
13 Comments
Dario_GarridoNoctilucent
Hello 1Tamad,
I would do it this way:
1. Enable the feature "priority group activation" in a the pools.
2. Add new nodes with a priority group higher than the rest of the nodes of the pools.
3. Disable + force offline the old servers.
4. Remove connections or persistence records that still match the old servers.
5. Start doing the maintenance tasks over the old nodes.
6. Enable the service over the old nodes.
7. Finally disable the "priority group activation" for the pools.
8. (optional) Remove the priority group value you assigned previously to each node.
REF - https://support.f5.com/csp/article/K13525153
REF - https://support.f5.com/csp/article/K53851362
REF - https://support.f5.com/csp/article/K55632517
StephanMantheyNacreous
Step 4 of your solution may be avoided by setting your pool to "action on service down" to "reset".
OneConnect may help as well (applies to virtual servers with SSL-termination and http-profile only!) to reroute traffic in case the poolmember becomes unavailable.
The elite of DC has spoken but I just wanted to add a small note on OneConnect. It's an awesome feature but you should be aware of some things if the following conditions are true:
- You are not source NAT:ing your traffic already
- You depend on source IPs in your server logs (most people do)
- You want to enable OneConnect
Then make sure that the X-Forwarded-For headers are inserted on the F5 and that the servers can read them. Otherwise you'll see some strange traffic patterns in the server logs. 🙂
More about XFF here:
https://support.f5.com/csp/article/K4816Kind regards,
Patrik
![\"F5](\"https://www.f5.com/content/dam/f5/f5-logo.svg\"){kind=logo}
