Forum Discussion
DavD
Nimbostratus
NimbostratusF5 Config - API Access on servers
Hello,,
Pl. be gentle as I am new to this and am asking this on behalf of someone as their networking resource is ooo on some emergency.
- There are two separate, identical server instances hosting identical API's e.g. here is a sample endpoint for one of those API's
- F5 has been configured
- Round-Robin mode
- Both Servers added to a new Pool
- VIP created with ssl enabled (default port 443)
Questions:
- What additional config neeeds to happen so any request from an external client for CheckInventory endpoint is processed
- What will be the new endpoint for this API?
- https://app.mydomain.com/CheckInventory
- Can it be changed to something else
- Is there an API mapping that has to be created withing the F5 config that will translate the Request (
- https://app.mydomain.com/CheckInventory) to what the server is expecting (https://prod1 (or prod2).mydomain.com:8443/ne/curr/CheckInventory)
Thank you
1 Reply
- Jeff_Granieri
Employee
Hi DavD ,
There are a few ways to go about this, you can use an iRule or LTM Policies - both can achieve the same outcome. I recommend you check these out: LTM Policy - Getting Started & LTM Policy Basics Also consider applying a health check to your backend pool members and whether you need Server side encryption (Server SSL profile)
You can use these tmsh commands as reference for to create and apply a LTM policy, they need to be modified to reflect the actual names
# ===================================================== # 1. Update Virtual Server with required profiles, one connect may be applied if needed # ===================================================== tmsh modify ltm virtual vs-app-api profiles replace-all-with { http clientssl-app.mydomain.com serverssl } # ===================================================== # 2. Create LTM Policy with URI rewrite rule # ===================================================== tmsh create ltm policy policy-rewrite-checkinventory \ strategy first-match \ rules { rewrite-checkinventory { conditions { 0 { http-uri path starts-with /CheckInventory } } actions { 0 { rewrite uri value /ne/curr/CheckInventory } # Optional: rewrite Host header # 1 { replace http-header Host value prod.mydomain.com } } } } # ===================================================== # 3. Attach the policy to the Virtual Server # ===================================================== tmsh modify ltm virtual vs-app-api policies add { policy-rewrite-checkinventory } # ===================================================== # 4. (Recommended) Add HTTPS health monitor to pool # ===================================================== tmsh modify ltm pool pool-prod-api monitor https # ===================================================== # 5. Save the configuration # ===================================================== tmsh save sys config
