Forum Discussion

SantoshKumarUP_'s avatar
SantoshKumarUP_
Icon for Nimbostratus rankNimbostratus
Jul 19, 2017

load-balancing java based microservices for https based api's via f5

The requirement is to have java based micro services run on particular same port say 8080 on 2 VM's and the load to be load balanced using F5 load balancer. say vm1.man.com:8080 and vm2.man.com:8080

 

But I am confused with the requirement being to accept HTTPS request. Questions are

 

Where to have the certificate installed? At the F5 or At the microservice? Whether 1 common certificate with vm1.man.com, vm2.man.com, and added as SAN's and installed in both Microservices would suffice? Would adding the Static IPs of the VM's and F5 to certificate help?

 

  • The certificate should be assigned to the virtual server, no SAN certificate required. The certificate only needs in the CN, it is not required to put the real server names.

     

    Also no need to install certificates on the servers running the java-bases micro services.

     

    The two VMs go into the pool and the virtual server can be configured to do SSL offloading. SSL is terminated at the F5 and the communication towards the java-bases micro services can be HTTP / port 8080.