Forum Discussion
AltostratusTroubleshooting and logs
Hello, i am trying to build environment for one project. For now i got the first step configured - an app which i need to use with F5 is Keycloak, one www app and xmpp chat. For now, i do not really know what else should i use via f5, only loadbalance of access to keycloak is done. I am using SSL/TLS communication and can log in to keycloak website using f5 as load balancer.
I will be trying to understand how this environment is working now, and will try to determine what should i use via F5.
But what is a little problematic for me is to:
1. find a good articles about configuration f5 - for example simple load balancing with ssl/tls etc step by step - and this is the first question, how do You search for configuration steps of something?
2. second and important thing is - how to troubleshoot and check logs for this kind of communication - please share with me some siple, good written articles. For example, for now i would lik eto check via logs every steps of my communication which is working, i do not really know how and where.
i saw this article Troubleshooting BIG-IP - The Basics | DevCentral - but it is overall info without examples.
Thank You for Your advices.
Best way would be to understand this logs, if i got knowledge how and what can i find this way i would be able to determine, what configuration i am missing, if something is comunicating properly etc.
Thanks for the help.
gneocl01Nimbostratus
Hello, i saw that you have manage to use F5 to access keycloak. i have 2 keycloak servers running on prod mode with certificates etc, and i trying to put them behind a load balancer. i have downloaded F5 since this is what our clients are using. can you point me to the right direction on how you succeeded on that? configuration of F5? sticky sessions? xForwarded headers? maybe specific changes in the keycloak.conf files? it will be a big help
- boneyard
MVP
a very valid question, but also something which can get more complicated then showing a few steps. if at all possible look if you or your company has people around who have already done this and can explain / do it together. an alternative could be a online training for using F5 BIG-IP.
for what is available online this is a nice introduction with examples and some step by step parts: https://clouddocs.f5.com/training/community/adc/html/class1/module1/module1.html
as for the logging part, out of the box the BIG-IP won't log traffic or show you how it flows through it. it might log some stuff in the /var/log/ltm log for this, but mainly bigger issues (nodes unreachable).
if you want to see the flow you either have to do a tcpdump or create logging with iRules, this article gives a nice example: https://my.f5.com/manage/s/article/K41861214
kbksAs i understand, this course is not for free, right?
So, there is no document which can describe with examples how to manage a full connection/data flow?
Also i do not know method to use wireshark for example for all hosts in few subnets (despite of port cloning on network devices and use a host on this cloned port with wireshark, which i am not able to do on this envronment). Heh this kind of big tool...- boneyard
No, these courses are not free, perhaps your company has a subscription on one of the providers.
I provided some links which can help. But starting this form scratch without assistance is lots of trial and probably some error.
