F5 Partner Solution Showcase - "Integrating F5 BIG-IP with AppViewX ADC+"
Visibility is Key
A critical component to any mission-critical application infrastructure is visibility. To effectively manage and protect an application, one must have granular visibility into performance and security events/metrics. However, visibility is nothing if there is not a way to mitigate risks and improve operational efficiency, preferably automatically.
In this inaugural edition of the “Partner Solution Showcase” we introduce one of our technology alliance partners, AppViewX. The AppViewX ADC+ platform provides an enterprise/service provider grade solution for visibility and automated remediation of both F5 BIG-IP and NGINX application delivery controller (ADC) products. Notably, the ADC+ platform features include:
- Cloud Agnostic - Supports F5 and Nginx ADCs in both hardware and software form factors across multi hybrid-cloud, core and the edge
- Secure/Scalable/Highly-Available - Unification of features that discover, monitor, manage automate, orchestrate, & self-service application delivery with granular object-level access control
- Full Control - Deploys in your infrastructure (on-prem or cloud hosted) and provides web-based UI for centralized management and self-servicing by App Teams, I&O teams with granular RBAC
- Full Visibility- Service discovery with access to application-centric visibility
- Open Ecosystem – Provides native low/no-code workflow automation as well as support for BYOA (Bring Your Own Automation) using Ansible, Terraform etc.
For the remainder of this article, I'll walk through the process of adding F5 Big IP devices onto the AppViewX ADC+ platform and monitoring the key performance data with the network status information to get the multi-dimensional perceptibility into the overall application health.
I'll recursively look up the pool members (end servers) to address the complexities in application delivery architectures where multiple devices handle traffic for a single application. Interestingly, the platform also provides single touch troubleshooting and monitoring workflows to identify and remediate network issues at a device or object level. The steps are pre-built modules with object-level RBAC.
Okay, let's take a look.
- F5 BIG-IP (Version:12 or later): Virtual Edition (VE) was utilized for this article. Both hardware and virtual edition platforms support ADC+ integration. Additionally, you will need to provide a certificate
- AppViewX ADC+: All it needs is a login. Setting up an account is relatively straightforward, and you can see a variety of modules activated as per your BIG-IP license (Good, Better, Best). Once you onboard devices, the automated service discovery part will stitch together key performance data with the network state, status and statistics information to monitor the overall application and application infrastructure health
Step 1: Adding an F5 device
Assuming the prerequisites have been met (i.e., I have an AppViewX ADC+ stood up), I first need to add an F5 device onto ADC+. The service discovery sequence will start auto-sequencing devices and relative Application services (VIPs, WIPs, profiles, server pools, firewall, certificates, etc.) and secrets that will be used by my application (delivered via the BIG-IP).
Login to the AppViewX ADC+ UI. Go to Menu > ADC+ > Asset management
- Perform any of the following
- Click "Device Inventory" and then select Add (*) icon to navigate to the Device Details page (Ref. Figure 01)
- Click the "Onboard Device" in the left navigation panel
- On the "Device Details" page, click on the "F5 icon" (Ref: Figure 02)
- Select the field information in the "General information" section, enter the details, and click "Save."
- In the next step, select the field information in the "Credentials" section. You can select "Manual Entry or Credentials List."
- The last step is to enter the field information in the "Secondary device information" section and click "Save."
- To validate F5 Big IP "device addition, "Select Menu > ADC+ > Asset Management > Device Inventory, and from the device inventory page, search for the added F5 device name.
I was able to onboard the F5 device (along with its certificates). The next step is to navigate to a topology view where I can perform multiple changes at an object level.
Step 2: Getting app-centric visibility of the applications
Once I added the devices, the application services were automatically discovered, and I could assign a role-based access control (RBAC) to app owners, NetOps, or other teams. As a result, everyone gets application centric view of specific apps they own and can begin self-servicing.
To configure app-centric visibility I will perform the following:
- Since it is a GUI-based application, I'll navigate to a section where you can run an "Application Search." For example, I just started with a keyword search "Ecomm.app2.com" the master search keyword is (*) to get a list of all associated applications. The result gave me a list of "parent objects/Wide IP" its "pool and pool members."
- Select any "parent object or Wide IP," It will create a topology view of the application services, including the device and VIP details to the end servers. It also tells the status and state of a particular object. You can also try this interactive tour of the Topology View.
The right-click menu is contextual, so you can perform tasks like enabling/disabling servers, performing backups/restores, viewing configurations, etc. You can get a detailed view of pools, pool members, and more in a single window.
Step 3: Provisioning F5 Big IP application services
To provision (create/modify/delete) new and existing application services on the F5 GTM, LTM, you can access the service catalog to run automated F5 configuration changes. The catalog is pre-configured with a variety of automated workflows. (I tested a few of them, which I will cover in my upcoming post).
AppViewX ADC+ simplifies application delivery by giving accessibility to performance data. With this single page-view method, visibility has tremendously increased. Comparison between the changes, restored objects, etc. are all available to me in one place.
From the AppViewX ADC+ platform I can now create workflows to automate F5 device upgrades, Golden Config Compliance, Blue-Green and Canary Based Deployments, End to End management of certificates on F5s, zero touch provisioning of F5 VEs and App Team Self-Servicing of F5 Application Delivery services.
Whitepaper: LBaaS as a Service
Youtube: ADC+ Use-Cases
YouTube - Partner Spotlight: AppViewX - Integrating F5 solutions with AppViewX ADC+: