Using Cloud Templates to Change BIG-IP Versions - AWS

Introduction

This article will make use of F5 cloud templates on GitHub to modify the BIG-IP versions for your public cloud deployments in AWS. This is part of an article series, so please review the “Concepts” as well as other articles within the series.

Modifying BIG-IP Templates for AWS Cloud

This section will show you how to modify the BIG-IP version in AWS deployments. The template deployment service in AWS is called Cloud Formation Templates.

• AWS CFT
• BIG-IP Cloud Templates for AWS on GitHub

There are a few methods I tested, and I’ll do a “How To” for each. Check the Appendix for additional examples.

1. Use Latest Template Release (no edits required)
2. Use Previous Template Release (no edits required)
3. Edit Latest Template to Change BIG-IP Versions
4. Edit Latest Template to Use Custom Uploaded Image

Note: At the time of this article, the "Latest" template release version for F5 cloud templates in AWS is 5.5.0 and found under Tag 5.5.0 on GitHub. See Tag 5.5.0 Release Notes.

Option #1: Use Latest Template Release (no edits required)

This option lets you use templates without modification of code. Each release corresponds to a certain BIG-IP version (see AWS CFT Template Matrix), and the template is hard coded with the selection of one BIG-IP version in AWS F5 cloud templates. The latest template will deploy BIG-IP version 15.0.1.0 by default. You can change the BIG-IP version by supplying a different AWS AMI ID in the customImageId parameter. Here is an example to deploy BIG-IP version 14.1.2.3.

Note: This method does not require template edits if using BIG-IP version 14.x and 15.x. If you are deploying BIG-IP version 12.x or 13.x, there are a few template edits required due to differences in "ifconfig" output during onboarding. If you need to deploy v12.x or v13.x with the latest template, see Option #3.

Search for AMI via AWS CLI:

1. Open your favorite terminal
2. Enter a search filter. Case does matter in AWS CLI.
3. command = aws ec2 describe-images --region xxxx --filters xxxx --query
4. My example = BIGIP*14.1.2.3*PAYG*Best
5. If you can't find what you need then reduce search criteria
6. Copy the AMI ID and save for later (my example ami-045afb5916dcb65fe)

#Example image search and results
aws ec2 describe-images \
  --region us-east-1 \
  --filters "Name=name,Values=*BIGIP*14.1.2.3*PAYG*Best*" \
  --query 'Images[*].[ImageId,Name]'

#Output similar to this...
    [
        "ami-045afb5916dcb65fe", 
        "F5 BIGIP-14.1.2.3-0.0.5 PAYG-Best 1Gbps-191218141117-929ca0d8-c2d7-4068-8f9a-eb75a677afed-ami-0eb0d2f6602e3d520.4"
    ], 

Deploy BIG-IP with latest template release:

1. Find your favorite BIG-IP template for AWS. I’ll use the BIG-IP, standalone, 3nic, PAYG licensing (Tag 5.5.0)
2. 
3. Review the entire README for installation instructions
4. Download template file
5. Edit "Parameters" section of template file
6. customImageId = ami-045afb5916dcb65fe
7. Populate all remaining parameters
8. Save file and deploy with your favorite method
9. AWS will validate the template and launch a BIG-IP running 14.1.2.3

#Example deploying using AWS CLI

#upload template file to s3 bucket
aws s3 cp bigip.template s3://myBucket123

#create CFT stack
aws cloudformation create-stack --stack-name myDeployment \
  --template-url https://myBucket123.s3-us-west-1.amazonaws.com/bigip.template \
  --capabilities CAPABILITY_IAM \
  --parameters ParameterKey=customImageId,ParameterValue=ami-045afb5916dcb65fe

Easy right? Try another AMI ID search and launch the template again to get a v14.x or v15.x BIG-IP.

Option #2: Use Previous Template Release (no edits required)

If you don’t mind a previous template release (less fixes/features), AND you still don’t want to tweak template code, AND you still need a different BIG-IP version, AND the BIG-IP version is listed in the matrix then keep reading! Here is an example to deploy BIG-IP version 13.1.1.0.

Find a previous template release to deploy BIG-IP version you desire:

1. Decide what BIG-IP version you need (my example 13.1.1.0)
2. Check the AWS CFT Template Matrix for BIG-IP
3. Scroll down the list and you’ll see template release v4.1.4
4. It allows “13.1.1”
5. Click the link to review v4.1.4 template release notes
6. 

Deploy BIG-IP with previous template release:

1. Find your favorite BIG-IP template for AWS. I’ll use the BIG-IP, standalone, 3nic, PAYG licensing (Tag 4.1.4)
2. 
3. Review the entire README for installation instructions
4. Download template file
5. Edit "Parameters" section of template file
6. customImageId = OPTIONAL (leave as OPTIONAL)
7. Populate all remaining parameters
8. Save file and deploy with your favorite method
9. AWS will validate the template and launch a BIG-IP running 13.1.1.0

#Example deploying using AWS CLI

#upload template file to s3 bucket
aws s3 cp bigip.template s3://myBucket123

#create CFT stack
aws cloudformation create-stack --stack-name myDeployment \
  --template-url https://myBucket123.s3-us-west-1.amazonaws.com/bigip.template \
  --capabilities CAPABILITY_IAM \
  --parameters ParameterKey=customImageId,ParameterValue=OPTIONAL

OK...we made it this far, but you still don’t see the BIG-IP version you need. Keep reading! In the next section, we’ll tweak some templates!

Option #3: Edit Latest Template to Change BIG-IP Versions

So far, I have addressed using the templates as-is to deploy BIG-IP various versions. The BIG-IP version numbers are hard coded in the template but may not be the exact version you require. This third option allows us to get our hands dirty and modify the JSON code. Super easy edits! We’ll use the latest template version, make some minor edits to the code, and deploy the BIG-IP version we need. First, we need to make sure the version number is available in marketplace. Here is an example to deploy BIG-IP version 13.1.3.2.

Note: This method is for deploying BIG-IP version 12.x and 13.x. The template edits are required due to differences in "ifconfig" output during onboarding. If you are using the latest template to deploy BIG-IP version 14.x or 15.x, see Option #1.

Note: Review the knowledge article F5 support for GitHub software for any questions pertaining to support of templates and modified templates.

Search for AMI via AWS CLI:

1. Open your favorite terminal
2. Enter a search filter. Case does matter in AWS CLI.
3. command = aws ec2 describe-images --region xxxx --filters xxxx --query
4. My example = BIGIP*13.1.3.2*PAYG*Best
5. If you can't find what you need then reduce search criteria
6. Copy the AMI ID and save for later (my example ami-0f59b659e616e6485)

#Example image search and results
aws ec2 describe-images \
  --region us-east-1 \
  --filters "Name=name,Values=*BIGIP*13.1.3.2*PAYG*Best*" \
  --query 'Images[*].[ImageId,Name]'

#Output similar to this...
    [
        "ami-0f59b659e616e6485", 
        "F5 Networks BIGIP-13.1.3.2-0.0.4 PAYG - Best 1Gbps - 20191105210000-929ca0d8-c2d7-4068-8f9a-eb75a677afed-ami-04f62a2c3a7df25b9.4"
    ]

Deploy BIG-IP with edited latest template release:

1. Find your favorite BIG-IP template for AWS. I’ll use the BIG-IP, standalone, 3nic, PAYG licensing (Tag 5.5.0)
2. Review the entire README for installation instructions
3. Download template file and edit code
4. **Refer to EXAMPLE EDITS code snippet below
5. Modify the network-config section
6. Modify getNameServer.sh section
7. Modify UserData section
8. Fix AS3 sections if deploying BIG-IP v12.x
9. Edit "Parameters" section of template file
10. customImageId = ami-0f59b659e616e6485
11. Populate all remaining parameters
12. Save file and deploy with your favorite method
13. AWS will validate the template and launch a BIG-IP running 13.1.3.2

#Example deploying using AWS CLI

#upload template file to s3 bucket
aws s3 cp bigip.template s3://myBucket123

#create CFT stack
aws cloudformation create-stack --stack-name myDeployment \
  --template-url https://myBucket123.s3-us-west-1.amazonaws.com/bigip.template \
  --capabilities CAPABILITY_IAM \
  --parameters ParameterKey=customImageId,ParameterValue=ami-0f59b659e616e6485

#Example Edits for Option #3: Edit Latest Template to Change BIG-IP Versions
#BIG-IP v12.x and v13.x only

########################
## 040-network-config ##
########################

#original
"GATEWAY_MAC=`ifconfig eth1 | egrep ether | awk '{print tolower($2)}'`; ",
"GATEWAY_MAC2=`ifconfig eth2 | egrep ether | awk '{print tolower($2)}'`\n",

#after edits
"GATEWAY_MAC=`ifconfig eth1 | egrep HWaddr | awk '{print tolower($5)}'`; ",
"GATEWAY_MAC2=`ifconfig eth2 | egrep HWaddr | awk '{print tolower($5)}'`\n",

######################
## getNameServer.sh ##
######################

#original
"INTERFACE_MAC=`ifconfig ${INTERFACE} | egrep ether | awk '{print tolower($2)}'`",

#after edits
"INTERFACE_MAC=`ifconfig ${INTERFACE} | egrep HWaddr | awk '{print tolower($5)}'`",

##############
## UserData ##
##############

#original
"/opt/aws/apitools/cfn-init/bin/cfn-init -v -s ",

#after edits
"/opt/aws/apitools/cfn-init-1.4-0.amzn1/bin/cfn-init -v -s ",

#####################################
## 050-onboard-BIG-IP              ##
## Note: AS3 install fix for v12.x ##
#####################################

#original
"nohup /config/waitThenRun.sh",
"f5-rest-node /config/cloud/aws/node_modules/@f5devcentral/f5-cloud-libs/scripts/onboard.js",
"--install-ilx-package file:///config/cloud/f5-appsvcs-3.18.0-4.noarch.rpm",

#after edits - Note: there are 2 references, update both places
"mkdir -p /var/config/rest/downloads/;",
"cp /config/cloud/f5-appsvcs-3.18.0-4.noarch.rpm /var/config/rest/downloads/;",
"nohup /config/waitThenRun.sh",
"f5-rest-node /config/cloud/aws/node_modules/@f5devcentral/f5-cloud-libs/scripts/onboard.js",
"--install-ilx-package file:///var/config/rest/downloads/f5-appsvcs-3.18.0-4.noarch.rpm",

Note: BIG-IP v12.x requires AS3 to be in /var/config/rest/downloads. Reference GitHub issues #103 for more info.

Option #4: Edit Latest Template to Use Custom Uploaded Image

The final AWS option allows you to upload or create your own BIG-IP images and reference those images in F5 cloud template deployments. There is an existing how-to doc on F5 Downloads explaining how to create an AWS AMI ID for your AWS environment. I’ll walk through the high-level steps of the article below. Then we'll review the deploy steps which require another JSON code edit.

Note: Custom images only allow BYOL licensing.

Note: Review the knowledge article F5 support for GitHub software for any questions pertaining to support of templates and modified templates

Upload/Create Custom Image:

1. Obtain an image file for the BIG-IP version you desire
2. My example = 12.1.5
3. Download image file from https://downloads.f5.com and upload as-is
4. Or...you can use F5 Image Generator too to make your own custom image
5. 
6. Download tar file and instructions
7. 
8. Review "Creating_AWS_Image.pdf" instructions to upload and create AWS AMI ID
9. Create Linux instance, copy tar file to default volume
10. Create new volume, attach to Linux instance, untar image to new volume
11. Shutdown instance, detach volume, create new Linux instance, attach volume to new instance
12. Create AWS AMI from new instance
13. Search for AMI IDs "Owned by me" in EC2 (my example ami-0f3c7d6ba497b070f)
14. 

Deploy custom BIG-IP image with latest template release:

1. Find your favorite BIG-IP template for AWS. I’ll use the BIG-IP, standalone, 3nic, BYOL licensing (Tag 5.5.0)
2. Review the entire README for installation instructions
3. Download template file and edit code
4. **Refer to EXAMPLE EDITS code snippet in Option #3
5. Modify the network-config section
6. Modify getNameServer.sh section
7. Modify UserData section
8. Fix AS3 sections if deploying BIG-IP v12.x
9. Edit "Parameters" section of template file
10. customImageId = ami-0f3c7d6ba497b070f
11. Populate all remaining parameters
12. Save file and deploy with your favorite method
13. AWS will validate the template and launch a BIG-IP running 12.1.5.0

#Example deploying using AWS CLI

#upload template file to s3 bucket
aws s3 cp bigip.template s3://myBucket123

#create CFT stack
aws cloudformation create-stack --stack-name myDeployment \
  --template-url https://myBucket123.s3-us-west-1.amazonaws.com/bigip.template \
  --capabilities CAPABILITY_IAM \
  --parameters ParameterKey=customImageId,ParameterValue=ami-0f3c7d6ba497b070f

Summary

That is a wrap! There’s lots of info in this post, and I hope it makes your job easier in deciding what template to choose when deploying various versions of BIG-IP devices in the AWS public cloud.