Forum Discussion

Nikoolayy1's avatar
Jan 06, 2023
Solved

How does F5 PEM send API HTTP Requests to an orchestration system?

Recently I decided to read a little about the F5 options for a service and mobile providers just to have a basic culture if I am asked about the options. I understood how subscriber discovery works with DHCP and Radius AAA and got an idea that with irules and supersideband even HTTP API requests can be used to get the subscriber info.

 

Nice and all but then I watched this 8 year old video (308) BIG-IP Policy Enforcement Manager (PEM) and Network Functions Virtualization (NFV) Demo - YouTube and I just don't get how PEM sends API requests nativly as shown in the video, maybe again F5 irule sudeband is used or the F5 Virtual Network Functions Manager (VNFM) is used but the video shows that PEM can send API requests to autoscale servers and I from what I have read VNFM is for autoscaling F5 virtual machines Virtual Network Functions and not 3rth party virtual machine servers. Maybe I am wrong and PEM has native option for API requests oe the VNFM can autoscale not only F5 VM devices, so I deceded to check with the community.

  • PeteWhite's avatar
    PeteWhite
    Jan 10, 2023

    Hi Nikolay,

    To answer both points - you are probably correct that this was a specific customised setup. As i'm sure you know, the flexibiliy of BIG-IP means that you can do most things in many different ways. We in Professional Services are often the ones to do those things so we have good experience of creating many and varied bespoke solutions depending on the customer requirements. As a general rule, it is not good to mix data plane and control plane ie to perform control plane scaling operations based on user plane data. A better way would be to create an iCall to regularly check video platform capacity and perform scaling operations.

    Regarding VNFM, it comes with some standard Blueprints ie the network architecture required. This is normally a DAG layer and a Service layer - DAG is fastl4 loadbalancing over Layer 7 Service such as PEM, AWAF etc. This allows simple and scalable scalability. Service layer capacity can be measured using NAGIOS or suchlike, with triggers to scale up or down as required.

    However, because VNF Manager is a fully featured orchestrator in its own right, you can create your own Blueprint or customise an existing one - so you could very easily scale the video platform, router, firewall or any other device which has an API. As with BIG-IP, it is very flexible and scalable so you can create a solution to fit your requirements precisely.

3 Replies

  • Hi,

    Let me clarify an important point here - VNFM is an orchestrator which does autoscaling of PEM nodes, normally based on current CPU load. That is native HTTP in VNFM, but is not the PEM module performing the HTTP.

    Within PEM, there is a subscriber database which holds the subscriber IP address to user details (MSISDN/IMSI) mapping. That subscriber database is normally populated by receiving DHCP, RADIUS or DIAMETER requests eg Accounting Start/Stop. However, because of the flexibility of BIG-IP, this could be done by incoming HTTP API, regular external sideband requests or suchlike. It would normally be done in the control plane, not based on user plane traffic.

    There is also PCRF support via the Gx interface, which is a mobile service provider function.

    PEM is very scalable and feature-rich, specifically for service provider networks

    • Nikoolayy1's avatar
      Nikoolayy1
      Icon for MVP rankMVP

      After I playing around I know the F5 PEM options (even that the subscriber database now can be used not only by PEM but also F5 AFM, GTM, CGNAT and also the F5 traffic intelligence for application detection can be used now by F5 AFM not only PEM) but the youtube video that is 8 years old got me confused as the video shows PEM triggering HTTP API to autoscale the video servers and I am starting to think that this is a custom implementation with F5 and the vendor and it may use PEM PCC rule with a congestion detection condition and action that triggers something like  HTTP Super SIDEBAND (https://clouddocs.f5.com/api/irules/HTTP-Super-SIDEBAND-Requestor-Client-Handles-Redirects-Cookies-Chunked-Transfer-APM-Access-etc.html ) to send the HTTP API request to the video vendor's automation platform.

       

      Also I think the F5 VNFM can only autoscale F5 virtual devices (openstack or Vmware) and not  for example the Virtual machines that PEM traffic steers to for video optimization but maybe I am wong.

      • PeteWhite's avatar
        PeteWhite
        Icon for Employee rankEmployee

        Hi Nikolay,

        To answer both points - you are probably correct that this was a specific customised setup. As i'm sure you know, the flexibiliy of BIG-IP means that you can do most things in many different ways. We in Professional Services are often the ones to do those things so we have good experience of creating many and varied bespoke solutions depending on the customer requirements. As a general rule, it is not good to mix data plane and control plane ie to perform control plane scaling operations based on user plane data. A better way would be to create an iCall to regularly check video platform capacity and perform scaling operations.

        Regarding VNFM, it comes with some standard Blueprints ie the network architecture required. This is normally a DAG layer and a Service layer - DAG is fastl4 loadbalancing over Layer 7 Service such as PEM, AWAF etc. This allows simple and scalable scalability. Service layer capacity can be measured using NAGIOS or suchlike, with triggers to scale up or down as required.

        However, because VNF Manager is a fully featured orchestrator in its own right, you can create your own Blueprint or customise an existing one - so you could very easily scale the video platform, router, firewall or any other device which has an API. As with BIG-IP, it is very flexible and scalable so you can create a solution to fit your requirements precisely.