Big IP AWS Edition
I would like rewrite the Host Header with pendency of pool Member. I try the following: when LB_SELECTED { if { [LB::server addr] contains "194.76.212"} { HTTP::header replace "Host" "ff.geobasis.de" #log local0. "Node FF: [LB::server addr]" } if { [LB::server addr] contains "194.76.232"} { HTTP::header replace "Host" "zit.geobasis.de" #log local0. "Node ZIT: [LB::server addr]" } } It's not worked... Any idea for solution?413Views0likes5CommentsLoad balancing using an API
Hello team, We have a bunch of hosts running behind F5. Every host is running few services. One particular service is capable of providing free memory information through the API we developed: GET http://hostname/myservice/usageAPI Response: { "freeMemory": 369959592 } Is it possible to consume this API in F5, and load balance accordingly? E.g. If freeMemory is less than threshold, than no request should be sent to that host for the time being. After sometime, when freeMemory is above the threshold value, then F5 should redirect request to that host. How to load balance in F5 through such API? Note that we don't want to mark server/host status Up and Down. We just want to make sure that particular service has enough memory to take up the next memory intensive request. We know Dynamic Ratio Load Balancing but that considers the overall health of the host. We want to load balance based on status of one service out of few other services running on the host.386Views0likes2CommentsIs one self-IP enough to health check number of nodes?
Hi Guys, I am working on a new setup where I have F5 VM deployed in one arm. The device is currently standalone and configured following: 1- SNAT Pool instead of using Automap 2- Single Self-IP 3- Route to Self-IP gateway The VIP and nodes is in a separate subnet and currently I have configured two nodes to test and I see health check is happening using a single Self-IP that I have configured. I wanted to know is it okay to use single self ip to monitor all nodes in different subnets without having an issue like port exahustion or any other know issue? In SNAT Pool I have added 20 IPs, can I use SNAT Pool to do health check and data communication instead of using a single self IP? What is the best practice?297Views0likes3CommentsRedis Server Unprotected by Password Authentication
Solution : Enable the 'requirepass' directive in the redis.conf configuration file.check if Redis is working on the servers.$ redis-cli ping PONG #requirepass "xxxxxxxx"-- change the password of the user and uncomment it. /etc/init.d/redis-server status /etc/init.d/redis-server stop /etc/init.d/redis-server start The above solution provided are for single server What is the solution for the clusters of Linux and there are multiple configuration files given below? config/redis/redis_121.conf config/redis/redis_122.conf config/redis/redis_123.conf config/redis/redis_124.conf config/redis/redis_125.conf2KViews0likes0CommentsCSS patch for the new DevCentral Forums
Hi Folks, I've digged into the CSS of the new DevCentral forum and spoted some minor tweaks to make forum more usable for daily active users. I've mainly focused to expand the Question & Answer area, disable the default "Show more" truncation and to disable any line breaks on Code snippets to make them easier to read. Below is the CSS patch that can be imported to Chrome addons like Stylebot (via "Edit CSS" button) to persistently overwrite the look & feel of the new DevCentral site. /* Increase the width of the DevCentral Forum question & answer area to 100% */ .comm-layout-column { width: 100% ; } /* Allign replys and comments to the very left position. */ .slds-comment__content { margin-left: -50px ; } .comment__footer { margin-left: -50px ; } /* Less indent for comment replys */ .forceChatterFeedback.threaded-discussion .cuf-commentLi .cuf-commentLi { padding-left: 1rem ; } /* Always expand comments and remove the "Show more" button */ .feedBodyInnerTruncated { max-height: 100% ; } .forceChatterFeedBodyText .fadeOut { display: none ; } /* Disable line-breaks on code snippets and use a scroll bar instead. */ .forceChatterFeedBodyText code { overflow-x: auto ; white-space: pre ; width: 100% ; } .forceChatterFeedBodyText code ol.linenums { min-width: calc(100% - 40px) ; width: fit-content ; } Note: If you experience any formating issues outside of the DevCentral Forums, then let me know. I did not verified the changes on every single DevCentral sub page. Note: If you have other ideas to optimize the DevCentral Forum, then let me know. I'm happy to integrate your ideas in this post. Cheers, Kai299Views1like0CommentsAS3 PATCH method to add new pool?
AS3 noob here. Been successful using POST to create partition, app, VS, and pool. Now, I simply want to add a new standalone pool to the tenant, but not attached to a virtual server (because I'm using dynamic pool routing via DG) using the PATCH method. Should be very easy, but seeing some interesting errors, which I'm sure is related to schema formatting. Any advice? The restnoded logs were not much help. Payload follows using PATCH method, followed by the error. Also tried adding to the schema without the app, but same deal... [ { "path": "/Sample/A1", "op": "add", "value": { "web_pool_new": { "class": "Pool", "monitors": [ "http" ], "members": [{ "servicePort": 80, "serverAddresses": [ "192.0.1.20", "192.0.1.21" ] } ] } } } ] { "code":422, "errors":[ "/Sample/A1:shouldhaverequiredproperty'class'" ], "declarationFullId":"", "message":"declarationisinvalid" }530Views0likes3CommentsF5 Kubernetes BIG-IP Controller or CIS not connecting to Azure Big-IP deployment
I have started a POC for the BIG-IP Azure deployments, which deployed successfully and I have accessed and set the password. I've deployed the helm chart for CIS, but the pod fails to start. I've tested connectivity to the Azure BIG-IP deployment from a separate pod in the same namespace and it authenticates and returns correct info. I've validated the Azure BIG-IP creds are properly formatted in a secret and that secret is getting mounted in the CIS pod. Here is the pod log with logging level set to debug: 2021/10/04 21:21:39 [DEBUG] No url in credentials directory, falling back to CLI argument 2021/10/04 21:21:39 [INFO] [INIT] Starting: Container Ingress Services - Version: 2.5.0, BuildInfo: azure-465-1952a80a2165b7fc2d3561795ad09d1eb8615136 2021/10/04 21:21:39 [INFO]TeemServer:product.apis.f5.com 2021/10/04 21:21:39 teemClient:{{CIS-Ecosystem CIS/v2.5.0 df103609-7748-43e4-95a4-6631030e67d0} mmhJU2sCd63BznXAXDh4kxLIyfIMm3Ar product.apis.f5.com} 2021/10/04 21:21:39 [DEBUG] digitalAssetId:950e75d5-7fe0-88bc-eb3c-d654ebb4de47 2021/10/04 21:21:39 [DEBUG] telemetryDatalist:[{"Agent":"as3","ConfigmapsCount":0,"DateOfCISDeploy":"2021-10-04T21:21:39.452535893Z","ExternalDNSCount":0,"IPAMSvcLBCount":0,"IPAMTransportServerCount":0,"IPAMVirtualServerCount":0,"IngressCount":0,"IngressLinkCount":0,"Mode":"cluster","PlatformInfo":"CIS/v2.5.0 K8S/v1.19.11","RoutesCount":0,"RunningInDocker":false,"SDNType":"calico","TransportServerCount":0,"VirtualServerCount":0}] 2021/10/04 21:21:39 [DEBUG] ControllerAsDocker:#{docker} 2021/10/04 21:21:40 Resp Code:204 Status:204 No Content 2021/10/04 21:21:40 [INFO] ConfigWriter started: 0xc000284570 2021/10/04 21:21:40 [DEBUG] [CCCL] ConfigWriter (0xc000284570) writing section name global 2021/10/04 21:21:40 [DEBUG] [CCCL] ConfigWriter (0xc000284570) successfully wrote section (global) 2021/10/04 21:21:40 [DEBUG] [CCCL] ConfigWriter (0xc000284570) writing section name bigip 2021/10/04 21:21:40 [DEBUG] [CCCL] ConfigWriter (0xc000284570) successfully wrote section (bigip) 2021/10/04 21:21:40 [INFO] Started config driver sub-process at pid: 21 2021/10/04 21:21:40 [DEBUG] [INIT] Invalid trusted-certs-cfgmap option provided. 2021/10/04 21:21:40 [INFO] [INIT] Creating Agent for as3 2021/10/04 21:21:40 [DEBUG] [CORE] Agent Response Worker started and blocked on channel 0xc0004e04e0 2021/10/04 21:21:40 [INFO] [AS3] Initializing AS3 Agent 2021/10/04 21:21:41 [DEBUG] [AS3] No certs appended, using only system certs 2021/10/04 21:21:41 [DEBUG] [AS3] Validating AS3 schema with as3-schema-3.28.0-3-cis.json 2021/10/04 21:21:41 [DEBUG] [AS3] posting GET BIGIP AS3 Version request on https://10.2.0.7:8443/mgmt/shared/appsvcs/info 2021/10/04 21:21:43 [ERROR] [AS3] Response body unmarshal failed: invalid character '<' looking for beginning of value 2021/10/04 21:21:43 [ERROR] [AS3] Internal Error 2021/10/04 21:21:43 [CRITICAL] [INIT] Failed to initialize as3 agent, Internal ErrorSolved2.5KViews0likes3CommentsSubscribe to RSS Feed - I'm not seeing anything
Hi All, Silly question, i am trying to get the RSS feed working for the questions part of devcentral so i can try to be more up to date on here. But i've fried a couple of the rss links and none of them are coming up with anything. Is this nromal? - is a way of getting this working please? thanks all.727Views0likes4CommentsUsing a BIG-IP to Front-End Azure
Hello! We are implementing Azure, and I was wondering if it was possible to configure the BIG-IP such that: User authentication goes to a URL in which we've enabled federation (i.e., SAML) authentication. Intune and device management requests bypass this URL and go to the Microsoft SSO URL, and then, after SSO, the device communicates directly with Azure. I've looked into the network information for both Office 365 and Intune, and there's a lot of different endpoints available. It's almost like it would be too complex to manage, but I thought I would ask. Is anyone doing this? Many thanks, Jack Stewart University of Michigan394Views0likes1CommentF5 virtual lab or using the F5 application to learn?
Is there a free trial version of the F5 that can be used for learning on my laptop or in a virtual environment like digital ocean etc...? I want to get hands on experiences reading through the documentation and using the F5 in a lab environment.481Views0likes1Comment