TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP...
Transcript of TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP...
![Page 1: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/1.jpg)
TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES
1
Eric McLeroy, Sr. Specialist Solutions Architect,
Ansible by Red Hat
Payal Singh,Principal Solution Engineer,
F5 Networks
![Page 2: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/2.jpg)
AGENDA
• Networking automation use cases• F5 BIG-IP: Introduction• Blue green deployment use case• Demo• Playbook walkthrough
![Page 3: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/3.jpg)
3
TOP 3 F5 BIG-IP AND ANSIBLE USE CASES
1) Gather facts
Allows gathering of information about your environment
2) Making changes
Provides the ability to make small changes as needed
3) Scaling out
Provides the ability to launch entire applications stacks
![Page 4: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/4.jpg)
4
BIG-IP INTRODUCTION
![Page 5: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/5.jpg)
5
F5 INTRODUCTION
Load BalancingDDoS Protection
FirewallInternet
Devices
Data Center
LTM
APM
ASM
BIG-IP Local Traffic Manager
BIG-IP Access Policy Manager
BIG-IP Application Security Manager
BIG-IP
![Page 6: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/6.jpg)
6
RECAP
Previous Webinars
• Automate BIG-IP in customer environments using Ansible• Basic F5 playbook• Ansible F5 modules
• Fast application deployment and customer use case with Ansible and F5 BIG-IP• Onboarding• Using iApps to deploy configuration on BIG-IP
• WWT: BUILDING A F5 SOLUTION WITH ANSIBLE TOWER• Using Tower to configure the BIG-IP
![Page 7: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/7.jpg)
7
F5 AND ANSIBLE SOLUTION
![Page 8: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/8.jpg)
Private cloud
F5 Virtual Editions F5
VIPRIONBIG-IP Platform
Public cloud
LTM DNS
Amazon Web Services
Microsoft Azure
Google Cloud Platform
Ansible Host
PlaybooksREST/SOAP API calls
bigsuds, f5-sdk
1
2
3
F5 Ansible Modules officially supported : https://f5.com/support/support-policies
F5 and Ansible Solution
Ansible Versions 2.3 +
TMOS v12.X +
![Page 9: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/9.jpg)
9
BLUE GREEN DEPLOYMENTS
![Page 10: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/10.jpg)
BLUE GREEN DEPLOYMENTS
UsersADC
Blue Environment
Green Environment
100%
![Page 11: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/11.jpg)
USE F5 BIG-IP DNS
BIG-IP
Data Center 1
Devices/Users
Data Center 2
Servers
Servers
Global Load BalancingGeographic load balancingInfrastructure Monitoring
BIG-IP LTM
BIG-IP LTM
LTM VIP visibility into BIG-IP DNS
![Page 12: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/12.jpg)
HOW IT WORKS
Wide IP(my-wide-ip.example.com)
Pool
LTM1 Virtual IP
LTM2 Virtual IP
Members
Users
VIP down OR Pool down
Pool of Servers
Pool of Servers
100%
BIG-IP BIG-IP
LTM
![Page 13: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/13.jpg)
13
DEMO
1) PROVISION AND LICENSE A VIRTUAL BIG-IP ‘LTM2’ IN VMWARE
2) SWITCH TRAFFIC FROM ‘LTM1’ TO ‘LTM2’
![Page 14: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/14.jpg)
Demo Part1
Develop an automated workflow to provision, license and configure a BIG-IP in a VMware environment
Spin up BIG-IP in vCenter * BIG-IP VE template is created on vcenter
Reconfigure the network adaptor settings
Grab the VM IP assigned by DHCP to the BIG-IP VE
License the BIG-IP VEOnboard the BIG-IP (Hostname/NTP/DNS/SSHD)
Network the BIG-IP (VLAN/Self-IP)
Import and activate the ASM policy
Add pool members and pool
Add virtual server and attach the ASM policy to it
Ansible Tower
Playbook
Provision the BIG-IP with ASM module
1
2
vCenter
BIG-IP LTM2
![Page 15: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/15.jpg)
15
DEMO PART1: VIDEO AND PLAYBOOK WALKTHROUGH
![Page 16: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/16.jpg)
Demo Part2
Steps:• Setup connectivity between LTM2 and DNS• Add LTM2 to DNS WideIP pool• For traffic switch: Disable the virtual server on LTM1
MGMT IP – 10.192.73.218Self-IP – 10.168.68.10
Virtual IP – 10.168.68.11
BIG-IP
Data Center
BIG-IP LTM1 VE
MGMT IP – 10.192.73.246Self-IP – 10.168.68.5
Virtual IP – 10.168.68.12
MGMT IP – 10.192.73.219Self-IP – 10.168.68.100Listener Virtual IP – 10.168.68.101 (53)
BIG-IP LTM2 VE
Setup complete with DNS Connectivity to be setup with DNS
![Page 17: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/17.jpg)
17
DEMO PART2: VIDEO AND PLAYBOOK WALKTHROUGH
![Page 18: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/18.jpg)
Alternative Solutions
If a Static MGMT IP needs to be assigned to the BIG-IP instead of using DHCP for MGMT IP (BIG-IP Version 13.1+)
1) Edit the OVA file using a tool like COT (Common OVF Tool) cot edit-properties <source filename>.ova -p net.mgmt.addr=""+string -p net.mgmt.gw=""+string –p user.root.pwd=""+string -p user.admin.pwd=""+string -u -o <destination filename>.ova
2) Edit the OVA (template) properties so that when you deploy BIG-IP VE, you can specify values for the management IP address and default passwords. Example snippet
3) Use an Ansible playbook to execute deploying the OVA file (Step 2)https://github.com/f5rstahl/simple-ansible-playbookhttps://github.com/payalsin/f5-ansible/tree/master/playbooks/spinup-demo/static
![Page 19: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/19.jpg)
Alternative Solutions
BIG-IQ to be used for licensing BIG-IP
Ansible Tower
Playbook
BIG-IQ
Private/Public cloud
F5 Virtual Editions F5
VIPRIONBIG-IP Platform
License
Sample Playbookhttps://github.com/payalsin/f5-ansible/tree/master/playbooks/spinup-demo/big-iq
![Page 20: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/20.jpg)
20
GET STARTED
![Page 21: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/21.jpg)
21
Automation is not a tool- It’s a strategy, it’s a journey
Learn automation practices- Super NetOps training courses can
help- Join existing Ansible network
automation communities
Start small…- Create Playbooks that read or check
only- Create simple jobs that eliminate the
annoying network tasks
WHERE DO I BEGIN
![Page 22: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/22.jpg)
22
Please contribute..
Your BIG-IP roles for community!
https://galaxy.ansible.com/list#/roles?page=1&page_size=10&autocomplete=bigiphttps://galaxy.ansible.com/payalsin/bigip-ansible-ha-setup/
BIG-IP on Ansible Galaxy
MORE WORKFLOWS
![Page 23: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/23.jpg)
23
Where can I learn more about Ansible & F5www.ansible.com/f5
What is in the roadmap– “More modules” in general using YOUR inputs:
– https://github.com/F5Networks/f5-ansible/projects
What do I do if I have an issue with an existing F5 module– Open an GitHub issue: https://github.com/F5Networks/f5-ansible/issues
I love it - I want to try out Ansible-Tower– www.ansible.com/tower-trial/
– Email: [email protected]: [email protected]
FAQ
![Page 24: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/24.jpg)
24
Get started on your automation journey:• www.f5.com/supernetopsLearn more about solution: (webinars, modules, blogs)– www.ansible.com/f5Solution Overview: • https://www.f5.com/pdf/solution-center/f5-ansible-overview.pdfWhitepaper: – https://f5.com/Portals/1/PDF/Partners/automating-f5-big-ip-platform-with-ansible.pdfCurrent F5 modules in Ansible core:– http://docs.ansible.com/ansible/list_of_network_modules.html#f5Request feature-enhancements:– https://github.com/F5Networks/f5-ansible/issuesDownload Current Ansible (2.6):– http://releases.ansible.com/ansible/
REFERENCES
![Page 25: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/25.jpg)
25
Blue-Green deployment• https://github.com/payalsin/f5-ansible/tree/master/playbooks/spinup-demo
Static IP assignment • https://devcentral.f5.com/articles/ve-on-vmware-part-1-custom-properties-29787• https://devcentral.f5.com/articles/ve-on-vmware-part-2-ansible-deployment-29790• https://github.com/f5rstahl/simple-ansible-playbook• https://github.com/F5Networks/f5-vmware-vcenter-templates• https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ve-setup-vmware-esx
i-13-1-0/3.html
BIG-IQ licensing• https://github.com/payalsin/f5-ansible/tree/master/playbooks/spinup-demo/big-iq
REFERENCES
![Page 26: TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE … F5 Tackling BIG IP... · TACKLING BIG-IP BLUE-GREEN DEPLOYMENTS IN PRIVATE CLOUD USING F5 & VMWARE ANSIBLE MODULES 1 Eric McLeroy,](https://reader030.fdocuments.net/reader030/viewer/2022040422/5e118c4155d5047319150ffd/html5/thumbnails/26.jpg)
26
THANK YOU