F5 HIGH AVAILABILITY (HA)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone my name is varun in this video we are going to discuss about f5 high availability so what is high availability for any application or website that has been deployed it is important to have load balancing and high availability implemented to sustain high traffic and failover in case your primary infrastructure goes down so actually make sure that server pool is ready for user request in situation where the primary load balancer is down and you can redirect the traffic to your secondary node with very minimum downtime which is not noticeable so with higher h a you have two nodes one of which is processing the traffic and another one is standby so if in case if any any failure occur with the node 1 the node 2 will be capable of taking all the load with minimum downtime so how has deployed in f5 you have two system one is that one act as an active system other as as in a standby system the so the goal of such redundant querying is to provide user with seamless uninterrupted services in the event of failure on one device so what happens if the active system is taken offline or fails to connect the standby system immediately takes over to avoid processing traffic typically the newly active system remains active until an event require the first big-ip system to become active again or until you manually force that system into standby so if you have two f5 nodes in rj and if the primary goes down the secondary one will become the primary and it will remain primary even if the secondary comes the old primary comes up and if you want the old primary to become active you can do it manually so there are two types of deployment in action one is active active another one is active standby with active active deployment both the nodes act as active so you basically create two traffic groups for one traffic group one node attack node is active and for the other the other node is active and both act as the failover for each other with active standby there is a single traffic group is active on one of the device in the device group and is in standby state on a peer device if fellow workers the standby traffic group on the pr device becomes active and begins processing the application traffic so with active standby for two to five nodes in hj there will be only one traffic group and one node would be the primary for it another one will act as a standby and that would be used the if failover occurs so how uh f5 actually works is there is a concept of floating ip the floating ip floats between the active and the standby device and both the devices sync the complete configuration with each other so if in case if the active device fails over the floating ip will become active on the standby device and and you know prior to failover prior to failover the both the devices sync their database so today this is our lab topology where the client uh there would be two load balancer lb01 and lb02 with the internal ip 192 168 31.3 and 192 160 31.4 and there will be a floating ip that is 192 168 31.7 so before so let's configure the lab first so we have we have two nodes one manage one node management ip is 192 168 111 so these are our two f5 node as of now they are configured as standalone so we will configure them in active so these are the two nodes see as of now these are showing the standalone once it is configured and actually it will either show that active or standby so if we talk about the configuration these have a basic configuration for now so this has the basic configuration for now basically if you go to the networks they only have uh uh internal and external ip configured okay so in order for ha in order to configure ha we need a ha self ip which will be used to sync the data if you want you can use the management ip as well but we will be using the heip to sync the data so we have to first create a self ip for fj so prior to that we have to create a vlan for it so if we go to the vms we already have actually configured so we'll create an ip that will be used to see the configuration between two of the nodes so i'm going to create i'll name it as i'll be undiscovered right and ip address we will be using is 192 168 21.3 it will be using the haven okay now we'll finish it so now we have three self ip right one is for the external interface one is for the internal interface and the third one is to sync the data will be two of the devices now in order for actua to work as we already discussed there is a concept of floating self ip okay so this if we talk about this ib 190 to 168 31.2 it is uh it is you know it is non floating self ip it means that it it remains on on on individual f5 it will not move from one f5 to another so for etching we have to configure uh floating self ip in the same vlan so so we will configure the floating cell fib let uh will name it as internal underscore underscore floating okay and the ipad was v192 168 31.7 okay net mass is and it will be using the vlan lv uh south as it is for internal traffic okay now we have an option to select the traffic group by default there are two traffic group one is traffic group local another one is traffic group one so traffic group local remains local to the f5 and group one is a floating traffic group by default you have traffic group one for flow of as a floating traffic group if you want you can create other traffic group as well floating traffic group as well so as this ip will be floating between two f5 so we'll make it a part of traffic group 1 that is a floating traffic group finish similar configuration we have to do on another node it also have only two ip configured right so we have to create an actual self ip first so so this is this would be our actually for this note it will be using the haven hit finish now we have to configure the same floating ip that we have configured in this node that was 31.7 so i create a floating light behavior as well hit finish so for now what we have done we have configured the hsl5 that would be used for as a failover interface and in order to sync the configuration so it is optional you can use any of the self type fee but we have configured and uh separate self ip for conf config synchronization transaction and the failover and we also configured a floating ip uh that would be floating from one f5 to another now we will go to the node which we want to make active and go to the device management first what we have to do is we have to add a device press so we'll add a member here we will put the ip of this load balancer management of this load balancer so that is and the admin username and password now will retrieve the device information so now it is it is able to successfully retrieve the device information this is the certificate of that node 11120 i we'll click on device certificate matches so while adding we got an error that it does not have the config sync address set so before adding the devices we have to first configure the config sync address in order to do it we have to go to the particular f5 node and go to devices go to the config sync so we already have our address configured for sync that is the hip we will be using this for the sync update this also configure the network that would be used to fail over the traffic from one node to another so click add now again we will be using this node only and this uh and the failover occurs at port one zero two six so this is by default click finish now for mirroring this will mirror the connection from one f5 to another in case of failure so again we will be using the hib only for this hit update similarly we have to do this on the nf node as well so go to the device management devices so this is the lab02lab.com we go there and again here we have this configure config sync the address that would be used to sync the configuration between two nodes so again this will be hlp server now we have to configure the failover network as well on this node so we'll add so we are going to use the ha self ip and the port is 1026 by default click finish now mirroring so again we will be using the hip for formula as well gives us done so as of now what we have done we have configured hsl5b that is used for the config sync failover network and mirroring between two nodes we have configured a floating cell 5p that will be floating between two nodes now we are going to add device uh with each other so what we have to go is we have we have to go to device trust and add a device trust member now the management view of the other node objective device information so this is the certificate of the other note so click device certificate matches now we'll just click on add device once the device stress is added we have to create a device group so go to the device group and click on add so we'll name this device group as lab so there are two options one is sync only another one is sync fade over so with sync only what it will does is the configuration will be synced between two devices the primary configuration will be will be synced with the secondary or the standby f5 but there will be no failover but in our case we need both sync and the failover so it will select sync and failover now we have to add the devices that we want to be wanted to win this group so these are the two devices this is the local device on which we are configuring and this is the another node which we for which we have added the trust now sync type either you can have automatic with incremental sync manual with incremental sync or manual with full sync so we will be so with automatic sync you know the configuration will be synced automatically you need not to you know manually sync it but with manual sync you have to go to or overview under device management and then do a manual manual sync so we will be doing manual and with incremental sync okay so now the devices are added in this group okay now this device has become active and another device okay it's an uh let's let the initials incomplete first it is awaiting any situation so for initiating we have to go to the overview okay see once we go to the overview for initial saying for the manual sync we have to go to overview under device management but as of now this device is showing us offline so we will not be able to sync it that is why if we go to another node it is not showing at standalone because as of now there is they are not able to you know sync with each other so as we have configured the group assign failover so both the devices should be able to communicate with each other over the port so we go to the devices and if you go to any of the device for failover network we have this ip configured right and for failover by default the port used is one zero two six so we are using h i p for failover between two nodes and both the ha nodes should be able to communicate with o with each other over port one zero two six using the self ib so in order to do this we have to go to the self ip and allow the port one zero two six first so we'll go to the self ip go to the etching which is used for the failover and see under port lockdown we haven't allowed any port so we have to allow the ha port first in order for two devices to go to be in sync so what we have to do is we have we go along custom right this is a udp port by default and similarly we have to go to the other node go to this l5 links go to lb and again none for no port is allowed so we do it custom we add port 1026 now once it is added now if we go to the overview see now we are seeing that node as online okay so what we can do is we can sync so what we are going to do is we will be syncing the configuration of left 01 to lab02 so we have selected push distracted device configuration to the group means whatever configuration is there on the left zero one will be will be there on left02 as well once we click sync so now the syncing is in process so once the initial sink is done now the f5 is in sync so one of the node become this standby and another one become the active so now both the nodes are in sync so whatever config we will do on the one node that will be automatically uh that will be that needs to be manually synced as we have uh selected the manual sync option so whatever configuration will do if we do a manual sync then that configuration will be available in on the another node as well so let's configure a load balancer now so we'll add a node first so there are two nodes already added right so once there once uh once these two f5 are in sync both the f5 would be having these two nodes configured and if i delete us one node on this f5 let me read this node so so if i remove this node from here then it shows that there are changes which has been done on this node and it is not yet seen so in order to sync that changes i'll click here now it shows me that this f5 is configured at 640 and the another node was configured 627 so this is the latest configuration now what i'll do i'll push the device configuration to this group and sync the configuration now the configuration is sent now if you check on this f5 it will only having it will be only having one node so this f5 is automatically synced with the configuration and now it has only one node so we'll configure a virtual server now on the active node name would okay be virtual server or the address would be okay port would be 80. and this will be using automation finish so now we have the virtual server configured in this node so if you go to this virtual server and go to the resources to add a pool this will be default tool now after the virtual server configuration this shows the changes are pending and if you go to the other node it doesn't have the virtual server configuration as of now because we haven't seen the f5 manually so what we have to do we have to again click on changes binding now this is the f5 which is latest configured at 646. so what we will do we will select this f5 and then we will push the configuration to the group hit on sync now the f5 are in sync so if we go to the standby node again and if we just refresh it now it has the web server configuration so so we have verified that this thing is working fine now see how now we will test the failover in order to testify we'll put a ping on the um as of now this virtual server is active on this node and what we will be doing we will make this node offline and then we will see how failover works and how this node become how other node become active okay so what we have to do we simply go to this node and shut it down so now this node is shutting down let's monitor the pin response as of now this node is up it is not yet down see once the note goes down there were two timeout and now the other node is i do not become active so this is how failover works there was a slight uh description in the traffic now this node will become as active see now this node is active and the other node is down so our failover is working still we are able to access the virtual server to this node this is how failover works in f5 hope this video is helpful for you if you like this video please do subscribe to my channel and and like this video thank you

Info

Channel: Varun Agrawal

Views: 1,927

Rating: undefined out of 5

Keywords: F5 HA, F5 High Availability, F5 floating ip, f5 failover, floating self ip, F5 device group, F5 ha manual sync

Id: DTV6MQjzsAw

Channel Id: undefined

Length: 29min 4sec (1744 seconds)

Published: Tue Mar 16 2021