Manual Chapter :
Managing Pools &
Pool Members
Applies To:
Show VersionsBIG-IQ Centralized Management
- 8.3.0, 8.2.0, 8.1.0, 8.0.0, 7.1.0
Managing Pools &
Pool Members
How do I manage the objects that reside on managed devices?
The workflows for creating a new object, or for changing the settings
for objects that already reside on a managed device, are very similar. In each case, there
are four tasks to perform.
This figure illustrates the workflow to manage the objects on BIG-IP
devices. Changing the settings or creating the object is the second step in this
process.
What pool and pool member management tasks
can I perform?
There are a number of ways you can use BIG-IQ Centralized Management to
manage the pools and pool members on your managed BIG-IP devices:
- Create a new pool or pool member.
- Modify an existing pool or pool member.
- View statistics for a pool.
- Deploy the pool and pool member immediately to your managed device; for pool members, you can enable, disable, or force offline immediately.You (or someone else) can also deploy your changes later. For more information about managing changes, look onsupport.F5.cominF5 BIG-IQ Centralized Management: Devicefor the topic:Deploying Changes.
- Add or remove permissions for a pool or pool member, and assign them to roles that have been defined on this BIG-IQ system. For more information about managing permissions, look onsupport.F5.cominF5 BIG-IQ Centralized Management: Authentication, Roles, and User Management.
Create a new pool
You can use the BIG-IQ Local Traffic interface to
add a pool to a managed device. You group together this logical set of devices, such as
web servers,to receive and process your application traffic.
When revising configurations on devices that belong to a high
availability cluster, it is important to let the changes synchronize to the cluster
members instead of trying to make the same changes to multiple devices. If you try
to replicate changes you made on one device in the cluster, the next config sync
attempt could fail.
This is a shared object. Shared
objects do not deploy to a device unless they are attached to a device-specific
object. The table lists device-specific and shared objects. When you create a
shared object, remember that you must associate it with a device-specific object
before you can deploy it to a device.
Device Specific Objects |
Shared Objects |
---|---|
Node |
Certificates and Keys |
Pool |
Eviction Policies |
SNAT Pool |
iRules |
Virtual Server |
Monitors |
Profiles |
- At the top of the screen, clickConfiguration, then, on the left, click .The screen displays the list of pools defined on this device.If you select the check box for a pool, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this pool relates.
- ClickCreate.The New Pool screen opens.
- Type aNamefor the pool you are creating.
- If the device for which you are creating this pool is in a silo as part of a conflict resolution work flow, select thatSilohere; otherwise, leave the default setting.For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer toBIG-IQ: Resolving Device Object Conflictsonsupport.f5.com.
- Select theDeviceon which to create the pool.
- ForPartition, type the name of the BIG-IP device partition on which you want to create the pool.In the AS3 user interface, the BIG-IP device partition to which services deploy is referred to as thetenant. Do not deploy any objects to a partition that has been used to deploy AS3 application services using the Configuration tab. For additional detail about partitions and tenants, refer toAS3 tenant name detailsin theManaging BIG-IQ AS3 templatesarticle onsupport.f5.com
- Specify the additional settings needed to suit the requirements for this pool.The remaining parameters on this screen are optional and perform the same function as they do when you configure a pool on a BIG-IP device.For details about the purpose or function of a particular setting, refer to thePoolschapter in theBIG-IP Local Traffic Manager: Concepts guideon.support.f5.com
- To add a new pool member for this pool, clickNew Member.You can either add members to this pool now, or save the empty pool and add members later.
- Specify theNode Type:
- If you want the new member to be an existing BIG-IP node, selectExisting Nodeand then select theNode.
- If you want the new member to be identified by an IP address, selectNew Nodeand then type theNode NameandNode Addressfor the node.
- Type the servicePortfor the pool member.
- Specify the additional settings needed to suit the requirements for this pool member.The remaining parameters on this screen are optional and perform the same function as they do when you configure a pool member on a BIG-IP device.For details about the purpose or function of a particular setting, refer to thePoolschapter in theBIG-IP Local Traffic Manager: Concepts guideonrefer to the BIG-IP reference information onsupport.f5.com.support.f5.com
- When you finish specifying the settings for this pool member, clickSave & Close.
The new pool member is added to the specifications for the pool you are creating.When you create a new pool member while creating a new pool, the new pool member is not actually created until you save the new pool. When you create a new pool member for an existing pool member, the new member is ready to use as soon as you save it. - When you finish specifying the settings for this pool, clickSave & Close.The system creates the new pool with the settings you specified.
When you finish specifying the settings for
the new pool, you need to evaluate and then deploy your changes to the target device.
Until you deploy these changes, objects on the managed device are not changed.
Create a new pool member
You can use the BIG-IQ Local Traffic interface to
add a pool member to a pool.
This is a shared object. Shared
objects do not deploy to a device unless they are attached to a device-specific
object. The table lists device-specific and shared objects. When you create a
shared object, remember that you must associate it with a device-specific object
before you can deploy it to a device.
Device Specific Objects |
Shared Objects |
---|---|
Node |
Certificates and Keys |
Pool |
Eviction Policies |
SNAT Pool |
iRules |
Virtual Server |
Monitors |
Profiles |
- At the top of the screen, clickConfiguration, then, on the left, click .The screen displays the list of pools defined on this device.If you select the check box for a pool, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this pool relates.
- Click the name of the pool to which you are going to add a new member.The properties screen for that pool opens.
- Near the bottom of the screen, click theNew Memberbutton.The New Pool Member screen opens.
- Specify theNode Type:
- If you want the new member to be an existing BIG-IP node, selectExisting Nodeand then select theNode.
- If you want the new member to be identified by an IP address, selectNew Nodeand then type theNode NameandNode Addressfor the node.
- Type the servicePortfor the pool member.
- Specify the additional settings needed to suit the requirements for this pool member.The remaining parameters on this screen are optional and perform the same function as they do when you configure a pool member on a BIG-IP device.For details about the purpose or function of a particular setting, refer to the BIG-IP reference information on.support.f5.com
- When you finish specifying the settings for this pool member, clickSave & Close.
- ClickSave & Close.The system creates the new pool member with the settings you specified.
When you finish specifying the settings for
the new pool member, you next need to evaluate and then deploy your changes to the
target device. Until you deploy these changes, objects on the managed device are not
changed.
How do I delegate pool member management tasks?
BIG-IQ Centralized Management makes it straightforward for you to
delegate users' permissions (enable, disable, or force offline) that allow users to manage pool
members for only the specific pools you assign to them.
To provide enable, disable, and force offline permissions for a specific set of pool members,
you need to perform three tasks. Consider an example scenario
in which you have 10 pools that service your Alaska clients, and you want to delegate
management authority for the pool members in those pools. Here are the tasks you would
perform:
- Add a custom resource group and assign pools to it- In this task, you specify the pools that you want your delegate to manage and name the resource group (for example,Alaska Services Pools).
- Add a custom role- When you create a role, you specify a role type and associate it with a resource group. The role type defines the permissions, and the resource group defines the objects to which those permissions apply.
- You name the new role something intuitive (for example:Alaska Services Pool Manager).
- You assign the built in role type namedPool Member Operator. This role has all the permissions (enable , disable, and force offline) needed, so you do not need a custom role.
- Assign the role to theAlaska Services Poolsresource group you just created.
- Add a custom user- Finally, you create a user and assign them theAlaska Services Pool Managerrole. Users who log in with this user name will have the permissions (defined by the role type) and access scope (defined by the resource group) to manage the pool members that belong to the 10 pools in theAlaska Services Poolsresource group.
For step-by-step guidance on each of these tasks, refer to
How do I give users
customized permissions to specific BIG-IP resources based on their job
responsibilities?
on support.f5.com
.Create a new node
You can use the BIG-IQ Local Traffic interface to add a node to a
managed device.
Nodes are the basis for creating a load balancing pool. For any
server that you want to be part of a load balancing pool, you must first create a
node, that is, designate that server as a node. After designating the server as a
node, you can add the node to a pool as a pool member. You can also associate a
health monitor with the node, to report the status of that server.
When revising configurations on devices
that belong to a high availability cluster, it is important to let the changes
synchronize to the cluster members instead of trying to make the same changes to
multiple devices. If you try to replicate changes you made on one device in the
cluster, the next config sync attempt could fail.
- At the top of the screen, clickConfiguration, then, on the left, click .The screen displays the list of nodes defined on this device.If you select the check box for a node, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this node relates.
- ClickCreate.The New Node screen opens.
- Type aNamefor the node you are creating.
- If the device for which you are creating this node is in a silo as part of a conflict resolution work flow, select thatSilohere; otherwise, leave the default setting.For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer toBIG-IQ: Resolving Device Object Conflictsonsupport.f5.com.
- Select theDeviceon which to create the node.
- Type in the IPAddressthat identifies the new node.
- ForPartition, type the name of the BIG-IP device partition on which you want to create the node.In the AS3 user interface, the BIG-IP device partition to which services deploy is referred to as thetenant. Do not deploy any objects to a partition that has been used to deploy AS3 application services using the Configuration tab. For additional detail about partitions and tenants, refer toAS3 tenant name detailsin theManaging BIG-IQ AS3 templatesarticle onsupport.f5.com
- Specify the additional settings needed to suit the requirements for this node.The remaining parameters on this screen are optional and perform the same function as they do when you configure a node on a BIG-IP device.For details about the purpose or function of a particular setting, refer to the BIG-IP reference information on.support.f5.com
- ClickSave & Close.The system creates the new node with the settings you specified.
When you finish specifying the settings for
the new node, you need to evaluate and then deploy your changes to the target device.
Until you deploy these changes, objects on the managed device are not changed.
Change settings for
a pool
Using the BIG-IQ user interface to make revisions
to your pool configurations simplifies managing your devices.
If you revise
configurations on devices that belong to a high availability cluster, the system
synchronizes BIG-IQ cluster members automatically when you deploy the change. Do not
try to make the same changes to multiple devices. If you try to replicate changes
you made on one device in the cluster, the next config sync attempt could fail.
- At the top of the screen, clickConfiguration, then, on the left, click .The screen displays the list of pools defined on this device.If you select the check box for a pool, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this pool relates.
- Click the name of the pool that you want to change.If you select the check box for the pool instead of the name, you can either delete or deploy the pool, or you can view statistics for the pool.The Properties screen for the pool opens.
- Make changes to the pool properties you want to modify.For detailed information on the impact of using a particular pool parameter value, refer to theBIG-IP Local Traffic Manager: Implementationsonsupport.f5.com. For the most comprehensive detail, use the work flow that best matches the purpose of the pool you are configuring.
- You can expand the Advanced Properties area and make additional pool parameter changes.
- When you are satisfied with the changes you have made to the pool, clickSave & Close.The revisions you saved are made, and the Properties screen for the pool closes.
Changes that you make to pools or pool members relate only to the pending version.
The
pending version
serves as a repository for
changes you stage before deploying them to the managed device. Object settings for the
pending version are not the same as the object settings on the actual BIG-IP device
until they are deployed or discarded. When you finish revising the settings for
this pool, you should evaluate and then deploy your changes to the target
device. Until you deploy these changes, objects on the managed device are not
changed.
Change settings for a pool member
Using the BIG-IQ user interface to make revisions to your pool member configurations
simplifies managing your devices.
If you revise configurations on
devices that belong to a high availability cluster, the system synchronizes BIG-IQ
cluster members automatically when you deploy the change. Do not try to manually make the
same changes to multiple devices. If you try to replicate changes you made on one
device in the cluster, the next config sync attempt could fail.
- At the top of the screen, clickConfiguration, then, on the left, click .The screen displays the list of pool members defined on this device.If you select the check box for a pool, you can either enable, disable, or force the pool member offline. You can also view details about other configuration objects to which this pool member relates.
- Click the name of the pool member that you want to change.The Properties screen for the pool member opens.
- Make changes to the pool member properties that you want to modify.
- When you are satisfied with the changes you have made to the pool member, clickSave & Close.The revisions you saved are made, and the Properties screen for the pool member closes.
Changes that you make to pool members
relate only to the pending version. The
pending version
serves as a
repository for changes you stage before deploying them to the managed device. Object
settings for the pending version are not the same as the object settings on the actual
BIG-IP device until they are deployed or discarded. When you finish revising the settings for
this pool member, you should evaluate and then deploy your changes to the
target device. Until you deploy these changes, objects on the managed device are not
changed.
Make bulk changes to a set of pool members
Your must have read/write access to the pool
that this set of pool members belongs to before you can make changes to those pool
members.
Using the BIG-IQ user interface to enable,
disable, or force offline a group of pool members simplifies managing your devices.
If you revise configurations on devices
that belong to a high availability cluster, the system synchronizes BIG-IQ cluster
members automatically when you deploy the change. Do not try to manually make the
same changes to multiple devices. If you try to individually replicate changes you
made on one device in the cluster, the next config sync attempt could fail.
- At the top of the screen, clickConfiguration, then, on the left, click .The screen displays the list of pool members defined on this device.If you select the check box for a pool, you can either enable, disable, or force the pool member offline. You can also view details about other configuration objects to which this pool member relates.
- Select the check box for the pool members that you want to change.
- Click the button for the bulk action you want to take (Enable,Disable, orForce Offline).
- Specify when you want the change to occur.When you change the state for a pool member, a prompt displays. You have three response options to this prompt.
- If you want the change to occur immediately, clickChange Now.
- If you want the change to occur later, clickChange Later. You can then evaluate and deploy the state change at a more convenient time.
- If you decide not to make the change at all, clickCancel.
- When you clickChange Now, it triggers an immediate deployment to the devices that house the impacted pool members.
- When you clickChange Later, changes that you make to pool members are made only to the pending version. Thepending versionserves as a repository for changes you stage before deploying them to the managed device. Object settings for the pending version are not the same as the object settings on the actual BIG-IP device until they are deployed or discarded.
When you finish revising the settings for
these pool members, the next task depends on whether you elected to change now or change
later.
- If you choseChange Now, you do not need to do anything more to make your changes to the managed devices.
- If you choseChange Later, the next step is to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.
Create a new SNAT pool
You can use the BIG-IQ Local Traffic interface to add a secure
network address translation (SNAT) pool to a managed device. If the default route on
the servers does not route responses back through your device, you can use SNAT to
route your traffic.
When revising configurations on devices
that belong to a high availability cluster, it is important to let the changes
synchronize to the cluster members instead of trying to make the same changes to
multiple devices. If you try to manually replicate changes you made on one device in
the cluster, the next config sync attempt could fail.
- At the top of the screen, clickConfiguration, then, on the left, click .The SNAT Pools screen displays a list of SNAT translation members defined on this device.If you select the check box for a SNAT pool, you can delete it. You can also view details about other configuration objects to which this snat pool relates.
- ClickCreate.The New SNAT Pool screen opens.
- Type aNamefor the SNAT pool you are creating.
- If the device for which you are creating this SNAT pool is in a silo as part of a conflict resolution work flow, select thatSilohere; otherwise, leave the default setting.For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer toBIG-IQ: Resolving Device Object Conflictsonsupport.f5.com.
- Select theDeviceon which to create the SNAT pool.
- In theMember List, type the IP address of the first SNAT translation member you want to include in the SNAT pool.Use the+button to add more members, or you can use thexbutton to delete a member.
- Type the name of thePartitionin which you want to create this SNAT pool.Anadministrative partitionis a logical container that you create that contains a defined set of BIG-IP system objects. If you enter a partition name that does not exist, you get an error when you try to deploy this SNAT pool.
- ClickSave & Close.The system creates the new SNAT pool with the settings you specified.
When you finish specifying the settings for
the new SNAT pool, you should evaluate and then deploy your changes to the target
device. Until you deploy these changes, objects on the managed device are not
changed.