Manual Chapter : Managing Pools & Pool Members

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 7.1.0
Manual Chapter

Managing Pools & Pool Members

How do I manage the objects that reside on managed devices?

The workflows for creating a new object, or for changing the settings for objects that already reside on a managed device, are very similar. In each case, there are four tasks to perform.
This figure illustrates the workflow to manage the objects on BIG-IP devices. Changing the settings or creating the object is the second step in this process.
Change managed object workflow
Workflow for changing object settings on a managed device

What pool and pool member management tasks can I perform?

There are a number of ways you can use BIG-IQ Centralized Management to manage the pools and pool members on your managed BIG-IP devices:
  • Create a new pool or pool member.
  • Modify an existing pool or pool member.
  • View statistics for a pool.
  • Deploy the pool and pool member immediately to your managed device; for pool members, you can enable, disable, or force offline immediately.
    You (or someone else) can also deploy your changes later. For more information about managing changes, look on
    support.F5.com
    in
    F5 BIG-IQ Centralized Management: Device
    for the topic:
    Deploying Changes
    .
  • Add or remove permissions for a pool or pool member, and assign them to roles that have been defined on this BIG-IQ system. For more information about managing permissions, look on
    support.F5.com
    in
    F5 BIG-IQ Centralized Management: Authentication, Roles, and User Management
    .

Create a new pool

You can use the BIG-IQ Local Traffic interface to add a pool to a managed device. You group together this logical set of devices, such as web servers,to receive and process your application traffic.
When revising configurations on devices that belong to a high availability cluster, it is important to let the changes synchronize to the cluster members instead of trying to make the same changes to multiple devices. If you try to replicate changes you made on one device in the cluster, the next config sync attempt could fail.
This is a shared object. Shared objects do not deploy to a device unless they are attached to a device-specific object. The table lists device-specific and shared objects. When you create a shared object, remember that you must associate it with a device-specific object before you can deploy it to a device.
Device Specific Objects
Shared Objects
Node
Certificates and Keys
Pool
Eviction Policies
SNAT Pool
iRules
Virtual Server
Monitors
Profiles
  1. At the top of the screen, click
    Configuration
    , then, on the left, click
    LOCAL TRAFFIC
    Pools
    .
    The screen displays the list of pools defined on this device.
    If you select the check box for a pool, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this pool relates.
  2. Click
    Create
    .
    The New Pool screen opens.
  3. Type a
    Name
    for the pool you are creating.
  4. If the device for which you are creating this pool is in a silo as part of a conflict resolution work flow, select that
    Silo
    here; otherwise, leave the default setting.
    For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer to
    BIG-IQ: Resolving Device Object Conflicts
    on
    support.f5.com
    .
  5. Select the
    Device
    on which to create the pool.
  6. For
    Partition
    , type the name of the BIG-IP device partition on which you want to create the pool.
    In the AS3 user interface, the BIG-IP device partition to which services deploy is referred to as the
    tenant
    . Do not deploy any objects to a partition that has been used to deploy AS3 application services using the Configuration tab. For additional detail about partitions and tenants, refer to
    AS3 tenant name details
    in the
    Managing BIG-IQ AS3 templates
    article on
    support.f5.com
  7. Specify the additional settings needed to suit the requirements for this pool.
    The remaining parameters on this screen are optional and perform the same function as they do when you configure a pool on a BIG-IP device.
    For details about the purpose or function of a particular setting, refer to the
    Pools
    chapter in the
    BIG-IP Local Traffic Manager: Concepts guide
    on
    support.f5.com
    .
  8. To add a new pool member for this pool, click
    New Member
    .
    You can either add members to this pool now, or save the empty pool and add members later.
    1. Specify the
      Node Type
      :
      • If you want the new member to be an existing BIG-IP node, select
        Existing Node
        and then select the
        Node
        .
      • If you want the new member to be identified by an IP address, select
        New Node
        and then type the
        Node Name
        and
        Node Address
        for the node.
    2. Type the service
      Port
      for the pool member.
    3. Specify the additional settings needed to suit the requirements for this pool member.
      The remaining parameters on this screen are optional and perform the same function as they do when you configure a pool member on a BIG-IP device.
      For details about the purpose or function of a particular setting, refer to the
      Pools
      chapter in the
      BIG-IP Local Traffic Manager: Concepts guide
      on
      support.f5.com
      refer to the BIG-IP reference information on
      support.f5.com
      .
    4. When you finish specifying the settings for this pool member, click
      Save & Close
      .
    The new pool member is added to the specifications for the pool you are creating.
    When you create a new pool member while creating a new pool, the new pool member is not actually created until you save the new pool. When you create a new pool member for an existing pool member, the new member is ready to use as soon as you save it.
  9. When you finish specifying the settings for this pool, click
    Save & Close
    .
    The system creates the new pool with the settings you specified.
When you finish specifying the settings for the new pool, you need to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Create a new pool member

You can use the BIG-IQ Local Traffic interface to add a pool member to a pool.
This is a shared object. Shared objects do not deploy to a device unless they are attached to a device-specific object. The table lists device-specific and shared objects. When you create a shared object, remember that you must associate it with a device-specific object before you can deploy it to a device.
Device Specific Objects
Shared Objects
Node
Certificates and Keys
Pool
Eviction Policies
SNAT Pool
iRules
Virtual Server
Monitors
Profiles
  1. At the top of the screen, click
    Configuration
    , then, on the left, click
    LOCAL TRAFFIC
    Pools
    .
    The screen displays the list of pools defined on this device.
    If you select the check box for a pool, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this pool relates.
  2. Click the name of the pool to which you are going to add a new member.
    The properties screen for that pool opens.
  3. Near the bottom of the screen, click the
    New Member
    button.
    The New Pool Member screen opens.
  4. Specify the
    Node Type
    :
    • If you want the new member to be an existing BIG-IP node, select
      Existing Node
      and then select the
      Node
      .
    • If you want the new member to be identified by an IP address, select
      New Node
      and then type the
      Node Name
      and
      Node Address
      for the node.
  5. Type the service
    Port
    for the pool member.
  6. Specify the additional settings needed to suit the requirements for this pool member.
    The remaining parameters on this screen are optional and perform the same function as they do when you configure a pool member on a BIG-IP device.
    For details about the purpose or function of a particular setting, refer to the BIG-IP reference information on
    support.f5.com
    .
  7. When you finish specifying the settings for this pool member, click
    Save & Close
    .
  8. Click
    Save & Close
    .
    The system creates the new pool member with the settings you specified.
When you finish specifying the settings for the new pool member, you next need to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

How do I delegate pool member management tasks?

BIG-IQ Centralized Management makes it straightforward for you to delegate users' permissions (enable, disable, or force offline) that allow users to manage pool members for only the specific pools you assign to them.
To provide enable, disable, and force offline permissions for a specific set of pool members, you need to perform three tasks. Consider an example scenario in which you have 10 pools that service your Alaska clients, and you want to delegate management authority for the pool members in those pools. Here are the tasks you would perform:
  1. Add a custom resource group and assign pools to it
    - In this task, you specify the pools that you want your delegate to manage and name the resource group (for example,
    Alaska Services Pools
    ).
  2. Add a custom role
    - When you create a role, you specify a role type and associate it with a resource group. The role type defines the permissions, and the resource group defines the objects to which those permissions apply.
    • You name the new role something intuitive (for example:
      Alaska Services Pool Manager
      ).
    • You assign the built in role type named
      Pool Member Operator
      . This role has all the permissions (enable , disable, and force offline) needed, so you do not need a custom role.
    • Assign the role to the
      Alaska Services Pools
      resource group you just created.
  3. Add a custom user
    - Finally, you create a user and assign them the
    Alaska Services Pool Manager
    role. Users who log in with this user name will have the permissions (defined by the role type) and access scope (defined by the resource group) to manage the pool members that belong to the 10 pools in the
    Alaska Services Pools
    resource group.
For step-by-step guidance on each of these tasks, refer to
How do I give users customized permissions to specific BIG-IP resources based on their job responsibilities?
on
support.f5.com
.

Create a new node

You can use the BIG-IQ Local Traffic interface to add a node to a managed device.
Nodes are the basis for creating a load balancing pool. For any server that you want to be part of a load balancing pool, you must first create a node, that is, designate that server as a node. After designating the server as a node, you can add the node to a pool as a pool member. You can also associate a health monitor with the node, to report the status of that server.
When revising configurations on devices that belong to a high availability cluster, it is important to let the changes synchronize to the cluster members instead of trying to make the same changes to multiple devices. If you try to replicate changes you made on one device in the cluster, the next config sync attempt could fail.
  1. At the top of the screen, click
    Configuration
    , then, on the left, click
    LOCAL TRAFFIC
    Nodes
    .
    The screen displays the list of nodes defined on this device.
    If you select the check box for a node, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this node relates.
  2. Click
    Create
    .
    The New Node screen opens.
  3. Type a
    Name
    for the node you are creating.
  4. If the device for which you are creating this node is in a silo as part of a conflict resolution work flow, select that
    Silo
    here; otherwise, leave the default setting.
    For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer to
    BIG-IQ: Resolving Device Object Conflicts
    on
    support.f5.com
    .
  5. Select the
    Device
    on which to create the node.
  6. Type in the IP
    Address
    that identifies the new node.
  7. For
    Partition
    , type the name of the BIG-IP device partition on which you want to create the node.
    In the AS3 user interface, the BIG-IP device partition to which services deploy is referred to as the
    tenant
    . Do not deploy any objects to a partition that has been used to deploy AS3 application services using the Configuration tab. For additional detail about partitions and tenants, refer to
    AS3 tenant name details
    in the
    Managing BIG-IQ AS3 templates
    article on
    support.f5.com
  8. Specify the additional settings needed to suit the requirements for this node.
    The remaining parameters on this screen are optional and perform the same function as they do when you configure a node on a BIG-IP device.
    For details about the purpose or function of a particular setting, refer to the BIG-IP reference information on
    support.f5.com
    .
  9. Click
    Save & Close
    .
    The system creates the new node with the settings you specified.
When you finish specifying the settings for the new node, you need to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Change settings for a pool

Using the BIG-IQ user interface to make revisions to your pool configurations simplifies managing your devices.
If you revise configurations on devices that belong to a high availability cluster, the system synchronizes BIG-IQ cluster members automatically when you deploy the change. Do not try to make the same changes to multiple devices. If you try to replicate changes you made on one device in the cluster, the next config sync attempt could fail.
  1. At the top of the screen, click
    Configuration
    , then, on the left, click
    LOCAL TRAFFIC
    Pools
    .
    The screen displays the list of pools defined on this device.
    If you select the check box for a pool, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this pool relates.
  2. Click the name of the pool that you want to change.
    If you select the check box for the pool instead of the name, you can either delete or deploy the pool, or you can view statistics for the pool.
    The Properties screen for the pool opens.
  3. Make changes to the pool properties you want to modify.
    For detailed information on the impact of using a particular pool parameter value, refer to the
    BIG-IP Local Traffic Manager: Implementations
    on
    support.f5.com
    . For the most comprehensive detail, use the work flow that best matches the purpose of the pool you are configuring.
  4. You can expand the Advanced Properties area and make additional pool parameter changes.
  5. When you are satisfied with the changes you have made to the pool, click
    Save & Close
    .
    The revisions you saved are made, and the Properties screen for the pool closes.
Changes that you make to pools or pool members relate only to the pending version. The
pending version
serves as a repository for changes you stage before deploying them to the managed device. Object settings for the pending version are not the same as the object settings on the actual BIG-IP device until they are deployed or discarded.
When you finish revising the settings for this pool, you should evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Change settings for a pool member

Using the BIG-IQ user interface to make revisions to your pool member configurations simplifies managing your devices.
If you revise configurations on devices that belong to a high availability cluster, the system synchronizes BIG-IQ cluster members automatically when you deploy the change. Do not try to manually make the same changes to multiple devices. If you try to replicate changes you made on one device in the cluster, the next config sync attempt could fail.
  1. At the top of the screen, click
    Configuration
    , then, on the left, click
    LOCAL TRAFFIC
    Pool Members
    .
    The screen displays the list of pool members defined on this device.
    If you select the check box for a pool, you can either enable, disable, or force the pool member offline. You can also view details about other configuration objects to which this pool member relates.
  2. Click the name of the pool member that you want to change.
    The Properties screen for the pool member opens.
  3. Make changes to the pool member properties that you want to modify.
  4. When you are satisfied with the changes you have made to the pool member, click
    Save & Close
    .
    The revisions you saved are made, and the Properties screen for the pool member closes.
Changes that you make to pool members relate only to the pending version. The
pending version
serves as a repository for changes you stage before deploying them to the managed device. Object settings for the pending version are not the same as the object settings on the actual BIG-IP device until they are deployed or discarded.
When you finish revising the settings for this pool member, you should evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Make bulk changes to a set of pool members

Your must have read/write access to the pool that this set of pool members belongs to before you can make changes to those pool members.
Using the BIG-IQ user interface to enable, disable, or force offline a group of pool members simplifies managing your devices.
If you revise configurations on devices that belong to a high availability cluster, the system synchronizes BIG-IQ cluster members automatically when you deploy the change. Do not try to manually make the same changes to multiple devices. If you try to individually replicate changes you made on one device in the cluster, the next config sync attempt could fail.
  1. At the top of the screen, click
    Configuration
    , then, on the left, click
    LOCAL TRAFFIC
    Pool Members
    .
    The screen displays the list of pool members defined on this device.
    If you select the check box for a pool, you can either enable, disable, or force the pool member offline. You can also view details about other configuration objects to which this pool member relates.
  2. Select the check box for the pool members that you want to change.
  3. Click the button for the bulk action you want to take (
    Enable
    ,
    Disable
    , or
    Force Offline
    ).
  4. Specify when you want the change to occur.
    When you change the state for a pool member, a prompt displays. You have three response options to this prompt.
    • If you want the change to occur immediately, click
      Change Now
      .
    • If you want the change to occur later, click
      Change Later
      . You can then evaluate and deploy the state change at a more convenient time.
    • If you decide not to make the change at all, click
      Cancel
      .
  • When you click
    Change Now
    , it triggers an immediate deployment to the devices that house the impacted pool members.
  • When you click
    Change Later
    , changes that you make to pool members are made only to the pending version. The
    pending version
    serves as a repository for changes you stage before deploying them to the managed device. Object settings for the pending version are not the same as the object settings on the actual BIG-IP device until they are deployed or discarded.
When you finish revising the settings for these pool members, the next task depends on whether you elected to change now or change later.
  • If you chose
    Change Now
    , you do not need to do anything more to make your changes to the managed devices.
  • If you chose
    Change Later
    , the next step is to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Create a new SNAT pool

You can use the BIG-IQ Local Traffic interface to add a secure network address translation (SNAT) pool to a managed device. If the default route on the servers does not route responses back through your device, you can use SNAT to route your traffic.
When revising configurations on devices that belong to a high availability cluster, it is important to let the changes synchronize to the cluster members instead of trying to make the same changes to multiple devices. If you try to manually replicate changes you made on one device in the cluster, the next config sync attempt could fail.
  1. At the top of the screen, click
    Configuration
    , then, on the left, click
    LOCAL TRAFFIC
    SNAT Pools
    .
    The SNAT Pools screen displays a list of SNAT translation members defined on this device.
    If you select the check box for a SNAT pool, you can delete it. You can also view details about other configuration objects to which this snat pool relates.
  2. Click
    Create
    .
    The New SNAT Pool screen opens.
  3. Type a
    Name
    for the SNAT pool you are creating.
  4. If the device for which you are creating this SNAT pool is in a silo as part of a conflict resolution work flow, select that
    Silo
    here; otherwise, leave the default setting.
    For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer to
    BIG-IQ: Resolving Device Object Conflicts
    on
    support.f5.com
    .
  5. Select the
    Device
    on which to create the SNAT pool.
  6. In the
    Member List
    , type the IP address of the first SNAT translation member you want to include in the SNAT pool.
    Use the
    +
    button to add more members, or you can use the
    x
    button to delete a member.
  7. Type the name of the
    Partition
    in which you want to create this SNAT pool.
    An 
    administrative partition
     is a logical container that you create that contains a defined set of BIG-IP system objects. If you enter a partition name that does not exist, you get an error when you try to deploy this SNAT pool.
  8. Click
    Save & Close
    .
    The system creates the new SNAT pool with the settings you specified.
When you finish specifying the settings for the new SNAT pool, you should evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.