Manual Chapter : Managing Pools & Pool Members

Applies To:

BIG-IQ Centralized Management

  • 8.4.0
  • 8.3.0
  • 8.2.0
  • 8.1.0
  • 8.0.0
  • 7.1.0
back-action BIG-IQ Centralized Management: Local Traffic and Network Implementations

Managing Pools & Pool Members

The workflows for creating a new object, or for changing the settings for objects that already reside on a managed device, are very similar. In each case, there are four tasks to perform.

This figure illustrates the workflow to manage the objects on BIG-IP devices. Changing the settings or creating the object is the second step in this process.

Change managed object workflow

There are a number of ways you can use BIG-IQ Centralized Management to manage the pools and pool members on your managed BIG-IP devices:

  • Create a new pool or pool member.

  • Modify an existing pool or pool member.

  • View statistics for a pool.

  • Deploy the pool and pool member immediately to your managed device; for pool members, you can enable, disable, or force offline immediately.

    Note: You (or someone else) can also deploy your changes later. For more information about managing changes, look on support.F5.com in F5 BIG-IQ Centralized Management: Device for the topic: Deploying Changes.

  • Add or remove permissions for a pool or pool member, and assign them to roles that have been defined on this BIG-IQ system. For more information about managing permissions, look on support.F5.com in F5 BIG-IQ Centralized Management: Authentication, Roles, and User Management.

You can use the BIG-IQ Local Traffic interface to add a pool to a managed device. You group together this logical set of devices, such as web servers,to receive and process your application traffic.

Important: When revising configurations on devices that belong to a high availability cluster, it is important to let the changes synchronize to the cluster members instead of trying to make the same changes to multiple devices. If you try to replicate changes you made on one device in the cluster, the next config sync attempt could fail.

Note: This is a shared object. Shared objects do not deploy to a device unless they are attached to a device-specific object. The table lists device-specific and shared objects. When you create a shared object, remember that you must associate it with a device-specific object before you can deploy it to a device.

Device Specific Objects Shared Objects
Node Certificates and Keys
Pool Eviction Policies
SNAT Pool iRules
Virtual Server Monitors
  Profiles

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Pools.

    The screen displays the list of pools defined on this device.

    Note: If you select the check box for a pool, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this pool relates.

  2. Click Create.

    The New Pool screen opens.

  3. Type a Name for the pool you are creating.

  4. If the device for which you are creating this pool is in a silo as part of a conflict resolution work flow, select that Silo here; otherwise, leave the default setting.

    Note: For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer to BIG-IQ: Resolving Device Object Conflicts on support.f5.com.

  5. Select the Device on which to create the pool.

  6. For Partition, type the name of the BIG-IP device partition on which you want to create the pool.

    Note: In the AS3 user interface, the BIG-IP device partition to which services deploy is referred to as the tenant. Do not deploy any objects to a partition that has been used to deploy AS3 application services using the Configuration tab. For additional detail about partitions and tenants, refer to AS3 tenant name details in the Managing BIG-IQ AS3 templates article on support.f5.com

  7. Specify the additional settings needed to suit the requirements for this pool.

    The remaining parameters on this screen are optional and perform the same function as they do when you configure a pool on a BIG-IP device.

    Note: For details about the purpose or function of a particular setting, refer to the Pools chapter in the BIG-IP Local Traffic Manager: Concepts guideon support.f5.com.

  8. To add a new pool member for this pool, click New Member.

    You can either add members to this pool now, or save the empty pool and add members later.

    1. Specify the Node Type:

      • If you want the new member to be an existing BIG-IP node, select Existing Node and then select the Node.
      • If you want the new member to be identified by an IP address, select New Node and then type the Node Name and Node Address for the node.

    2. Type the servicePort for the pool member.

    3. Specify the additional settings needed to suit the requirements for this pool member.

      The remaining parameters on this screen are optional and perform the same function as they do when you configure a pool member on a BIG-IP device.

      Note: For details about the purpose or function of a particular setting, refer to the Pools chapter in the BIG-IP Local Traffic Manager: Concepts guideon support.f5.com refer to the BIG-IP reference information on support.f5.com.

    4. When you finish specifying the settings for this pool member, click Save & Close.

    The new pool member is added to the specifications for the pool you are creating.

    Note: When you create a new pool member while creating a new pool, the new pool member is not actually created until you save the new pool. When you create a new pool member for an existing pool member, the new member is ready to use as soon as you save it.

  9. When you finish specifying the settings for this pool, click Save & Close.

    The system creates the new pool with the settings you specified.

When you finish specifying the settings for the new pool, you need to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

You can use the BIG-IQ Local Traffic interface to add a pool member to a pool.

Note: This is a shared object. Shared objects do not deploy to a device unless they are attached to a device-specific object. The table lists device-specific and shared objects. When you create a shared object, remember that you must associate it with a device-specific object before you can deploy it to a device.

Device Specific Objects Shared Objects
Node Certificates and Keys
Pool Eviction Policies
SNAT Pool iRules
Virtual Server Monitors
  Profiles

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Pools.

    The screen displays the list of pools defined on this device.

    Note: If you select the check box for a pool, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this pool relates.

  2. Click the name of the pool to which you are going to add a new member.

    The properties screen for that pool opens.

  3. Near the bottom of the screen, click the New Member button.

    The New Pool Member screen opens.

  4. Specify the Node Type:

    • If you want the new member to be an existing BIG-IP node, select Existing Node and then select the Node.
    • If you want the new member to be identified by an IP address, select New Node and then type the Node Name and Node Address for the node.

  5. Type the service Port for the pool member.

  6. Specify the additional settings needed to suit the requirements for this pool member.

    The remaining parameters on this screen are optional and perform the same function as they do when you configure a pool member on a BIG-IP device.

    Note: For details about the purpose or function of a particular setting, refer to the BIG-IP reference information on support.f5.com.

  7. When you finish specifying the settings for this pool member, click Save & Close.

  8. Click Save & Close.

    The system creates the new pool member with the settings you specified.

When you finish specifying the settings for the new pool member, you next need to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

BIG-IQ Centralized Management makes it straightforward for you to delegate users’ permissions (enable, disable, or force offline) that allow users to manage pool members for only the specific pools you assign to them.

To provide enable, disable, and force offline permissions for a specific set of pool members, you need to perform three tasks. Consider an example scenario in which you have 10 pools that service your Alaska clients, and you want to delegate management authority for the pool members in those pools. Here are the tasks you would perform:

  1. Add a custom resource group and assign pools to it - In this task, you specify the pools that you want your delegate to manage and name the resource group (for example, Alaska Services Pools).
  2. Add a custom role - When you create a role, you specify a role type and associate it with a resource group. The role type defines the permissions, and the resource group defines the objects to which those permissions apply.
    • You name the new role something intuitive (for example: Alaska Services Pool Manager).
    • You assign the built in role type named Pool Member Operator. This role has all the permissions (enable , disable, and force offline) needed, so you do not need a custom role.
    • Assign the role to the Alaska Services Pools resource group you just created.
  3. Add a custom user - Finally, you create a user and assign them the Alaska Services Pool Manager role. Users who log in with this user name will have the permissions (defined by the role type) and access scope (defined by the resource group) to manage the pool members that belong to the 10 pools in the Alaska Services Pools resource group.

For step-by-step guidance on each of these tasks, refer to How do I give users customized permissions to specific BIG-IP resources based on their job responsibilities? on support.f5.com.

You can use the BIG-IQ Local Traffic interface to add a node to a managed device.

Nodes are the basis for creating a load balancing pool. For any server that you want to be part of a load balancing pool, you must first create a node, that is, designate that server as a node. After designating the server as a node, you can add the node to a pool as a pool member. You can also associate a health monitor with the node, to report the status of that server.

Important: When revising configurations on devices that belong to a high availability cluster, it is important to let the changes synchronize to the cluster members instead of trying to make the same changes to multiple devices. If you try to replicate changes you made on one device in the cluster, the next config sync attempt could fail.

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Nodes.

    The screen displays the list of nodes defined on this device.

    Note: If you select the check box for a node, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this node relates.

  2. Click Create.

    The New Node screen opens.

  3. Type a Name for the node you are creating.

  4. If the device for which you are creating this node is in a silo as part of a conflict resolution work flow, select that Silo here; otherwise, leave the default setting.

    Note: For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer to BIG-IQ: Resolving Device Object Conflicts on support.f5.com.

  5. Select the Device on which to create the node.

  6. Type in the IP Address that identifies the new node.

  7. For Partition, type the name of the BIG-IP device partition on which you want to create the node.

    Note: In the AS3 user interface, the BIG-IP device partition to which services deploy is referred to as the tenant. Do not deploy any objects to a partition that has been used to deploy AS3 application services using the Configuration tab. For additional detail about partitions and tenants, refer to AS3 tenant name details in the Managing BIG-IQ AS3 templates article on support.f5.com

  8. Specify the additional settings needed to suit the requirements for this node.

    The remaining parameters on this screen are optional and perform the same function as they do when you configure a node on a BIG-IP device.

    Note: For details about the purpose or function of a particular setting, refer to the BIG-IP reference information on support.f5.com.

  9. Click Save & Close.

    The system creates the new node with the settings you specified.

When you finish specifying the settings for the new node, you need to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Using the BIG-IQ user interface to make revisions to your pool configurations simplifies managing your devices.

Important: If you revise configurations on devices that belong to a high availability cluster, the system synchronizes BIG-IQ cluster members automatically when you deploy the change. Do not try to make the same changes to multiple devices. If you try to replicate changes you made on one device in the cluster, the next config sync attempt could fail.

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Pools.

    The screen displays the list of pools defined on this device.

    Note: If you select the check box for a pool, you can either delete it, deploy it, or view statistics for it. You can also view details about other configuration objects to which this pool relates.

  2. Click the name of the pool that you want to change.

    If you select the check box for the pool instead of the name, you can either delete or deploy the pool, or you can view statistics for the pool.

    The Properties screen for the pool opens.

  3. Make changes to the pool properties you want to modify.

    Note: For detailed information on the impact of using a particular pool parameter value, refer to the BIG-IP Local Traffic Manager: Implementations on support.f5.com. For the most comprehensive detail, use the work flow that best matches the purpose of the pool you are configuring.

  4. You can expand the Advanced Properties area and make additional pool parameter changes.

  5. When you are satisfied with the changes you have made to the pool, click Save & Close.

    The revisions you saved are made, and the Properties screen for the pool closes.

Changes that you make to pools or pool members relate only to the pending version. The pending version serves as a repository for changes you stage before deploying them to the managed device. Object settings for the pending version are not the same as the object settings on the actual BIG-IP device until they are deployed or discarded.

When you finish revising the settings for this pool, you should evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Using the BIG-IQ user interface to make revisions to your pool member configurations simplifies managing your devices.

Important: If you revise configurations on devices that belong to a high availability cluster, the system synchronizes BIG-IQ cluster members automatically when you deploy the change. Do not try to manually make the same changes to multiple devices. If you try to replicate changes you made on one device in the cluster, the next config sync attempt could fail.

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Pool Members.

    The screen displays the list of pool members defined on this device.

    Note: If you select the check box for a pool, you can either enable, disable, or force the pool member offline. You can also view details about other configuration objects to which this pool member relates.

  2. Click the name of the pool member that you want to change.

    The Properties screen for the pool member opens.

  3. Make changes to the pool member properties that you want to modify.

  4. When you are satisfied with the changes you have made to the pool member, click Save & Close.

    The revisions you saved are made, and the Properties screen for the pool member closes.

Changes that you make to pool members relate only to the pending version. The pending version serves as a repository for changes you stage before deploying them to the managed device. Object settings for the pending version are not the same as the object settings on the actual BIG-IP device until they are deployed or discarded.

When you finish revising the settings for this pool member, you should evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Your must have read/write access to the pool that this set of pool members belongs to before you can make changes to those pool members.

Using the BIG-IQ user interface to enable, disable, or force offline a group of pool members simplifies managing your devices.

Important: If you revise configurations on devices that belong to a high availability cluster, the system synchronizes BIG-IQ cluster members automatically when you deploy the change. Do not try to manually make the same changes to multiple devices. If you try to individually replicate changes you made on one device in the cluster, the next config sync attempt could fail.

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Pool Members.

    The screen displays the list of pool members defined on this device.

    Note: If you select the check box for a pool, you can either enable, disable, or force the pool member offline. You can also view details about other configuration objects to which this pool member relates.

  2. Select the check box for the pool members that you want to change.

  3. Click the button for the bulk action you want to take (Enable, Disable, or Force Offline).

  4. Specify when you want the change to occur.

    When you change the state for a pool member, a prompt displays. You have three response options to this prompt.

    • If you want the change to occur immediately, click Change Now.
    • If you want the change to occur later, click Change Later. You can then evaluate and deploy the state change at a more convenient time.
    • If you decide not to make the change at all, click Cancel.
  • When you click Change Now, it triggers an immediate deployment to the devices that house the impacted pool members.
  • When you click Change Later, changes that you make to pool members are made only to the pending version. The pending version serves as a repository for changes you stage before deploying them to the managed device. Object settings for the pending version are not the same as the object settings on the actual BIG-IP device until they are deployed or discarded.

When you finish revising the settings for these pool members, the next task depends on whether you elected to change now or change later.

  • If you chose Change Now, you do not need to do anything more to make your changes to the managed devices.
  • If you chose Change Later, the next step is to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

You can use the BIG-IQ Local Traffic interface to add a secure network address translation (SNAT) pool to a managed device. If the default route on the servers does not route responses back through your device, you can use SNAT to route your traffic.

Important: When revising configurations on devices that belong to a high availability cluster, it is important to let the changes synchronize to the cluster members instead of trying to make the same changes to multiple devices. If you try to manually replicate changes you made on one device in the cluster, the next config sync attempt could fail.

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > SNAT Pools.

    The SNAT Pools screen displays a list of SNAT translation members defined on this device.

    Note: If you select the check box for a SNAT pool, you can delete it. You can also view details about other configuration objects to which this snat pool relates.

  2. Click Create.

    The New SNAT Pool screen opens.

  3. Type a Name for the SNAT pool you are creating.

  4. If the device for which you are creating this SNAT pool is in a silo as part of a conflict resolution work flow, select that Silo here; otherwise, leave the default setting.

    Note: For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer to BIG-IQ: Resolving Device Object Conflicts on support.f5.com.

  5. Select the Device on which to create the SNAT pool.

  6. In the Member List, type the IP address of the first SNAT translation member you want to include in the SNAT pool.

    Use the + button to add more members, or you can use the x button to delete a member.

  7. Type the name of the Partition in which you want to create this SNAT pool.

    An administrative partition is a logical container that you create that contains a defined set of BIG-IP system objects. If you enter a partition name that does not exist, you get an error when you try to deploy this SNAT pool.

  8. Click Save & Close.

    The system creates the new SNAT pool with the settings you specified.

When you finish specifying the settings for the new SNAT pool, you should evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.