Manual Chapter : Managing Virtual Servers

Applies To:

BIG-IQ Centralized Management

  • 8.4.0
  • 8.3.0
  • 8.2.0
  • 8.1.0
  • 8.0.0
  • 7.1.0
back-action BIG-IQ Centralized Management: Local Traffic and Network Implementations

Managing Virtual Servers

The workflows for creating a new object, or for changing the settings for objects that already reside on a managed device, are very similar. In each case, there are four tasks to perform.

This figure illustrates the workflow to manage the objects on BIG-IP devices. Changing the settings or creating the object is the second step in this process.

Change managed object workflow

There are a number of ways you can use BIG-IQ Centralized Management to manage the virtual servers on the managed BIG-IP devices:

  • Create a new virtual server.

  • Modify an existing virtual server.

  • Clone the settings of an existing virtual server to create a new one.

  • Attach a sequence of iRules to a virtual server.

  • View statistics for a virtual server.

  • Deploy the virtual server immediately to your managed device.

    Note: You (or someone else) can also deploy your changes later. For more information about managing changes, look on support.F5.com in F5 BIG-IQ Centralized Management: Device for the topic: Deploying Changes.

  • Add or remove permissions for a virtual server and assign them to roles that have been defined on this BIG-IQ system. For more information about managing permissions, look on support.F5.com in F5 BIG-IQ Centralized Management: Licensing and Initial Setup for the topic: Users, User Groups, Roles, and Authentication.

In BIG-IQ Centralized Management, you can use the Local Traffic interface to add a virtual server to handle application traffic on a managed device.

Important: When you are revising configurations on devices that belong to a high availability cluster, it is important to let the changes synchronize to the cluster members instead of trying to make the same changes to multiple devices. If you try to replicate changes you made on one device in the cluster, the next config sync attempt could fail.

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Virtual Servers.

    The screen displays the list of virtual servers defined on this device.

    Note: If you select the check box for a virtual server, you can delete it, clone it, attach iRules to it, view statistics for it, or deploy it. You can also view details about other configuration objects to which this virtual server relates.

  2. Click Create.

    The New Virtual Server screen opens.

  3. Type a Name for the virtual server you are creating.

  4. If the device for which you are creating this virtual server is in a silo as part of a conflict resolution work flow, select that Silo here; otherwise, leave the default setting.

    Note: For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer to BIG-IQ: Resolving Device Object Conflicts on support.f5.com.

  5. Select the Device on which to create the virtual server.

    Once you select this option, the Configuration and Resources settings provide options based on your selected device.

  6. For Partition, type the name of the BIG-IP device partition on which you want to create the virtual server.

    Note: In the AS3 user interface, the BIG-IP device partition to which services deploy is referred to as the tenant. Do not deploy any objects to a partition that has been used to deploy AS3 application services using the Configuration tab. For additional detail about partitions and tenants, refer to AS3 tenant name details in the Managing BIG-IQ AS3 templates article on support.f5.com

  7. Specify the Destination Address that you want this virtual server to use.

    • To use one specific address, select Host, and type the IP address of the destination that you want this virtual server to send its traffic to.
    • To use a list of addresses, select Address List, and select the list of addresses that you want this virtual server to send its traffic to.

  8. In the Service Port field, type a service port number, or select a type from the list.

    When you select a type from the list, the value in the Service Port field changes to reflect the associated default, which you can change.

  9. Specify the additional settings needed to suit the requirements for this virtual server.

    The remaining parameters on this screen are optional and perform the same function as they do when you configure a virtual server on a BIG-IP device.

    Note: For details about the purpose or function of a particular setting, refer to the About Virtual Servers chapter in the BIG-IP Local Traffic Management: Basics guide on support.f5.com.

  10. Click Save & Close.

    The system creates the new virtual server with the settings you specified.

When you finish specifying the settings for the new virtual server, you should evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

You can use the BIG-IQ Local Traffic interface to create a new virtual server based on the specifications for an existing one. This can be a great time saver when you need to create several virtual servers that use a number of similar settings.

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Virtual Servers.

    The screen displays the list of virtual servers defined on this device.

    Note: If you select the check box for a virtual server, you can delete it, clone it, attach iRules to it, view statistics for it, or deploy it. You can also view details about other configuration objects to which this virtual server relates.

  2. Select the check box associated with the existing virtual server that you want to clone.

  3. Click the Clone button.

    The BIG-IQ creates a new virtual server using the settings of the one you selected, and opens the Virtual Servers - Clone screen so you can modify parameters that you need to change.

  4. To create this object as part of conflict resolution work flow, select the Silo you want to create it in; otherwise, leave the default setting (None).

    Note: For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer to Resolving Device Object Conflicts on support.f5.com.

  5. Modify the parameters for the new virtual server as needed.

    Important: Two virtual servers cannot share the same Destination Address, Protocol, and VLAN.

    Note: In the AS3 user interface, the BIG-IP device partition to which services deploy is referred to as the tenant. Do not deploy any objects to a partition that has been used to deploy AS3 application services using the Configuration tab. For additional detail about partitions and tenants, refer to AS3 tenant name details in the Managing BIG-IQ AS3 templates article on support.f5.com

  6. When you are satisfied with the settings for the new virtual server, click Save & Close.

    The system creates the new virtual server with the settings you specified.

When you finish specifying the settings for the new virtual server, the next step is to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

You can use the BIG-IQ Local Traffic interface to attach iRules to a set of virtual servers. Adding an iRule sequence to a group of servers all at once can save time and help you cut down on errors that result from performing repetitive tasks.

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Virtual Servers.

    The screen displays the list of virtual servers defined on this device.

    Note: If you select the check box for a virtual server, you can delete it, clone it, attach iRules to it, view statistics for it, or deploy it. You can also view details about other configuration objects to which this virtual server relates.

  2. Select the check boxes associated with the virtual servers to which you want to attach iRules.

  3. Click Attach iRules, and then click Attach iRules again to confirm.

    The Bulk Attach iRules screen opens.

  4. To specify which iRules to attach to the selected virtual servers, select them in the Available iRules list, and move them to the iRules to be Attached list.

  5. Specify the order in which you want the iRules to attach using the up and down arrows .

  6. For Location, specify the list position to attach these iRules.

    • To add the rules to the beginning of the existing list, click Attach to top of each virtual server’s iRules list.
    • To add the rules to the end of the existing list, click Attach to bottom of each virtual server’s iRules list.

  7. Use the Duplicate Policy setting to specify whether to keep the iRule list order for iRules that are already attached to the virtual servers.

    • To keep the existing list order, click Keep virtual servers’ existing rules list order.
    • To change the existing list order to what you specified previously, click Reorder virtual servers’ existing rules to preserve selected rules order.

  8. Click Save & Close.

Once you have finished revising the settings for this virtual server, you must evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Analytics allows your system to collect system and traffic data from the virtual servers on your managed BIG-IP devices. Once collected traffic data is displayed in graphical charts where you can drill down for more specific details to better understand network performance on certain devices, IP addresses, memory and CPU utilization, and so on. You can focus the statistics in the charts on different categories such as applications or virtual servers. There are two different kinds of analytics profiles that can be applied to your virtual servers, HTTP and TCP analytics.

HTP Analytics profiles
HTTP is used to for collecting web application statitics. For HTTP traffic, Analytics provides detailed metrics such as transactions per second, server and client latency, request and response throughput, and sessions. You can view metrics for applications, virtual servers, pool members, transaction outcomes,URLs, specific countries, and additional detailed statistics about application traffic running through the BIG-IP system.

Transaction counters for response codes, user agents, HTTP methods, countries, and IP addresses provide statistical analysis of HTTP traffic that is going through the system. You can capture HTTP traffic for examination, and have the system send alerts so you can troubleshoot problems and immediately react to sudden changes.

In addition Analytics uses this profile type to

TCP Analytics profile
TCP is used for collecting L4 traffic data. Reports show details about RTT (round trip time), goodput, connections, and packets. For TCP, you can also view statistics for delay analysis. Within these categories, you can display information by the requests side, applications, virtual servers, remote host IP addresses, subnet addresses, next hops, countries, cities, continents, or user provided keys. You can use the reports to gather information about TCP flows to better understand what is happening on your network. For example, you could view the charts by applications, then examine RTT averages, packet loss, and connection length to investigate user complaints about client/server latency.

To view centralized traffic data in BIG-IQ, you must license and provision AVR to on your virtual servers’ host device. For more information about configuring statistics collection, see BIG-IQ Monitoring and Reports on support.F5.com.

You can collect traffic statistics by attaching an Analytics profile to your virtual server.

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Virtual Servers.

    The screen displays the list of virtual servers defined on this device.

    Note: If you select the check box for a virtual server, you can delete it, clone it, attach iRules to it, view statistics for it, or deploy it. You can also view details about other configuration objects to which this virtual server relates.

  2. Click the name of the virtual server.

  3. To add Analytics to HTTP layer traffic, select a profile from the HTTP Analytics Profile field.

    Note: The system has a default HTTP Analytics profile. You can edit this profile, or create a child profile, by going to Configuration > LOCAL TRAFFIC > Profiles. For more information about the HTTP analytics profile settings, refer to BIG-IP Analytics: Implementations on support.F5.com.

  4. To add Analytics to TCP layer traffic, select a profile from the TCP Analytics Profile field.

    Note: The system has a default HTTP Analytics profile. You can edit this profile, or create a child profile, by going to Configuration > LOCAL TRAFFIC > Profiles. For more information about theTCP analytics profile settings, refer to BIG-IP Analytics: Implementations on support.F5.com.

  5. When you are satisfied with the changes you have made, click Save & Close.

    The revisions you saved are made, and the Properties screen for the selected object closes.

Changes that you make are made only to the pending version. The pending version serves as a repository for changes you stage before deploying them to the managed device. Object settings for the pending version are not the same as the object settings on the actual BIG-IP device until they are deployed or discarded.

Once you have finished revising the settings for this virtual server, the next step is to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.

Using the BIG-IQ user interface to make revisions to your virtual server configurations simplifies managing your devices by giving you a single interface to control all of your devices.

Important: If you revise configurations on devices that belong to a high availability cluster, this synchronizes BIG-IQ cluster members automatically when you deploy the change. Do not try to make the same changes to multiple devices. If you try to replicate changes you made on one device in the cluster, the next config sync attempt could fail.

  1. At the top of the screen, click Configuration, then, on the left, click LOCAL TRAFFIC > Virtual Servers.

    The screen displays the list of virtual servers defined on this device.

    Note: If you select the check box for a virtual server, you can delete it, clone it, attach iRules to it, view statistics for it, or deploy it. You can also view details about other configuration objects to which this virtual server relates.

  2. Click the name of the virtual server that you want to change.

    If you select the check box for the virtual server instead of the name, there are a couple of unique operations that you can perform. You can either clone a virtual server to create a new one based on the selected server (see Cloning a virtual server), or you can attach iRules to several virtual servers at once (see Attaching iRules to virtual servers).

    The Properties screen for the virtual server opens.

  3. Make changes to the properties you want to modify.

    Note: For detailed information on the impact of using a particular virtual server value, refer to BIG-IP Local Traffic Management: Basics on support.F5.com.

  4. If this object is in a silo as part of a conflict resolution work flow, the name of that Silo displays here; otherwise, this field is blank.

    Note: For detailed work flows explaining how you can use a silo to resolve configuration object conflicts, refer to Resolving Device Object Conflicts on support.f5.com.

  5. When you are satisfied with the changes you have made, click Save & Close.

    The revisions you saved are made, and the Properties screen for the selected object closes.

Changes that you make are made only to the pending version. The pending version serves as a repository for changes you stage before deploying them to the managed device. Object settings for the pending version are not the same as the object settings on the actual BIG-IP device until they are deployed or discarded.

Once you have finished revising the settings for this virtual server, the next step is to evaluate and then deploy your changes to the target device. Until you deploy these changes, objects on the managed device are not changed.