Manual Chapter : Device Service Clustering for vCMP Systems

Applies To:

Show Versions Show Versions


  • 11.4.1
Manual Chapter

Overview: Device service clustering for vCMP systems

One of the tasks of a vCMP guest administrator is to configure device service clustering (DSC). Using DSC, a guest administrator can implement config sync, failover, and mirroring across two or more hardware devices. Configuring DSC is the same on a vCMP system as on non-virtualized systems, except that the members of a device group are virtual devices (guests) rather than physical devices.

When configuring DSC, a guest administrator creates a device group that consists of vCMP guests as members, where each member is deployed on a separate BIG-IP device.

For example, for a pair of appliances with three guests each, you can create three separate Sync-Failover device groups in an active-standby configuration. Each device group has two members:

  • guest_A on device_1 and guest_A on device_2
  • guest_B on device_1 and guest_B on device_2
  • guest_C on device_1 and guest_C on device_2

Creating a device group that consists of guests on separate devices ensures that if a device member goes out of service, any active traffic groups on a guest can fail over to another member of the device.

This illustration shows this DSC configuration. The illustration shows two appliances, with three guests on each. Each guest and its equivalent guest on the other appliance form a separate Sync-Failover device group.

vCMP guests forming three device groups across two appliances vCMP guests forming three device groups across two appliances

Required IP addresses for DSC configuration

This table describes the types of IP addresses that a guest administrator specifies when configuring device service clustering (DSC) on a vCMP system.

Table 1. Required IP addresses for DSC configuration on a vCMP system
Configuration feature IP addresses required
Device trust The IP address that the vCMP host administrator assigned to the guest during guest creation.
Config sync Any non-floating self IP address on the guest that is associated with an internal VLAN on the host.
  • A unicast non-floating self IP address on the guest that is associated with an internal VLAN on the host (preferably VLAN HA)
  • The management IP address of the device.
Connection mirroring For both the primary and the secondary IP addresses, a non-floating self IP address on the guest that is associated with an internal VLAN on the host. The secondary address is optional.

Failover methods for vCMP guests

Each traffic group in a device service clustering (DSC) device group has a property known as a failover method. The failover method dictates the way that the system chooses a target device for failover. Available failover methods that the user can choose from are: load-aware failover, an ordered list, and an HA group.

The specific core allocation for a guest in a Sync-Failover device group determines the particular failover method that is appropriate for a DSC traffic group within the guest:

  • Guests in a device group that are identical in terms of core allocation are considered to be homogeneous guests. In this case, an ordered list would be an appropriate failover method, since relative capacity is equal among all guests.
  • Guests in a device group that differ from one another in terms of core allocation are considered to be heterogeneous guests. In this case, load-aware failover is an appropriate failover method because the guest administrator can define a relative capacity and relative traffic load for each guest.

An additional type of failover method is an HA group, which applies to both homogeneous and heterogeneous guests.

About HA groups for vCMP systems

For failover configuration, an alternative to using load-aware failover or an ordered list is to use HA groups. An HA group is a set of trunks, pools, or clusters (or any combination of these) that a guest administrator creates and associates with a traffic group. The most common reason to use HA groups is to ensure that failover is triggered when some number of trunk members become unavailable.

The BIG-IP system uses an HA group to calculate an overall health score for a guest. The guest that has the best overall score at any given time becomes or remains the active guest. With an HA group, the system triggers failover of a traffic group based on changes to trunk, pool, or cluster health instead of on system, gateway, or VLAN failure.

Because trunks are never synchronized between guests, the number of trunk members associated with an HA group often differs between guests on separate devices whenever a trunk loses or gains members.

About connection mirroring for vCMP systems

Connection mirroring is a device service clustering (DSC) feature that allows a device to mirror its connection and persistence information to another device. Connection mirroring prevents interruption in service during failover. On a vCMP system, the devices that mirror their connections to each other are virtual devices (vCMP guests).

Important: Within a Sync-Failover device group, a guest can only mirror its connections to one other guest. The two guests, as mirrored peers, must match with respect to core allocation.