Manual Chapter : Amazon Web Services Scaling Groups Overview

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 6.1.0, 6.0.1
Manual Chapter

Amazon Web Services Scaling Groups Overview

Overview: Auto-scaling BIG-IP VE devices in AWS cloud

F5® BIG-IQ® Centralized Management makes it straightforward for you to securely manage traffic to your applications in an AWS cloud using a service scaling group (SSG). You specify in the SSG the parameters that prompt the AWS cloud to dynamically and automatically deploy or delete BIG-IP® VE devices as needed.

From a centralized, single-pane of glass view, you can monitor the health and statistics of your applications as well as devices that are load balancing traffic and hosting applications. You can also set up alert thresholds to immediately notify you of certain events.

There are two primary deployment options for managing the BIG-IP VE devices in your SSG.

Option 1 - BIG-IQ Centralized Management in a private cloud or on-premises

Manage BIG-IP devices in an AWS cloud using a BIG-IQ system housed in your private cloud or on-premises environment. With this option, you need a VPN tunnel to communicate between BIG-IQ and the BIG-IP VE devices in the SSG.

Option 2 - BIG-IQ Centralized Management in the AWS cloud

Manage BIG-IP devices in an AWS cloud with a BIG-IQ system that is also in the AWS cloud.

Note: By default, the Classic Elastic Load Balancer uses the Round-Robin method for load balancing traffic to BIG-IP VE devices in an SSG. The BIG-IP devices also use Round-Robin by default to load balance traffic to its application servers.

After you set up the SSG, you can provide self-service application deployment rights to your application managers. With role-based access control, you simplify the application managers' experience by restricting their read/write access to only the resources they need to do their jobs with the ability to customize the applications they need to deploy (within your specified parameters). That means they don't have to ask you each time a new resource is needed. Application managers can also set up their own alerts for health notifications so they can keep an eye on things and let you know if there are issues you need to take care of.

How do I start auto-scaling BIG-IP VE devices in AWS?

Before you begin setting up an AWS service scaling group (SSG), you need to make a couple of decisions.
  • The primary decision is whether to house all of the resources needed for this SSG in the AWS environment, or to house everything except the devices in a private cloud.

  • The other significant decision is whether to use an AWS marketplace license or purchase a BYOL license in advance.
Regardless of where your resources reside, before you can set up an SSG you must install and configure a BIG-IQ device and a data collection device. When you house everything in AWS, you install them there. If your resources are in a private cloud or on-premise, then you install them as virtual editions there. When you use a private cloud or on-premise solution, you also need to configure a virtual private network to facilitate communication between your cloud and the service scaling group.
Note: For specifications and requirements for the VPN needed to facilitate communication between AWS and your private cloud, refer to Configuration requirements for an AWS VPN on

If you use an AWS marketplace license for the devices in your SSG, you set that up during your AWS environment configuration. If you use a BYOL license, you purchase it ahead of time, and then activate the pool of BYOL licenses on the BIG-IQ so it can act as a license server.

Instructions for setting up the BIG-IQ systems and data collection devices you need before you start configuring the SSG to manage applications are in the Planning and Implementing an F5 BIG IQ Centralized Management guide on

To start auto-scaling BIG-IP VE devices for applications in AWS, you need to complete these procedures.

  • Set up an environment on AWS that houses the resources for this SSG.

  • Create a BIG-IP device template that AWS uses to create BIG-IP VE devices when application traffic increases and you need to scale out.

  • Add provider and environmental details to BIG-IQ by creating an AWS cloud provider and cloud environment.

  • Create a service scaling group where you specify thresholds and alert settings for auto-scaling and health monitoring.

  • Create a service template to standardize an application for self-service deployment.

  • Give users role-based access to the service template and the service scaling group resources.

BIG-IP VE device licensing overview

New BIG-IP devices created for your service scaling group are licensed using one of two licensing options.
  • AWS Marketplace - If you use an F5 AWS Marketplace license, when you configure your AWS cloud environment on the BIG-IQ, you select the product offering that provides the kind of service and performance levels your applications require. When new instances are created, you get billed for the resources you consume. When those instances are no longer needed, you stop paying for them. This saves you money, because you aren't billed for any BIG-IP VE instances not being used.

  • Bring your own license (BYOL) - with this option, you pay all of your licensing fees up front. As long as your traffic is fairly steady and you have a pretty good idea of how much traffic to expect, this can save you money because the rates are less expensive when you pay in advance for the resources you need. When you choose this option, you purchase and activate the license before you configure the AWS cloud environment on the BIG-IQ.