Applies To:
Show VersionsBIG-IQ Centralized Management
- 6.1.0, 6.0.1
Prerequisites
What should I know about estimating disk space requirements devices in a DCD cluster?
When estimating how much disk space you'll need for the devices in your data collection device cluster, consider these things:
- Number of BIG-IP devices you're managing
- Alert rate and size
- Data retention policy
Determining available disk space for devices in a DCD cluster
What resources do I need if I’m just collecting statistics?
We’ve created a spreadsheet and a script to help you determine how many DCDs you need (and how much storage you need on each one) to handle the data generated by the BIG-IP devices you manage. You can download these tools from downloads.f5.com.
The spreadsheet uses metrics that you provide to calculate your resource requirements.
Using the sizing tools to estimate resources for statistics collection
What resources do I need to collect ASM data?
Use this table to estimate the number of DCDs necessary to collect and display ASM event data from BIG-IP devices.
- If you are using an off-box logging solution to log ASM events, review a week’s worth of alert logs to identify the logging load you need to support. Take note of both the average and maximum alerts per second.
- If you are logging ASM events locally on the BIG-IP device, you can also use those logs to identify your peak event logging rates. Compare the peak rates against the alerts per second (Alerts/Sec column) to estimate the number of DCDs you need.
- If you have not yet deployed an ASM solution in your environment, but you have an estimate of your application’s peak HTTP/HTTPS traffic requirements, you can estimate your logging needs by projecting that 10% of your peak traffic could generate logging events. You can then use that value to estimate the number of DCDs you need.
Alerts/Sec | Data Redundancy | Recommended DCD count |
---|---|---|
10000 | No | 1 |
14000 | Yes | 2 |
17000 | Yes | 3 |
20000 | Yes | 4 |
23000 | Yes | 5 |
26000 | Yes | 6 |
- The sizing recommendations in this table assume that you provision your DCDs with 8 cores/CPUs and 32 GB of memory.
- When you choose an alert rate, consider both the average and peak loads that you anticipate. If your peak loads are frequent, consider provisioning additional data-collection nodes for the increased load. Also, when you determine your peak rates, plan for growth by considering the rate at which you expect your traffic load to increase.
What resources do I need to collect APM data?
For APM®, we provide a spreadsheet and a script to help you determine the number of DCDs required to handle the data generated by the BIG-IP® devices you manage. You can download these tools from downloads.f5.com. The APM data script collects metrics for the data your APM devices generate and stores the data in a file on your BIG-IP device.
If you use another logging mechanism, you can run reports (such as log reports or sessions reports) to get this data.
Even with the script, it might be tedious to collect data from each of your BIG-IP devices, so we recommend that you take the values from one of the BIG-IP devices with the most users and access profiles to account for the worst-case scenario.
Using the script to estimate resources for APM data collection
What resources do I need to collect FPS data?
Use this table to estimate the number of DCDs necessary to collect and display FPS alert data from BIG-IP devices.
- If you are using an off-box logging solution to log FPS events, review a week’s worth of alert logs to identify the logging load you need to support. Take note of both the average and maximum alerts per second.
To determine the peak alerts/second rate to use in the table, first estimate the peak user load for the protected application over your highest period of production hours, and then plug that value into the following calculation:
<peak user load> users/(peak duration (h)*60m*60s)≈ number of logins/sec ≈ number of alerts/sec
For example, if you estimate that there are, at most, 1 million users logging in to access your FPS environment over a 4-hour timespan, the calculation results in a login rate of:
1,000,000 users/(4h*60m*60s) = ≈ 70 logins/sec ≈ 70 alerts/sec
Although each user login does not generate an alert, even single user logins or application transactions can generate multiple alerts depending on the protection policy’s configuration. For determining the number of DCDs needed to operate during peak conditions, 70 alerts per second is a reasonable assumption for this login rate.
Alerts/Sec | Data Redundancy | Recommended DCD count |
---|---|---|
100 | No | 1 |
200 | Yes | 2 |
300 | Yes | 3 |
400 | Yes | 4 |
500 | Yes | 5 |
600 | Yes | 6 |
- The sizing recommendations in this table assume that you provision your DCDs with 8 cores/CPUs and 32 GB of memory.
- When you choose an alert rate, consider both the average and peak loads that you anticipate. If your peak loads are frequent, consider provisioning additional data-collection nodes for the increased load. Also, when you determine your peak rates, plan for growth by considering the rate at which you expect your traffic load to increase.
- The outgoing data rate from your BIG-IP devices also depends on the FPS policy configuration, the number of simultaneous application users, and their expected transaction rate.
- The scale numbers provided assume the use of three forwarding rules (100% syslog forwarding, 10% SOC forwarding, 10% customer forwarding), and 17000 transform rules.
What resources do I need to collect data for multiple modules?
Use this process to estimate the number of DCDs that you need to collect and display more than one kind of data from your BIG-IP devices.
- Perform the estimate for each module independently.
- Record the maximum number of DCDs recommended by any one estimate.
- Sum the total storage needed by all estimates.
- Divide the result in step 3 by the result of step 2.
For example:
You’ve performed the estimate for an ASM module, and the result is 2 DCDs and 60GB of storage.
You’ve performed the estimate for Statistics, and the result is 3 DCDs and 120GB of storage.
In this example, the maximum number of DCDs is 3 and the sum of the total storage is 180GB. Consequently, the recommendation is 3 DCDs (the maximum, from the statistics estimate) and 60GB storage (The sum of both, divided by the recommended number of DCDs).