F5 - Commandes LTM pour la création de nodes, pools et virtual server
Alasta 5 Juillet 2015 f5 cli network F5
Description : Nous allons voir quelques commandes pour créer des nodes, pools et VS en cli/tmsh
Partie Nodes :
1 # Monitor par défaut
2 tmsh> create ltm node N-HTTP-EU-010 address 1.1.1.10 monitor default
3 tmsh> create ltm node N-HTTP-EU-011 address 1.1.1.11 monitor default
4
5 # Avec un monitor spécifique
6 tmsh> create ltm node N-HTTP-EU-013 address 1.1.1.13 monitor https_443
7
8 # Modification du monitor
9 tmsh> modify ltm node N-HTTP-EU-013 monitor default
10
11 # Suppresion d'un node
12 tmsh> delete ltm node N-HTTP-EU-013
13
14 # Liste des nodes
15 tmsh> list ltm node
16 ltm node N-HTTP-EU-010 {
17 address 1.1.1.10
18 }
19 ltm node N-HTTP-EU-011 {
20 address 1.1.1.11
21 }
22 ltm node N-HTTP-EU-012 {
23 address 1.1.1.12
24 }
25
26 # Liste node avec plus ou moins d'option
27 tmsh> list ltm node state
28 ltm node N-HTTP-EU-010 {
29 state unchecked
30 }
31 ltm node N-HTTP-EU-011 {
32 state unchecked
33 }
34 ltm node N-HTTP-EU-012 {
35 state unchecked
36 }
37
38 tmsh> list ltm node metadata ratio session
39 ltm node N-HTTP-EU-010 {
40 metadata none
41 ratio 1
42 session user-enabled
43 }
44 ltm node N-HTTP-EU-011 {
45 metadata none
46 ratio 1
47 session user-enabled
48 }
49 ltm node N-HTTP-EU-012 {
50 metadata none
51 ratio 1
52 session user-enabled
53 }
54
55 # Information sur un host spécifique
56 tmsh> list ltm node N-HTTP-EU-010 session
57 ltm node N-HTTP-EU-010 {
58 session user-enabled
59 }
Partie Pool :
1 # Création dun pool avec 2 membres, méthode de load-balancing par defaut
2 tmsh> create ltm pool P-HTTP-EU-002 monitor "gateway_icmp" members add { N-HTTP-EU-010:80 N-HTTP-EU-011:80 }
3
4 # Ajout d'un pool member
5 tmsh> modify ltm pool P-HTTP-EU-002 members add { N-HTTP-EU-012:80 }
6
7 # Suppression d'un pool member
8 tmsh> modify ltm pool P-HTTP-EU-002 members del { N-HTTP-EU-012:80 }
9
10 # Modification du monitor et methàde de load-balancing ajout de node
11 tmsh> modify ltm pool P-HTTP-EU-002 monitor "gateway_icmp" members add { N-HTTP-EU-012:80 {priority-group 2} } load-balancing-mode observed-member min-active-members 1
12
13 # Suppression d'un pool
14 tmsh> delete ltm pool P-HTTP-EU-001
15
16 # Affiche les pools
17 tmsh> ltm pool P-HTTP-EU-002 {
18 members {
19 N-HTTP-EU-010:http {
20 address 1.1.1.10
21 session monitor-enabled
22 state down
23 }
24 N-HTTP-EU-011:http {
25 address 1.1.1.11
26 session monitor-enabled
27 state down
28 }
29 N-HTTP-EU-012:http {
30 address 1.1.1.12
31 priority-group 2
32 session monitor-enabled
33 state down
34 }
35 }
36 monitor gateway_icmp
37 }
38 ltm pool P-HTTP-EU-003 {
39 members {
40 N-HTTP-EU-010:http {
41 address 1.1.1.10
42 session monitor-enabled
43 state down
44 }
45 N-HTTP-EU-011:http {
46 address 1.1.1.11
47 session monitor-enabled
48 state down
49 }
50 }
51 monitor gateway_icmp
52 }
53
54 # Affiche un pool spécifique
55 tmsh> list ltm pool P-HTTP-EU-002
56 ltm pool P-HTTP-EU-002 {
57 members {
58 N-HTTP-EU-010:http {
59 address 1.1.1.10
60 session monitor-enabled
61 state down
62 }
63 N-HTTP-EU-011:http {
64 address 1.1.1.11
65 session monitor-enabled
66 state down
67 }
68 N-HTTP-EU-012:http {
69 address 1.1.1.12
70 priority-group 2
71 session monitor-enabled
72 state down
73 }
74 }
75 monitor gateway_icmp
76 }
Partie Virtual Server :
1 tmsh> create ltm virtual VS-HTTPS-EU-001 destination 3.3.3.3:443 pool P-HTTPS-EU-001 persist replace-all-with {source_addr} vlans add {VLAN_FWL} vlans-enabled profiles replace-all-with { /Common/tcp-wan-optimized } ip-protocol tcp
2
3 # Création d'un Virtual Server
4 tmsh> create ltm virtual VS-HTTP-EU-001 destination 3.3.3.3:80 pool P-HTTP-EU-002 description "VS HTTP Europe URL 1" persist replace-all-with {source_addr} vlans add {VLAN_FWL} vlans-enabled profiles replace-all-with { /Common/tcp-wan-optimized } ip-protocol tcp
5
6 # Modification du pool
7 tmsh> modify ltm virtual VS-HTTP-EU-001 pool P-HTTP-EU-002
8
9 # Affichage des virtual server
10 tmsh> list ltm virtual
11 ltm virtual VS-HTTP-EU-001 {
12 description "VS HTTP Europe URL 1"
13 destination 3.3.3.3:http
14 ip-protocol tcp
15 mask 255.255.255.255
16 persist {
17 source_addr {
18 default yes
19 }
20 }
21 pool P-HTTP-EU-002
22 profiles {
23 tcp-wan-optimized { }
24 }
25 source 0.0.0.0/0
26 vlans {
27 VLAN_FWL
28 }
29 vlans-enabled
30 }
Ménage
1 tmsh> delete ltm virtual all
2 tmsh> delete ltm pool all
3 tmsh> delete ltm node all
Autres :
VLAN :
1 # Création de VLAN
2 tmsh> create net vlan VLAN_FWL
3
4 # Affiche un vlan avec plus ou moins d'informations
5 tmsh> list net vlan internal interfaces
6 net vlan internal {
7 interfaces {
8 1.1 {
9 app-service none
10 untagged
11 }
12 }
13 }
14 tmsh> list net vlan internal
15 net vlan internal {
16 if-index 96
17 interfaces {
18 1.1 { }
19 }
20 tag 4094
21 }
Monitor
1 # Création d'un monitor
2 tmsh> create ltm monitor http M_HTTP send "GET /\r\n " interval 3 timeout 4
3
4 # Affichage des monitors non F5
5 tmsh> list ltm monitor
6 ltm monitor http M_HTTP {
7 defaults-from http
8 destination :
9 interval 3
10 send "GET /\r\n "
11 time-until-up 0
12 timeout 4
13 }
14
15 tmsh> list ltm monitor all-properties
16 ltm monitor http M_HTTP {
17 app-service none
18 defaults-from http
19 description none
20 destination :
21 interval 3
22 manual-resume disabled
23 partition Common
24 password none
25 recv none
26 recv-disable none
27 reverse disabled
28 send "GET /\r\n "
29 time-until-up 0
30 timeout 4
31 transparent disabled
32 up-interval 0
33 username none
34 }
35
36 # Afficher tous les monitors de type http F5 compris
37 tmsh> list ltm monitor http [all-properties]
38 ltm monitor http M_HTTP {
39 defaults-from http
40 destination :
41 interval 3
42 send "GET /\r\n "
43 time-until-up 0
44 timeout 4
45 }
46 ltm monitor http http {
47 destination :
48 interval 5
49 send "GET /\r\n"
50 time-until-up 0
51 timeout 16
52 }
53 ltm monitor http http_head_f5 {
54 defaults-from http
55 destination :
56 interval 5
57 recv Server\:
58 send "HEAD / HTTP/1.0\r\n\r\n"
59 time-until-up 0
60 timeout 16
61 }
Héritage
