reference deployment

BIG-IP Virtual Edition (VE) on AWS

Application delivery, load balancing, and security services platform from F5 Networks

This Quick Start deploys a BIG-IP Virtual Edition (VE) cluster on the Amazon Web Services (AWS) Cloud in about 30 minutes.

BIG-IP VE is an application delivery and security services platform from F5 Networks that provides speed, availability, and security for business-critical applications and networks. It enables intelligent L4-L7 load balancing and traffic management, robust network and web application firewalls, simplified application access, Domain Name System (DNS) services, and much more.

This Quick Start deploys an automatically scaled group of BIG-IP VE instances provisioned with Local Traffic Manager (LTM), which performs uniform resource identifier (URI) routing, Secure Sockets Layer (SSL) encryption, and automatic discovery of automatically scaled web applications. The Quick Start uses AWS CloudFormation templates to build the AWS infrastructure and to deploy BIG-IP VE.

f5-networks-logo

This Quick Start was developed by F5 Networks in collaboration with AWS. F5 Networks is an
APN Partner.

  •  What you'll build
  •  How to deploy
  •  Cost and licenses
  •  What you'll build
  • Use this Quick Start to set up the following environment on AWS:

    • A highly available architecture that spans two Availability Zones.*
    • A virtual private cloud (VPC) configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS.*
    • An internet gateway to provide access to the internet. This gateway is used by the bastion hosts to send and receive traffic.*
    • In the public subnets, managed network address translation (NAT) gateways to allow outbound internet access for resources in the private subnets.*
    • In the public subnets, a Linux bastion host in an Auto Scaling group to allow inbound Secure Shell (SSH) access to Amazon Elastic Compute Cloud (Amazon EC2) instances in public and private subnets.*
    • A Network Load Balancer that provides inbound access to the BIG-IP VE Auto Scaling group via HTTPS load balancing over port 443.
    • In the private subnets, BIG-IP VE instances in an Auto Scaling group, in active/active status. The BIG-IP VE instances filter and load-balance the traffic to the automatically scaled web application instances and keep track of those instances by using the service discovery tool. The automatically scaled BIG-IP instances use various AWS services, including the following:
      • Amazon CloudWatch, to send custom metrics for Auto Scaling
      • An Amazon Simple Storage Service (Amazon S3) bucket, to store cluster data and backup files
      • Amazon Simple Queue Service (Amazon SQS), for cluster members to communicate with one another
      • Amazon Simple Notification Service (Amazon SNS), to send updates for scaling events
      • AWS Lambda, to facilitate tearing down the deployment
    • (Optional) In the private subnets, two simple web applications, named WebApp1 and WebApp2, in separate Auto Scaling groups. These web applications simulate a Multi-AZ web application farm that receives traffic from BIG-IP VE.

    * The template that deploys the Quick Start into an existing VPC skips the tasks marked by asterisks and prompts you for your existing VPC configuration.

  •  How to deploy
  • To build your BIG-IP VE environment on AWS, follow the instructions in the deployment guide. The deployment process includes these steps:

    1. If you don't already have an AWS account, sign up at https://aws.amazon.com.
    2. Subscribe to an Amazon Machine Image (AMI) for BIG-IP VE in AWS Marketplace, choosing from the list in the deployment guide.
    3. Launch the Quick Start. You can choose from two options:
    4. Test the deployment.

    To customize your deployment, you can choose different instance types for your BIG-IP VE instances, configure Auto Scaling groups, and change web application settings.

  •  Cost and licenses
  • You are responsible for the cost of the AWS services used while running this Quick Start reference deployment. There is no additional cost for using the Quick Start.

    The AWS CloudFormation template for this Quick Start includes configuration parameters that you can customize. Some of these settings, such as instance type, will affect the cost of deployment. See the pricing pages for each AWS service for cost estimates. Prices are subject to change.

    Tip   After you deploy the Quick Start, we recommend that you enable the AWS Cost and Usage Report to track costs associated with the Quick Start. This report delivers billing metrics to an Amazon Simple Storage Service (Amazon S3) bucket in your account. It provides cost estimates based on usage throughout each month, and finalizes the data at the end of the month. For more information about the report, see the AWS documentation.

    This Quick Start uses an Amazon Machine Image (AMI) from AWS Marketplace for the BIG-IP VE software. You can choose an AMI based on three factors: license model, throughput, and bundling option.

    • License model: Pay As You Go (PAYG) or Bring Your Own License (BYOL)*
    • Throughput: 25 Mbps, 200 Mbps, 1 Gbps, or 5 Gbps
    • Bundle: Good, Better, Best, or Per-App LTM

    See the deployment guide for a complete list of AMIs. If you're deploying the Quick Start for evaluation purposes, we recommend that you use the F5 BIG-IP Virtual Edition – Per-App LTM – (PAYG, 25 Mbps) AMI option.

    * This Quick Start uses PAYG AMIs for a standalone, automatically scaled deployment. BYOL AMIs are for use with traditional static or F5 BIG-IQ managed deployments. For more information about these licensing options, see K14810: Overview of BIG-IP VE license and throughput limits on the F5 website.