These tasks are required to deploy a single NIC configuration of BIG-IP® VE and to configure HTTPS web traffic to flow through it. Each of these tasks is documented in detail later in this guide.
|1||Create a virtual private cloud (VPC)||Use the AWS VPC wizard to create a VPC with a single subnet.||Subnet: 10.0.0.0/24|
|2||Deploy a BIG-IP VE instance||From the AWS Marketplace, choose an F5® BIG-IP VE image (with hourly/annual license if you plan to use Auto Scaling). When you deploy the instance, choose the VPC you created earlier.||Interface: eth0
Primary Private IP: 10.0.0.200
|3||Create an Elastic IP (EIP) address||Create an Elastic IP address and associate it with the BIG-IP VE instance. You will use this IP address to access the BIG-IP Configuration utility and to access your application servers (by way of the virtual server).||Elastic IP: 52.x.y.x|
|4||Connect to the BIG-IP VE instance and set the admin password||Before you can license and provision BIG-IP VE, use SSH and your key pair to connect to the instance and set a strong password.||In tmsh, type modify auth password admin|
|5||Log in and license and provision BIG-IP VE||Connect to the Configuration utility (https://<ElasticIP>:8443) and license and provision BIG-IP VE. If you have trouble accessing the Configuration utility, check the AWS security groups to ensure that they allow the appropriate traffic.|
|6||In BIG-IP VE, create a pool and virtual server||The virtual server provides a destination for your inbound web traffic, and points to the pool of web servers.||Pool name: web_pool
Virtual IP address: 10.0.0.200, service port: 443
You can make these rules more secure by listing ranges of IP addresses as the source that will have access to BIG-IP VE.
Hourly instances of BIG-IP VE also use the EIP for internet access so they can get a license from F5.
This example shows how to use PuTTy to connect, but you can use any SSH utility.
A separate web page opens.
BIG-IP VE logs you out.
|Name||A unique name|
|SSL Profile (Client)||clientssl|
|SSL Profile (Server)||serverssl|
|Source Address Translation||Auto Map|