Applies To:

Show Versions Show Versions

Manual Chapter: Using Config Sync on Google Cloud Platform
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Sample single NIC config sync on Google Cloud Platform

The following diagram shows a basic deployment of two BIG-IP® VE instances in two separate zones. Each zone is in a different physical location, which helps ensure that your application remains available if one zone becomes unavailable.

In this deployment, the two BIG-IP VEs are synchronizing their configurations to one another; they are not communicating for the purpose of failover.

This deployment has the following benefits:
  • The two BIG-IP VEs are on different hardware, because they are in separate zones, and as such, both servers should not be down at the same time.
  • Changes on one BIG-IP VE are propagated to the other, because config sync is enabled.
  • Both BIG-IP VEs have Active status and are available to process traffic.
  • If one BIG-IP VE fails, the other BIG-IP VE continues to process traffic, though packets on the failed system are lost.
  • More traffic can be processed; if each BIG-IP VE has 1 Gbps of throughput, then together they have 2 Gbps.

Configure config sync on Google Cloud Platform

Before you can complete this task:
  • Both BIG-IP® VEs must be running the same version of BIG-IP VE system software.
  • The BIG-IP VEs must not have the same device name. To view the name, use the tmsh command: list /cm device. The device name is in the first line that is returned, for example cm device bigip1 {. To change the name, use mv cm device <current_device_name> <new_device_name> .
  • Firewall rules must allow traffic to port 4353 and 6699.
Enable config sync communication when you want to automatically or manually synchronize configuration information.
Note: The following steps apply to a single-NIC configuration only.
  1. Use an SSH tool to connect to each of the BIG-IP VEs.
  2. Ensure that you are at the tmsh prompt.
    tmsh
  3. On each BIG-IP VE, disable functionality that enforces single NIC setup.
    modify sys db provision.1nicautoconfig value disable
  4. Confirm that the value was set correctly by typing list sys db provision.1nicautoconfig.
    The following text is returned: value "disable".
  5. If the BIG-IP VE instances are in different zones (us-west1-a and us-west1-b, for example), you must move your default gateway to a different partition by completing the following tasks on each BIG-IP VE.
    1. View the existing routes and note the IP addresses.
      list net route
    2. Delete the default route.
      delete net route default
    3. Delete dhclient_route1.
      delete net route dhclient_route1
    4. Create a new partition.
      create sys folder /LOCAL_ONLY device-group none traffic-group traffic-group-local-only
    5. Create dhclient_route1 in the new partition.
      create net route /LOCAL_ONLY/dhclient_route1 network <gateway_ip_address>/32 interface /Common/internal
    6. Create the default route in the new partition.
      create net route /LOCAL_ONLY/default network default gw <route_IP_address>
    7. Save the configuration.
      save sys config
    8. Change to the LOCAL_ONLY partition and confirm the route.
      cd /LOCAL_ONLY
      list net route
    9. Change back to the Common partition.
      cd /Common
  6. Set up device trust and config sync.
    1. On each BIG-IP VE, specify the static private IP address of the BIG-IP VE itself.
      modify cm device <device_name> configsync-ip <private_ip_address>
    2. Establish device trust: On one BIG-IP VE, enter the static private IP address of the other BIG-IP VE, along with its user name and password.
      modify cm trust-domain add-device { ca-device true device-ip <peer_ip_address> device-name <peer_device_name> username <peer_username> password <peer_password> }
    3. On the same BIG-IP VE as the previous step, create a sync-failover device group with network failover disabled.
      create cm device-group <device_group_name> devices add { <all-bigip-device-names-separated-by-space> } type sync-failover auto-sync enabled network-failover disabled
    4. Sync the BIG-IP VE to the other BIG-IP VE.
      run cm config-sync to-group <device_group_name>
The BIG-IP VEs are now in sync.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)