Using F5 Big-IP as a Load Balancer for External Internet Connectivity

This section describes how to configure an N+1 redundancy configuration using the F5 Big-IP appliance as a load balancer for external internet connectivity through Solace Web messaging, as follows:

  1. Create a pool for web servers and add the internet-facing web server interface addresses to it.
  2. Create a pool for Solace PubSub+ event brokers and add the Internet-facing interface addresses of the event brokers to it.
  3. Create a virtual server. This is the server clients connect to.
  4. Configure the F5 Big-IP appliance as a load balancer to route requests to the Web servers or event brokers based on tags in the request URLs. This is done by creating an F5 iRule and associating it with the virtual server.

For example, consider the network shown in the figure below with two web servers, two Solace PubSub+ appliances, and one F5 Big-IP appliance acting as a load balancer. In this network the following is true:

  • Each of the Solace PubSub+ appliances is configured with a web-url-suffix matching its name. For example, the CLI configuration performed on Solace1 is:

    Solace1# configure
    Solace1(config)# service web-transport
    Solace1(config-service-web)# web-url-suffix ?appliance=Solace1

  • On the F5 Big-IP appliance acting as a load balancer, the web servers are added to a pool called web_server_pool while the Solace PubSub+ appliances are added to a pool called solace_appliance_pool.
  • The URL specified in the session properties by the application to the Solace Web messaging API contains the string https://203.0.113.1/FxPortal.

Figure 1 - N+1 Redundancy Configuration for External Internet Connectivity

N + 1 Redundancy

Given the above, the F5 iRule associated with the virtual server configured on the F5 Big-IP appliance acting as load balancer is:

when HTTP_REQUEST {
  if { [HTTP::path] starts_with "/FxPortal" } {
    if { [HTTP::uri] ends_with "?appliance=Solace1" } {
      node 10.10.2.1 80
    } elseif { [HTTP::uri] ends_with "?appliance=Solace2" } {
      node 10.10.2.2 80
    } else {
      pool solace_appliance_pool
    }
  } else {
    pool web_server_pool
  }
}

The client connects to the virtual server/load balancer. If, for example, the user types the following address into their browser address bar: https://203.0.113.1/

The F5 Big-IP appliance routes the above request to one of the web servers, which returns the application to the client’s browser. The application code specifies a session URL as a session property to the Solace Web messaging API to connect to the Solace PubSub+ appliance. For example, it uses a parameter such as:

https://203.0.113.1/FxPortal

The F5 Big-IP appliance routes this request to one of the Solace PubSub+ appliances in the pool in a load-balanced manner. The handshake between the Solace PubSub+ appliance and the Solace Web messaging API includes the web-url-suffix configured on the Solace PubSub+ appliance. Subsequent requests from the application include the web-url-suffix in the request URL, which is added by the Solace Web messaging API, thereby allowing the F5 Big-IP appliance to route the requests to the same Solace PubSub+ appliance handling the session. For example, if an application was originally load balanced to the appliance named Solace1, subsequent requests would look like:

https://203.0.113.1/FxPortal?appliance=Solace1

For a more advanced example, consider the network shown in the figure below.

Figure 2 - Advanced N+1 Redundancy Configuration for External Internet Connectivity

The configuration in Figure 2 is created as follows:

  1. Configure Solace1 with the web-url-suffix "?appliance=Solace1".
  1. Configure Solace2 with the web-url-suffix “?appliance=Solace2”.
  1. On the F5 Big-IP appliance acting as a load balancer, add:
    • the web servers to a pool called web_server_pool.
    • all eight of the internet-facing Solace PubSub+ appliance interfaces to a pool called solace_appliance_pool.
    • the four Iinternet-facing Solace1 appliance interfaces to a pool called solace_appliance1_pool.
    • the four internet-facing Solace2 appliance interfaces to a pool called solace_appliance2_pool.
  1. Create the virtual server.

Given the above, the F5 iRule associated with the virtual server configured on the F5 Big-IP appliance acting as load balancer is:

when HTTP_REQUEST {
  if { [HTTP::path] starts_with "/FxPortal" } {
    if { [HTTP::uri] ends_with "?appliance=Solace1" } {
      pool solace_appliance1_pool
    } else if { [HTTP::uri] ends_with "?appliance=Solace2" } {
      pool solace_appliance2_pool
    } else {
      pool solace_appliance_pool
    }
  } else {
    pool web_server_pool
  }
}

Based on the IP addresses in Figure 1, the pools are:

web-server_pool

solace_appliance_pool

10.10.1.1

10.10.2.1

10.10.1.1

10.10.2.2

 

10.10.2.3

 

10.10.2.4

 

10.10.2.5

 

10.10.2.6

 

10.10.2.7

 

10.10.2.8
   

solace_appliance1_pool

solace_appliance2_pool

10.10.2.1

10.10.2.5

10.10.2.2

10.10.2.6

10.10.2.3

10.10.2.7

10.10.2.4

10.10.2.8