F5 Public Cloud Solutions > 2. Class - PC201 - Deploying F5 Solutions to AWS with Terraform and iControl LX Extensions > 2.5. F5 Declarative Onboarding (DO) - HA Config Sync Source | Edit on

2.5.1. Establish Device Trust between Big-IPs.¶

From the Visual Studio Code Terminal, invoke terraform output. Note the bigip2_private_mgmt_address value. We’ll use this value to configure a Device Trust between Big-IP1 and Big-IP2.

terraform output
terraform output bigip2_private_mgmt_address

../../_images/1_terraform_output_bigip2_private_mgmt_address.png

Attention

Make sure you are in the /Common partition before proceeding.

From the Big-IP1 Configuration Utility (WebUI), “Device Management” => “Device Trust” => “Device Trust Members” => [Add…].

Parameter	Value
Device Type	Peer
Device IP Address	IP address value of `terraform output bigip2_private_mgmt_address`
Administrator Username	admin
Administrator Password	f5letme1n

…[Retrieve Device Information].

../../_images/2_bigip1_device_trust1.png

… [Device Certificate Matches].

[Add Device]

../../_images/3_bigip1_device_trust2.png

Confirm that bigip2.f5lab.dev is listed under “Peer and Subordinate Devices”.

../../_images/4_bigip1_device_trust3.png

From the Big-IP2 Configuration Utility (WebUI), “Device Management” => “Device Trust” => Under the “Device Trust Members” tab => Confirm that bigip1.f5lab.dev is listed under “Peer and Subordinate Devices”.

2.5.2. Create a Config Sync Group between Big-IPs¶

From Postman => “Lab - Declarative Onboarding - Active / Standby HA Cluster” => “Step 1: DO - System Resource Provisioning - BIGIP1 HA Cluster” => [Send].

../../_images/6_postman_ha_cluster_202.png

Change the HTTP method from POST to GET and click “Send”. You can do this often to track the status of the DO declaration in the Response. Status 202 indicates the declaration was successfully submitted and is being processed, Status 200 indicates the declaration has successfully completed.

../../_images/7_postman_ha_cluster_get_status.png

Eventually, the status will be 200 OK. Our DO declaration has successfully created a Sync-Failover Config Sync Group with both bigip1.f5lab.dev and bigip2.f5lab.dev as members.

../../_images/8_postman_ha_cluster_complete_200.png

Attention

Make sure Big-IP1 is active and Big-IP2 is standby before proceeding. To force Big-IP2 to standby: “Device Management” => “Devices” => bigip2.f5lab.dev => [Force to Standby].

From the Big-IP1 Configuration Utility (WebUI), note that bigip1.f5lab.dev is the “ONLINE (ACTIVE)” device and “In Sync”.

From the Big-IP2 Configuration Utility (WebUI), note that bigip2.f5lab.dev is the “ONLINE (STANDBY)” device and “In Sync”.

Previous Next