3.7.1. Delete the configuration objects you manually created

Delete the TCP iApp that created the Virtual Servers.

iApps => Application Services => Applications. Select example01 and delete. Delete again to confirm.

Attention

Alternatively, follow the steps below to delete the configuration objects manually.

From Big-IP1, Local Traffic => Virtual Servers => Select both Virtual Servers and [Delete].

../../_images/1_delete_virtual_servers.png

From Big-IP1, Local Traffic => Pools => Select “service_discovery_pool” and [Delete].

../../_images/2_delete_pool.png

From Local Traffic => Nodes => Node List => Select both nodes and [Delete].

../../_images/3_delete_node.png

3.7.2. Prepare Postman

From the Visual Studio Code Terminal, copy the postman_rendered.json file to the desktop. This file contains the environment variables for a Postman collection.

cp ./postman_rendered.json /mnt/c/Users/Administrator/Desktop/
../../_images/4_copy_postman_rendered_to_desktop.png

The postman_rendered.json file was copied to the Windows desktop.

../../_images/5_postman_rendered_desktop.png

Open Postman. Click the wrench icon in the upper-right-hand corner to review Settings. Ensure that “SSL certificate verification” is turned “OFF”. Close Settings.

../../_images/6_postman_ssl_cert_verification_off1.png

Click “Import” in the upper-left-hand corner. Choose “Import From Link”. Import the Postman Collection for this lab from:

https://raw.githubusercontent.com/TonyMarfil/f5agility2020-pc101/master/postman/f5agility2020-pc101-postman-collection.json
../../_images/7_postman_import_collection_from_link.png ../../_images/8_postman_collection_imported.png

Confirm the F5 Agility 2020 PC101 Lab Collection has been imported.

In the upper-right-hand corner. To the far right of the “No Environment” drop-down menu. Click the gear icon and “Import from File”. Navigate to \This PC\Desktop\postman_rendered.json => [Open].

../../_images/9_import_environment_from_desktop.png

Confirm the environment was successfully imported. Choose “Agility 2020 - Use Terraform to…” from the Environment drop-down menu in the upper-right-hand corner.

../../_images/10_postman_select_imported_environment.png

3.7.3. Install the Application Services 3 Extension

Big-IP1 => iApps => Package ManagementLX => [Browse] => This PC\Downloads\iControl_LX\f5-appsvcs… Upload the f5-appsvc… package.

Do the same for Big-IP2.

../../_images/11_bigip_upgrade_as3.png

From Postman, click on the environment view icon immediately to the right of the “Agility 2020 - Use Terraform…” environment. You can see here that the environment variables have been prepared for the lab.

../../_images/12_postman_review_environment_variables.png

3.7.4. Create virtual servers and enable modern protocols such as TLS 1.3 and HTTPS/2 with AS3

From Postman, select “Step 1: Check AS3 - BIGIP1” request. Click “Send”. The Status is 200 OK and the Body response will indicate the AS3 version.

../../_images/13_postman_confirm_as3_bigip1.png

From Postman, select “Step 3: Create AS3 - Example01/example01 with AutoDiscover pool…” request. Click “Send”.

../../_images/14_postman_review_as3_declaration_body.png

Change the HTTP method from POST to GET and click “Send”. You can do this often to track the status of the AS3 declaration in the Response. Status 202 indicates the declaration was successfully submitted and is being processed, Status 200 indicates the declaration has successfully completed.

../../_images/15_postman_review_as3_send3.png ../../_images/16_postman_as3_202.png

Eventually, the status will be 200 OK. Our AS3 declaration has successfully created virtual servers and services.

../../_images/17_postman_as3_200.png

On Big-IP1, choose the new Example01 partition in the upper-right hand corner.

../../_images/18_bigip1_example01_partition.png

Big-IP1 => Local Traffic => Virtual Servers. Review the newly created example01a and example01b HTTP virtual servers.

../../_images/19_bigip1_example01_virtual_servers.png

Big-IP1 => Local Traffic => Pools. Review the newly created pool1.

../../_images/20_bigip1_example01_pool_autodiscover.png

From the browser, connect to the example application over HTTP.

../../_images/21_bigip1_example01_example_app.png

This application is running over unencrypted HTTP/1.1. Let’s turn on modern protocols TLS 1.2 (HTTPS) and HTTP/2.

In Postman, Select the “Step 4: Create AS3 - Example01/example01 HA Modern Protocols” request. Click [Send]

../../_images/22_postman_as3_modern_protocols1_200.png

Big-IP1 Example01 Partition => Local Traffic => Virtual Servers. Review the virtual servers created.

../../_images/23_bigip1_example01_virtual_servers_modern_protocols1.png

In Postman, Select the “Step 5: Create AS3 - Example01/example01 HA Modern Protocols” request. Click [Send]

../../_images/24_postman_as3_modern_protocols2_200.png

From the browser, connect to the example application over HTTPS. We are using self-signed certificates in the lab. Bypass the TLS warnings. “Accept the Risk and Continue”.

Attention

Preface the IP address with https://

Hover over the lightning bolt icon in the upper-right hand corner and note “HTTP/2 is active for the top-level document”

../../_images/25_bigip1_example01_example_app_https_http2.png

In Postman, Select the “Step 6: Create AS3 - Example01/example01 ECDSA Cert” request. Click [Send]

../../_images/26_postman_as3_modern_protocols_ecdsa_200.png

From the browser, connect to the example application over https. We are using self-signed certificates in the lab. Bypass the TLS warnings. “Accept the Risk and Continue”.

../../_images/27_bigip1_example01_example_app_ecdsa_bypass_warning.png

From the browser explore the ciphers used.

../../_images/28_bigip1_example01_example_app_ecdsa_tls1.2.png