Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

F5 in Azure Question

Hi all

Has anyone deployed an F5 instance in Azure, specifically using the ARM template provided via F5's Github page?

I ask because in the deployment template there are two parameters to complete:

'Number of External IPs' & 'External IP Address Range Start'

...in our case we do not need external IP addresses as the F5 will live just below an internet-facing firewall which does NAT to the VSes below. We then intend to assign the external interface to a /24 subnet and then create virtual servers from this range.

Is this even possible within Azure? Surely we do not need a distinct public IP address per virtual server?

By the way this is a single instance, no HA.

Thank you

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi Devlin,

you may choose either a 1-NIC or 2-NIC depending if you want to seperate MGMT and PROD traffic or not.

https://github.com/F5Networks/f5-azure-arm-templates/tree/master/supported/standalone

I always keep the pre-installation wizard as simple as possible and only perform a minimalistic setup without specifying additonal IPs (just the SelfIP for each interface). Right after the installation is completed, I'm going to remove most of the wizard based configuration objects and start my own configuration from the scratch. I'm heavily OCD'ed and simply MUST to use my own naming convention... ;-)

You can later add as many as needed additional IPs to your F5-VM-Interfaces via the Azure Management and then use those IPs for Virtual Servers or SNAT-Pools.

Note: If you plan at some point to extent your single-node F5 to become a cluster, then make sure to use a the 2-NIC template to seperate your MGMT and PROD interfaces. By doing so you can reuse your PROD network as a sync/failover link. And with the help of an front-ending Azure-LB you will be able to create SYNC-Failover cluster pretty much comparable to the ones you are using in a fully featured Layer2 environment (far better than the feature limited Active/Active via-LB templates or the pretty much overengineered Active/Passive via-API templates supported by F5).

Cheers, Kai

0
Comments on this Answer
Comment made 3 months ago by Devlin_T 356

Hello Kai

Thank you for this insight, it's much appreciated. I'll probably spin up my own lab in my PAYG Azure account & see what is the art of the possible.

0