Forum Discussion
17 Replies
- NathCirrostratus
Have you done this brother?
-Nat
- mikeshimkus_111Historic F5 Account
Hi Tim and Nat, I'll investigate the requirements and reply here with the results.
thanks
Mike
- NathCirrostratus
THanks very much Brother Mike :)
- NathCirrostratus
Tim, Have you successfully deployed this one? -Nat
- mikeshimkus_111Historic F5 Account
You will need to create a separate pool and add the Workflow servers at either port 12290 (https) or 12291 (http). Assign either a default https/http or tcp monitor to the pool.
You'll also need to create a standard virtual server at the IP you'll be directing clients to, on either port 12290 or 12291, and select the pool you created as the target for the VIP. If you are doing SSL, you have to assign client and server SSL profiles, which means you'll need to import the cert and key for you workflow server(s) into BIG-IP.
After typing all that out, I think probably the way to go is to use the f5.iis iApp template and use the appropriate ports for the virtual server and pool members. We also have an f5.tcp iApp that supports deploying in a fastl4 mode if you don't need to decrypt the workflow traffic.
- NathCirrostratus
Mike Hi,
Thank you for this. I will try this one and get back on this thread.
May we have also your reference Sir?
THanks
-Nat
- NathCirrostratus
Mike Hi,
I tried adding the Workflow Manager Server with 12290 port but still not working. I also noticed that there is AS involved on the traffic
Client -> SharePoint Server -> SP Application Server -> WorkFlow Manager.
Our issue in only getting information from Workflow Manager to SharePoint Server.
Thanks,
-Nat
- mikeshimkus_111Historic F5 Account
So, communication from the workflow server(s) to the SharePoint front ends is being blocked? Do you see connection attempts from the workflow servers to the SP VIP? Do you have an APM policy configured on that VIP?
I assume the workflow server is configured using the FQDN of the SP farm and the workflow servers can resolve and route to that virtual server, correct?
When you registered the site with workflow using PowerShell, did you specify the correct protocol (for example, if you are offloading SSL, you'd need to use "https://site.example.com/sitecollection" instead of "http://site.example.com/sitecollection".
- NathCirrostratus
Hi Mike,
Yes the communication between workflow and SP is not totally blocked. It says on the Workflow Logs that the F5 VIP failed to response when establishing connection.
Yes it is using FQDN and on the Work flow we use https:(fqdn)or(IP)/etc of the VS but still on the Workflow Manager logs says Could not connect or failed to establish connection to f5 VIP.
- mikeshimkus_111Historic F5 Account
Okay, I would first look at the BIG-IP connection statistics for the VIP. Do you see connections to the SP VIP and pool members when workflow attempts to connect?
If you do, you can add an iRule like this one to the SP VIP to log the requests and responses to verify you are seeing requests from the workflow servers:
when HTTP_REQUEST { log local0. "Request:[HTTP::host][HTTP::uri]:[HTTP::header names]" foreach cookie [HTTP::cookie names] { log local0. "Cookie name: $cookie, Cookie value: [HTTP::cookie value $cookie]" } foreach aHeader [HTTP::header names] { log local0. "$aHeader: [HTTP::header value $aHeader]" } } when HTTP_RESPONSE { log local0. "Response: [HTTP::status]:[HTTP::header names]" foreach cookie [HTTP::cookie names] { log local0. "Cookie name: $cookie, Cookie value: [HTTP::cookie value $cookie]" } foreach aHeader [HTTP::header names] { log local0. "$aHeader: [HTTP::header value $aHeader]" } }
- NathCirrostratus
Hi Mike,
Thanks for the script. I will try this and will get back here.
-Nat