F5 Programmability Training

Current Page

Contents:

Previous topic

Lab 3.2: Create a Declarative Service Catalog

Next topic

Lab 3.4: iWorkflow REST Proxy

F5 Programmability Training > Class 1: Introduction to Automation & Orchestration > Module 3: Creating Declarative Service Interfaces with iWorkflow Source | Edit on

Lab 3.3: Deploy L4-7 Services

digraph breadcrumb { rankdir="LR" ranksep=.4 node [fontsize=10,style="rounded,filled",shape=box,color=gray72,margin="0.05,0.05",height=0.1] fontsize = 10 labeljust="l" subgraph cluster_provider { style = "rounded,filled" color = lightgrey height = .75 label = "Service Templates, Catalog and Deployments" onboarding [label="Basics",color="palegreen"] templates [label="Templates",color="palegreen"] catalog [label="Catalog",color="steelblue1"] deployments [label="Deployments",color="steelblue1"] onboarding -> templates -> catalog -> deployments } }

Up to this point we have spent a lot of time building our toolchain to create a Declarative Service Catalog. We are now at the point where we can perform a Declarative, Abstracted Service Deployment using the iWorkflow Tenant Service Catalog, Tenant API and optionally the built-in Tenant GUI.

As we did in the previous lab we will explore the first deployment in depth so you can implement a full Service Lifecycle: Create, Read, Update and Delete (CRUD) operations. For the remaining deployments you can just repeat the steps used with the first example.

Tenant Overview

iWorkflow Tenants allow Consumers to perform Service Lifecycle operations in an isolated environment. All actions performed prior to this lab have been in what’s called the Provider space and, by nature, are masked from Tenants unless specifically exposed. As a result of the Tenant isolation, each Tenant maintains its own set of Users and Roles associated with those users, allowing each Tenant full control of the actions Tenant Users can perform.

During our iWorkflow Onboarding process in Lab 3.1 we created a Tenant named MyTenant and an associated Tenant User with a username of tenant. Additionally we gave MyTenant access to the BIG-IP Connector named BIG-IP A&B Connector:

lab-3-1

This gives the tenant user the ability to perform CRUD operations on Service Deployments.

Note

Service Templates can also be assigned to specific Cloud Connectors, allowing you to restrict the use of Templates to a specific Tenant and set of BIG-IP resources.

Task 1 - Login to the iWorkflow Tenant UI

iWorkflow provides a Tenant UI that can act as a simple self-service portal for Tenants. In this lab we’ll use the Tenant UI to monitor the results of various actions we take via the iWorkflow Tenant API.

Perform the following steps to complete this task:

  1. Open a new Chrome window/tab and connect to https://10.1.1.12

  2. Use the MyTenant Tenant User credentials to login:

    • Username: tenant
    • Password: tenant

  3. You will see a user interface that looks similar to the Provider UI, however, the access is limited to Tenant specific objects. You can see a list of available Service Templates and Clouds with their associated Connectors:

    lab-3-2

Task 2 - Authenticate to the iWorkflow Tenant API

As described above, the Tenant interfaces to iWorkflow maintain their own access control mechanisms. As a result, when performing operations via the Tenant API you must authenticate with a Tenant User (tenant in this case).

Perform the following steps to complete this task:

  1. In Postman expand the Lab 3.3 - Deploy L4-7 Services folder in the collection.
  2. Click the Authenticate and Obtain Token for Tenant User request and examine the JSON request Body. Notice that we are sending the credentials for the Tenant User (tenant). This request will automatically populate the iwf_tenant_auth_token variable in the Postman environment so it can be used by subsequent requests.
  3. Click the Send button on the Authenticate and Obtain Token for Tenant User request. Check the Test Results tab to ensure the token was populated.
  4. Click the Set Tenant Authentication Token Timeout request and click the Send button. This request will increase the timeout value for the token so we can complete the lab without having to re-authenticate.

Task 3 - Perform Service Lifecycle Operations

In this task we will perform CRUD operations on Service Deployments demonstrating a full Service Lifecycle for a Tenant Service.

Create

Perform the following steps to complete this task:

  1. Click the Deploy example-f5-http-lb Service request in the folder.

  2. Examine the URI. Notice that the variable iwf_tenant_name is used to specify the Tenant we are performing the operation on. In this case iwf_tenant_name is set to MyTenant in the Postman environment:

    lab-3-3

  3. Examine the JSON Request Body; it contains the following data:

    • Deployment name
    • A URI Reference to the Service Template f5-http-lb-v1.0
    • The input vars and tables for the deployment. These fields were marked Tenant Editable in the Service Template
    • A URI Reference to the Connector to use for deployment. This specifies which BIG-IP devices will be used for this deployment

    The data in the list above is highlighted below:

    lab-3-4

  4. Click the Send button to Create the Service Deployment

  5. Switch to the Chrome iWorkflow Tenant UI window. The example-f5-http-lb Service is now present in the L4-L7 Services pane. Double click the Service and examine its properties. You can compare the values in the UI to the JSON Request Body from the step above.

    lab-3-5

  6. Open a Chrome window/tab to the BIG-IP A GUI at https://10.1.1.10 and login with admin/admin credentials. Navigate to iApps ‣ Application Services. Select example-f5-http-lb from the list of deployed services and examine the Components of the deployed service:

    lab-3-6

Update

Perform the following steps to complete this task:

  1. Click the Modify example-f5-http-lb Service request in the folder.

  2. We will send a PUT request to the Resource URI for the existing deployment and add a Pool Member as shown in the JSON Request Body:

    lab-3-7

  3. Click the Send button to Update the Service Deployment.

  4. Update the iWorkflow Tenant UI and notice that the Service has been updated:

    lab-3-8

  5. Update the BIG-IP GUI and notice that the Components tree has been updated:

    lab-3-9

Read

Perform the following steps to complete this task:

  1. Click the Get example-f5-http-lb Service request in the folder.

  2. We will send a GET request to the Resource URI for the existing deployment.

  3. Click the Send button to Read the Service Deployment.

  4. Examine the JSON Response Body to see the state of the current Service Deployment:

    lab-3-10

Delete

Perform the following steps to complete this task:

  1. Click the Delete example-f5-http-lb Service request in the folder.

  2. We will send a DELETE request to the Resource URI for the existing deployment.

  3. Click the Send button to Delete the Service Deployment.

  4. Update the iWorkflow Tenant UI and verify that the Service has been deleted:

    lab-3-11

  5. In the BIG-IP GUI navigate to iApps ‣ Application Services and verify the service was deleted.

    lab-3-12

Task 3 - Deploy Additional Services

Examples Create requests are included in the Lab 3.3 - Deploy L4-7 Services folder. For the remaining services refer to the table below to see which ones apply most to your specific use cases. You can repeat the steps in Task 2 for the additional services by modifying the requests as needed.

Service Name Description
f5-http-lb HTTP Load Balancing to a Single Pool
f5-https-offload HTTPS Offload and Load Balancing to a Single Pool
f5-fasthttp-lb Performance-enhanced HTTP Load Balancing to a Single Pool
f5-fastl4-tcp-lb Generic L4 TCP Load Balancing to a Single Pool
f5-fastl4-udp-lb Generic L4 UDP Load Balancing to a Single Pool
f5-http-url-routing-lb HTTP Load Balancing with URL Based Content Routing to Multiple Pools
f5-https-waf-lb HTTPS Offload, Web Application Firewall Protection and Load Balancing to a Single Pool
Previous Next

Support Programs

Regionally located support centers enable F5 to provide support in a number of languages through native-speaking support engineers.

See more

Contact Support

North America: 1-888-882-7535
Outside North America: 800-11-275-435

Local Support Numbers

Feedback and Help

Have questions, suggestions, or just want to get something off your chest? Let us know.

Leave feedback

About F5

Education

F5 sites

Support Tasks

Connect with us

© Copyright 2017 by F5 Networks, Inc. | Policies | Trademarks