search cancel

F5 for CDD HA : Active-Standby

book

Article ID: 134815

calendar_today

Updated On:

Products

Continuous Delivery Director SAAS

Issue/Introduction


We are having issues with our active standby configuration related to our F5. The F5 is configured to point to node 1. But in the instructions I can’t find anything that indicates how to configure node 2 to Stand by. 

Environment

Release : 6.9+

Component : High Availability 



Cause

Latest (as of this writing) product guide:

https://docops.ca.com/ca-continuous-delivery-director/7-0/en/administration/configure-high-availability/


The product documentation has a handful of steps. Three of those steps describe how you go about setting up the environment to have an active-standby high availability CDD service. Those three steps are:

  1. Add a network load balancer (LB).
  2. Configure load balancer to redirect all traffic to active cdd server.
  3. Configure load balancer to use a specific http monitor to test CDD server availability. 

#2 and #3 are the focus for this article. Specifically as it relates to F5. The product documentation gives an example haproxy.cfg configuration. Information for nginx.c #1 is out of scope for this article.



Resolution

Configure LB to send all traffic to active cdd server

F5's have pools. A pool is a logical set of devices,  such as web servers, that you group together to receive and process traffic. This is straight from the F5 website which explains pools and their features really well. You can view it here: https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-basics-11-6-0/4.html


Let's get started...  

  1. Create Nodes to represent your two CDD servers. 
  2. Create a Pool and add both Nodes from step 1 as members of the pool. 
  3. Set the Pool's "Load Balancing Method" to "Round Robin". F5 BIG-IP is a load balancer. Active-standby is a high availability concept. Load balancing and high availability are different. Load balancing spreads the traffic load across 2 or more servers using any ratio but 100%/0%. Load balancing traffic distribution can be 99%/1, 50%/50%, etc.. Load balancing is used as a means to scale. High Availability is to prevent service outage. It is more of a means to disaster recovery. Round Robin will evenly split the traffic being received by the pool to both of the Nodes in your pool.
  4. For "Priority Group Activation" select Less than 1. This is saying that 1 member must be in each priority group in order for traffic to remain confined to that group. Priority groups offer us the ability to prefer the active CDD server over the standby CDD server. Setting the value to 0 would disable priority groups. Setting it to 2 breaks the contract to contain traffic to a priority groups and distributes traffic to the next priority group. We do not want that. 
  5. Access the properties for each member of the pool. Ratio weights are for ratio-based load balancing methods. Ratio weights are believed to NOT apply here. Recommendation: Let the BIG-IP system use whatever values it defaults to. Defaults may change after altering other property values.
  6. For the active CDD server set the Priority Group value to 10. For the standby CDD server set the Priority Group to 5. 
  7. Make sure that Connection Limit and Connection Rate Limit are set to 0. 

Different "Priority Group" values (10 and 5) is how we distribute 100% of the traffic to the active server and 0% traffic to the standby server since lower priority groups only receive traffic when all members in higher priority groups are unavailable. 




The objective here is to send 100% of CDD traffic to the active cdd server. None of the traffic should go to the standby cdd server. That would be an Active-Active HA setup which CDD does support. See the product documentation for additional details. F5 setup for active active is out of scope for this document. 



Configure LB to use a specific http monitor to test CDD server availability

Using a monitor is how the BIG-IP system determines whether the members of the pool are available or unavailable. It determines if traffic should get sent to the member with the priority group value of 5. If the member with a priority group value or 10 stops responding to the health check then it should begin sending traffic to the member with a priority group value of 5. The default http "Health Monitor", set in the properties of the Pool, is a bare minimum. It is recommended to use a custom http monitor to test the URI mentioned in the CDD product document. Validated steps for setting up a custom http health monitor are not available at this time. However, this URL may help: LTM: HTTP Monitoring with POST request