Using an F5 Load balancer with ITPAM 3.1 SP1

book

Article ID: 49031

calendar_today

Updated On:

Products

CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) CA Workload Automation Agent CA Process Automation Base

Issue/Introduction

Description:

Clients have requested instructions on using a hardware load balancer with ITPAM. Instructions are included in ITPAM 4.0SP1 for an F5 hardware load balancer, but these steps have been tested in 3.1SP1 and are included in this tech document. This document is not meant to be notice of official certification of the integration between ITPAM 3.1SP1 and F5, but these steps have been tested in house and do work internally.

Solution:

ITPAM version 3.1SP1 CP12 was used as well as F5 version "BIG-IP 10.1.0 Build 3341.0 Final".

  1. In the F5 management interface, create an entry for each PAM cluster machine in the nodes section.
  2. Create a pool and make the PAM nodes members of the pool.
  3. Create a PAM Virtual Server and make the PAM pool the default pool.
  4. Create the following iRule, which is the equivalent of uriworkermap.properties in apache:
    when HTTP_REQUEST {set PAMPOOL "[MyPool]"set PRIMARY "[PrimaryIP]"set PRIMPORT "[PrimaryPort]"   switch -glob [HTTP::uri] {          "/jmx-console*" { pool $PAMPOOL }          "/web-console*" { pool $PAMPOOL }          "/itpam*" { pool $PAMPOOL }          "/c2orepository/oasisHelp*" { pool $PAMPOOL }          "/c2orepository/htmlFile/aboutUs/*" { pool $PAMPOOL }          "/c2orepository/htmlFile/language/*" { pool $PAMPOOL }          "/itpam/ServerConfigurationRequestServlet" { pool $PAMPOOL member $PRIMARY $PRIMPORT }          "/itpam/MirroringRequestProcessor*" { pool $PAMPOOL member $PRIMARY $PRIMPORT }          "/c2orepository/*" { pool $PAMPOOL }          "/mirroringrepository*" { pool $PAMPOOL member $PRIMARY $PRIMPORT }          "/itpam/StartAgent*" { pool $PAMPOOL member $PRIMARY $PRIMPORT }          "/itpam/OasisPrimary" { pool $PAMPOOL member $PRIMARY $PRIMPORT }          "/c2orepository/htmlFile/installation/*" { pool $PAMPOOL }          "/itpam/AgentConfigurationRequestServlet" { pool $PAMPOOL }          "/birt/*" { pool $PAMPOOL member $PRIMARY $PRIMPORT }          "/itpam/JNLPRequestProcessor*" { pool $PAMPOOL }          "/itpam/JNLPRequestProcessor/installation" { pool $PAMPOOL member $PRIMARY $PRIMPORT }          "/c2orepository/media*" { pool $PAMPOOL member $PRIMARY $PRIMPORT }          "/c2orepository/thirdParty*" { pool $PAMPOOL member $PRIMARY $PRIMPORT }          "/itpam/clientproxy/c2oresourceaction" { pool $PAMPOOL member $PRIMARY $PRIMPORT }          "/itpam/clientproxy/c2oreportaction" { pool $PAMPOOL member $PRIMARY $PRIMPORT }                default { pool $PAMPOOL }   }}

    • Be sure to set the variables at the top (MyPool, PrimaryIP, PrimaryPort) to your own variables.
    • Note that the language used for iRules is TCL.

  5. Associate this iRule with the Virtual Server (Resources tab).
  6. Prepare to install PAM by changing your hosts file to point the F5 LB name to an active web server somewhere.

    • This must be done in order to get the primary Domain Orchestrator installed because, by default, the F5 virtual host doesn't respond to the HTTP GET request that the installer issues; it returns a page cannot be found error.
    • Make sure to undo this step after the installation.

  7. Install PAM as you normally would.

Environment

Release:
Component: ITPAM