The Azure folder contains various deployments. All deployments utilize the F5 Automation Toolchain components for Declarative Onboarding (DO for L1-L3) and Application Services (AS3 for L4-L7) in order to asist in onboarding the BIG-IP and configuration. Telemetry Streaming (TS for analytics/logging) is also installed and ready for use.
- Infrastructure Only
(updated March 2023) This Terraform plan uses the Azurerm provider to build the basic infrastructure with a VNET, subnets, firewall rules, routes, and storage buckets. Start here if you don't have an existing Azure network stack yet, and then move on to the other templates below. This will build one VNET with three (3) subnets: management, external, internal. - Standalone
(updated March 2023) This Terraform plan uses the Azurerm provider to build the necessary Azure objects and a standalone BIG-IP device with 3-NICs. Traffic flows from client to F5 to backend app servers. - Autoscale via LB
(updated March 2023) This Terraform plan deploys BIG-IP devices in an Azure VM Scale Set. Each device is standalone, each device retreives its onboarding from custom-data, and each device is treated as immutable. Network/Application changes are made to Terraform TF files (or DO and AS3 json files), and the Azure VMSS will perform rolling upgrades of each BIG-IP as a result of modified custom-data. - HA via API
(updated March 2023) This Terraform plan uses the Azurerm provider to build the necessary Azure objects and a pair of BIG-IP devices with 2-NICs. The F5 Cloud Failover Extension (CFE) will call the Azure REST API and move cloud objects (ex. IPs, routes) during failover when the BIG-IP detects a problem with its peer. Traffic flows from client to F5 to backend app servers. - HA via LB
(updated March 2023) This Terraform plan uses the Azurerm provider to build the necessary Azure objects and a pair of BIG-IP devices. The Azure LB is used to distribute traffic to the F5 BIG-IP devices for high availability and failover. Traffic flows from client to ALB to F5 to backend app servers. - Azure Route Server + BIG-IP and BGP/eCMP
(updated March 2023) This Terraform plan uses the Azurerm provider to build the necessary Azure objects and any number of BIG-IP devices with 3-NICs. There is a "Hub" VNET as well as a "Spoke1" VNET and "Spoke2" VNET. This design integrates with Azure Route Server to propagate routes. The BIG-IP devices are setup as standalone devices and reside in the "Hub", and BGP is used to distribute traffic to the F5 BIG-IP devices via routing. - Azure Virtual WAN + BIG-IP and BGP/eCMP
(updated March 2023) This Terraform plan uses the Azurerm provider to build the necessary Azure objects and any number of BIG-IP devices with 3-NICs. This design integrates with Azure Virtual WAN to propagate routes and connect to VNets as well as remote branch offices. The BIG-IP devices are setup as standalone devices and reside in the "Shared_Services" VNet, and BGP is used to distribute traffic to the F5 BIG-IP devices via routing.