A10 Thunder VIP – well…

VIP Configuration Guide

Introduction

If you are setting up a test environment for an application, it is important to consider the “User Acceptance to Production” dilemma. This guide provides some basic tips on how to set up a VIP (Virtual IP) to ensure smooth deployment to production.

Test Environment

When setting up a test environment, always use port 443 (HTTPS) and never concede to having port 80 (HTTP) open. Although HTTPS can be a pain, it is essential to avoid setting up an HTTP path to the same resources on the test environment. This can create a dependency on HTTP that can cause problems in the future.

Redirections

If you want to provide HTTP access to the test environment, be careful when using redirections. Ensure they are “hard” redirects and you are not propagating the path and full URI. However, remember that something could go wrong even with the best intentions. Therefore, it is important to create hard errors that developers can see, which will provide the feedback necessary to prevent deployment issues.

Production Environment

When you go to production, force a port 80 HTTP redirection to the application’s home page (with NO path or query strings). This will not disrupt the application functionality, as port 80 HTTP was never available in the test environment.

VIP Configuration

To create a VIP, you must define and group servers for redundancy and scale. You can then apply a service group to a port of a VIP to get the whole picture. Here is a minimum VIP configuration:

slb server mcyork1 199.60.123.50
port 80 tcp

slb server mcyork2 199.60.123.51
port 80 tcp

slb service-group example-mcyork tcp
member mcyork1
member mcyork2

slb virtual-server example.mcyork.com 199.60.123.75
 port 80 http
  service-group example-mcyork

DNS Primer If you go to the IP 199.60.123.75, the result should be a response from either 199.60.123.50 or .51, where the website/application or API is hosted.

Conclusion

This is the most straightforward VIP configuration in any ADC/load balancer. Remember, no HTTP in pre-production – ever ( wait for the next example to see HTTPS in action). Follow these tips to ensure a smooth deployment to production.

Enjoy