All White Papers

White Paper

F5 PRO-enabled Monitoring Pack for Microsoft System Center: Automated Provisioning

Updated June 05, 2012

Introduction

Data center management is potentially the most critical part of running any type of data center, yet it typically remains one of the least mastered and understood. It is ironic, then, that the tools used to manage the entire data center are often disparate and isolated, most often deployed piecemeal to manage single points within the data center. This is changing, however, with unified solutions that address physical and virtual machine (VM) management as well as networks and application management in one single-point platform.

Microsoft is leading the charge toward unified, cross-platform data center management with System Center Operations Manager 2012 suite. As Microsoft’s data center management platform, System Center Operations Manager 2012 encompasses hardware platforms to the application infrastructure, with a focus on provisioning at the application layer. Although this application-driven approach is still relatively novel in data center management, it’s a model that makes sense.

F5 and Microsoft System Center Integration

Through extensive collaboration with Microsoft, F5 created the PRO-enabled Monitoring Pack for Microsoft System Center, bringing application networking intelligence to Microsoft’s data center management platform. The F5 Monitoring Pack allows decisions to be made on application traffic based on other factors in the data center, such as power consumption needs, virtual server availability, and network status.

System Center Architecture

Microsoft’s System Center 2012 is a complete data center management platform and is made up of individual core tools that focus on one particular function in the data center.

  • Microsoft System Center Operations Manager—As the workhorse of the System Center 2012 family, System Center Operations Manager handles all aspects of monitoring and provisioning services in the data center.
  • Microsoft System Center Virtual Machine Manager 2012—System Center Virtual Machine Manager (VMM 2012) manages virtual machine instances in the data center. VMM 2012 pulls from other components, like System Center Operations Manager, to apply specific policies when managing virtual machines and the applications running on those virtual instances.

F5 PRO-enabled Monitoring Pack

The F5 PRO-enabled Monitoring Pack is a suite of software plug-ins for System Center 2012 that offers a comprehensive management solution for F5 hardware appliances and application services in the data center. F5 provides three modules for System Center:

  • Core Management Pack—The Core Management Pack makes F5 BIG-IP® devices visible to Microsoft System Center and enables statistics gathering.
  • PRO-enabled Monitoring Pack for Microsoft System Center—This add-on provides System Center PRO-Tips for managing BIG-IP devices. In addition, the PRO-enabled Monitoring Pack enables integration with System Center Virtual Machine Manager.
  • Virtual Application Migration Pack—Virtual Application Migration Pack extends integration of BIG-IP devices with VMM 2012 by adding orchestration solutions, such as enabling the migration of a Microsoft Hyper-V instance to different hardware that is coupled with a BIG-IP application template and configuration update to a BIG-IP device at the same time.

The F5 Core Management Pack is a required first step when adding application delivery management to System Center. But there are other tools included in the F5 PRO-enabled Monitoring Pack that bring added value. The F5 PRO-enabled Monitoring Pack enables monitoring of all F5 appliances down to the node level. This monitoring provides real-time status of application nodes as well as long-term trending and analysis of application networking traffic. In addition, the F5 PRO-enabled Monitoring Pack takes advantage of tools available in System Center called “PRO Tips.” PRO Tips are like aggregated macros for both monitoring and any actions that are based on those monitors. PRO Tips appear to the administrator in the GUI and suggest what actions should be taken based on the situation. For example, if a system becomes overloaded, a PRO Tip may be presented to the administrator — in the form of a an easy to apply button, for example—to fix the problem by provisioning another system via System Center. The F5 PRO-enabled Monitoring Pack uses PRO Tips to include remediations for F5 BIG-IP devices and the Application Delivery Network.

Figure 1: F5 PRO-enabled Monitoring Pack PRO-Tips

In addition to monitoring, the PRO-enabled F5 Monitoring Pack also manages the application delivery infrastructure, providing such functions as dynamically adding and removing application delivery resources (nodes, pool members, VIPs, appliances, and so on), moving services in and out of maintenance mode, and failing over between F5 BIG-IP appliances. Managing the entire ADN becomes more critical in a dynamic environment where virtual machines are created and destroyed, started and stopped, and moved around the data center as needed. As services become portable in the data center, real-time information between the virtual machines, applications, hardware, and network must be continuously correlated to provide the best application delivery experience.

Configuring BIG-IP Devices with System Center 2012

Using the F5 Monitoring Pack to manage and configure BIG-IP devices with System Center 2012 brings a new level of application deployment and configuration management to the data center. In addition to new management tools on BIG-IP v11 devices available through iControl®, F5’s open and programmatic configuration language, F5 now supports managing individual BIG-IP objects called folders.

Folders

At the most basic level, a folder is a container for BIG-IP configuration objects on a BIG-IP device. All BIG-IP system objects, such as virtual servers, pools, and self IP addresses, reside in folders or sub-folders. With System Center 2012, administrators can now manage and configure folder objects on multiple BIG-IP devices using the F5 Monitoring Pack.

Figure 2: BIG-IP folder support through System Center Operations Manager

iControl

F5 iControl is the first open API that enables applications to work in concert with the underlying network based on true software integration. Utilizing SOAP/XML to ensure open communications between dissimilar systems, iControl allows administrators and application designers to automatically manage, control, and gather real-time performance data directly from the BIG-IP system. System Center 2012 includes full support for all iControl methods in the BIG-IP system, including gathering critical application-based performance data using the F5 Application Visibility and Reporting module.

Dynamically Adding and Removing Services

The most common use of the F5 PRO-enabled Monitoring Pack, beyond status monitoring, is provisioning new Application Delivery Controller (ADC) resources based on changes detected by System Center throughout the data center. All three F5 Monitoring Pack modules work in concert with System Center to create an orchestration system that will manage application services on the server side as well as within the Application Delivery Network via F5 BIG-IP® Local Traffic Manager™ (LTM).

In a dynamic services scenario, BIG-IP LTM continually monitors the state of the ADN, relays that data back to System Center, and is configured to send triggers to System Center when certain actions occur. Those triggers can be based on bandwidth usage, system availability, user connection limits, and so on. One common scenario is creating a bandwidth threshold for applications served through BIG-IP LTM. Once the threshold is reached, the F5 PRO-enabled Monitoring Pack sends a trigger to System Center to spin up a new server hosting the particular application associated with the bandwidth threshold. The F5 PRO-enabled Monitoring Pack continually monitors this new application resource for availability; once the new resource is up and available, BIG-IP LTM will begin sending application connections to the new resource.

Through VMM 2012 and by utilizing iControl methods, BIG-IP services can also be created and destroyed on a per-VIP (virtual IP) application service level on the BIG-IP device itself. As new application servers are enabled by System Center, triggers can be sent to the BIG-IP device to enable access to those services at the network level through a new VIP service. This enables application administrators to create and manage new services on the BIG-IP system without allowing them direct access to the BIG-IP management portal, saving operational risk and time, and helping to adhere to corporate security policies. In addition to provisioning new VIP services for availability, the BIG-IP system is now a load balancing provider for VMM 2012 which enables provisioning of advanced load balancing and traffic management services in F5 devices when new a new application VM is deployed. Together, iControl and load balancing capabilities enable complete application delivery provisioning on the BIG-IP system through a central System Center interface.

Resources can be dynamically removed as System Center and BIG-IP server objects in the same manner. Once a minimum threshold is detected via the F5 PRO-enabled Monitoring Pack monitor, server resources can be turned off and removed from the pool for that application traffic, saving critical resources on the hardware (in the case of a virtual machine)as well as power and additional management resources.

Moving Services In and Out of Maintenance Mode

For years, BIG-IP LTM has been used by system administrators to manage moving application services and servers in and out of maintenance mode. BIG-IP LTM enables administrators to bleed connections off of a server (or pool of servers)onto other servers without losing connectivity between the users and the applications. Once removed, a server can be updated, repaired, or replaced and new connections can be re-routed to that server once it becomes available.

With the F5 PRO-enabled Monitoring Pack, those maintenance modes can be automated and orchestrated from within System Center. This can either be done manually through the System Center management interface or automatically using the F5 PRO-enabled Monitoring Pack tools; System Center includes a specific action to move a server into maintenance mode. The administrator can take down applications and systems via System Center (both physical and virtual systems) and BIG-IP LTM will take care of moving those active connections to already running systems. In addition, the F5 PRO-enabled Monitoring Pack is aware that the system is in maintenance mode and even though it is no longer accepting application traffic — a critical health state that would normally generate alerts—BIG-IP LTM will not take independent action because it’s aware that that the system is in maintenance mode.

Once maintenance is complete and the systems are again in normal operating order, BIG-IP LTM will begin sending new connections to those systems. This maintenance orchestration can be repeated as needed on all BIG-IP application server objects that are part of the application server pool.

Monitoring and Managing Device Failover

In addition to monitoring application system and traffic availability, the F5 PRO-enabled Monitoring Pack can also monitor, and manage, the BIG-IP devices themselves. System Center can be configured to manage BIG-IP devices in the same way that it can manage application servers, through thresholds, monitors, user connections, and more.

For example, System Center can be configured to monitor application traffic through a particular BIG-IP LTM device that is running as the active member of a redundant BIG-IP pair. If System Center detects a change in the monitored statistic, such as a drop of application traffic below a set threshold, it can trigger the standby BIG-IP device in the pair to become active and take over application traffic that the original BIG-IP device was managing. While the pair of BIG-IP devices monitor each other and can failover between devices, System Center takes that monitoring and failover action a step further by integrating additional application traffic and system data into the failover monitoring. BIG-IP devices can be forced to fail over for any number of situations monitored by System Center based on business need rather than a straight loss of available application traffic.

Conclusion

Although management has long been neglected, it remains one of, if not the most important components. Physical, virtual, and application services need to be monitored, managed, and deployed based on need. Under-provisioning systems and application services results in a shortage of resources. Over-provisioning system and application services results in wasted resources. Management of the services and their availability is paramount to any modern, dynamic data center, be it a traditional physical data center or a virtualized one.

As data centers continue to become more complex, management tools struggle to keep up with these dynamic changes. Microsoft System Center 2012 is a suite of tools leading the pack in adapting to the changing data center model, and F5 is able to take advantage of this strong, secure platform for managing ADCs and policies throughout the data center. Microsoft System Center enables application, network, and system administrators to manage their BIG-IP Application Delivery Controllers through a shared, common management platform without using yet another management solution or relying solely on on-box management. The same platform that manages all services in the data center — physical and virtual systems together—can now incorporate the entire Application Delivery Network.

By leveraging Microsoft System Center (along with other tools such as System Center Virtual Machine Manager), the F5 PRO-enabled Monitoring Pack for Microsoft System Center is helping to bring application delivery, network management, and systems management into the data center management context. Together these tools integrate complete ADN monitoring and provisioning with systems management tools and the decision processes. With the F5 PRO-enabled Monitoring Pack for Microsoft System Center, every element of the data center, such as host hardware capacity, network health, VM management, and application health, can now be correlated to achieve true provisioning of application delivery services.