To Configure the Web Policy Agents Load Balancer

Before You Begin

The load balancer hardware and software used for this deployment is BIG-IP® manufactured by F5 Networks. If you are using different load balancer software, see the documentation that comes with that product for detailed settings information.

1. Access https://is-f5.example.com, the Big IP load balancer login page, from a web browser.

2. Log in using the following credentials:

   User name:

   username

   Password:

   password

3. Click Configure your BIG-IP (R) using the Configuration Utility.

4. Create a Pool.

   A pool contains all the backend server instances.

   1. In the left pane, click Pools.

   2. On the Pools tab, click Add.

   3. In the Add Pool dialog, provide the following information:

      Pool Name

      WebAgent-Pool

      Load Balancing Method

      Round Robin

      Resources

      Add the IP address and port number of both Protected Resource host machines: pr-1:1080 and pr-2:1080.

   4. Click Done.

5. Add a Virtual Server.

   The virtual server presents an address to the outside world and, when users attempt to connect, it would forward the connection to the most appropriate real server.

   ---

   Tip –

   If you encounter JavaScript^TM errors or otherwise cannot proceed to create a virtual server, try using Internet Explorer.

   ---

   1. In the left frame, click Virtual Servers.

   2. On the Virtual Servers tab, click Add.

   3. In the Add a Virtual Server dialog box, provide the following information:

      Address

      Enter the IP address for lb-4.example.com

      Service

      90

   4. Continue to click Next until you reach the Pool Selection dialog box.

   5. In the Pool Selection dialog box, assign the WebAgent-Pool Pool.

   6. Click Done.

6. Add Monitors.

   Monitors are required for the load balancer to detect the backend server failures.

   1. In the left frame, click Monitors.

   2. Click Add.

      In the Add Monitor dialog provide the following information:

      Name:

      WebAgent-http

      Inherits From:

      Choose http.

   3. Click Next.

   4. On the resulting Configure Basic Properties page, click Next.

   5. In the Send String field under Configure ECV HTTP Monitor, enter GET /monitor.html and click Next.

   6. On the Destination Address and Service (Alias) page, click Done.

      The monitor just added is in the list of monitors under the Monitors tab.

   7. Click the Basic Associations tab.

   8. Mark the Add checkbox next to the IP addresses for pr-1:1080 and pr-2:1080.

   9. At the top of the Node column, choose the monitor that you just added, WebAgent-http.

   10. Click Apply.

7. Configure the load balancer for simple persistence.

   All requests sent within a specified interval from the same user are routed to the same agent. This significantly reduces the number of agent requests sent to OpenSSO Enterprise for validation thus reducing the load on the servers.

   ---

   Note –

   Simple persistence tracks connections based on the client IP address only, returning a client to the same node to which it connected previously.

   ---

   1. In the left frame, click Pools.

   2. Click the WebAgent-Pool link.

   3. Click the Persistence tab.

   4. Under Persistence Type, select the Simple.

   5. Set the timeout interval.

      In the Timeout field, enter 300 seconds.

   6. Click Apply.

8. Log out of the console.