harmony controller adc app v3.4 user guide
TRANSCRIPT
Harmony Controller ADC App v3.4 User Guidefor A10 Thunder® Series and AX™ Series
17 July 2020
© 2020 A10 NETWORKS, INC. CONFIDENTIAL AND PROPRIETARY- ALL RIGHTS RESERVED
Information in this document is subject to change without notice.
PATENT PROTECTION
A10 Networks products are protected by patents in the U.S. and elsewhere. The following website is provided to satisfy the virtual patent marking pro-visions of various jurisdictions including the virtual patent marking provisions of the America Invents Act. A10 Networks' products, including all Thunder Series products, are protected by one or more of U.S. patents and patents pending listed at:
https://www.a10networks.com/company/legal-notices/a10-virtual-patent-marking
TRADEMARKS
A10 Networks trademarks are listed at:
https://www.a10networks.com/company/legal-notices/a10-trademarks
CONFIDENTIALITY
This document provides confidential materials proprietary to A10 Networks, Inc. This document and information and ideas herein may not be dis-closed, copied, reproduced or distributed to anyone outside A10 Networks, Inc. without prior written consent of A10 Networks, Inc.
A10 NETWORKS INC. SOFTWARE LICENSE AND END USER AGREEMENT
Software for all A10 Networks products provides trade secrets of A10 Networks and its subsidiaries and Customer agrees to treat Software as confi-dential information.
Anyone who uses the Software does so only in compliance with the terms of the End User License Agreement (EULA), provided later in this docu-ment or available separately. Customer shall not:
1.Reverse engineer, reverse compile, reverse de-assemble, or otherwise translate the Software by any means.2.Sub-license, rent, or lease the Software.
DISCLAIMER
This document does not create any express or implied warranty about A10 Networks or about its products or services, including but not limited to fit-ness for a particular use and non-infringement. A10 Networks has made reasonable efforts to verify that the information contained herein is accurate, but A10 Networks assumes no responsibility for its use. All information is provided "as-is." The product specifications and features described in this publication are based on the latest information available; however, specifications are subject to change without notice, and certain features may not be available upon initial product release. Contact A10 Networks for current information regarding its products or services. A10 Networks’ products and services are subject to A10 Networks’ standard terms and conditions.
ENVIRONMENTAL CONSIDERATIONS
Some electronic components may possibly contain dangerous substances. For information on specific component types, please contact the manufac-turer of that component. Always consult local authorities for regulations regarding proper disposal of electronic components in your area.
FURTHER INFORMATION
For additional information about A10 products, terms and conditions of delivery, and pricing, contact your nearest A10 Networks location, which can be found by visiting www.a10networks.com.
3
Table of Contents
INTRODUCTION ................................................................................................................. 7Overview ..........................................................................................................................................7Supported Platforms.................................................................................................................... 8
ACOS ............................................................................................................................................................... 8Harmony Controller ..................................................................................................................................... 8
Video Tutorial ................................................................................................................................. 8
INSTALLATION AND UPGRADE .......................................................................................... 9Management of ADC App/ Prerequisites .............................................................................................. 9
User Roles: Super/Provider Admin, Tenant/App Admin ............................................................ 9Thunder Devices and Clusters .........................................................................................................10
App Catalog ..................................................................................................................................................10Upload an App .............................................................................................................................................10Update an App ............................................................................................................................................12Installed Apps ..............................................................................................................................................13Enabling or Disabling ADC App ...............................................................................................................13Delete/Uninstall ADC App ........................................................................................................................15
ADC APP GETTING STARTED .........................................................................................17Getting Started .............................................................................................................................17Launch ADC App from Tenant User........................................................................................ 18
Launch ADC App from Apps Manager ...........................................................................................18Help Center for ADC App...........................................................................................................20Overview of ADC App Tabs and Log View Panel ...................................................................21
ADC APP DASHBOARD .................................................................................................23ADC App Service Selector .........................................................................................................23ADC App Key Performance Indicator Bar ..............................................................................23Time Window Selector................................................................................................................24ADC App Dashboard ...................................................................................................................25
Inventory ......................................................................................................................................................26Alerts and Events ......................................................................................................................................26WAF Events ................................................................................................................................................. 27Deployment Locations .............................................................................................................................28Requests ......................................................................................................................................................28TOP 10 APP SERVICE BY THROUGHPUT .............................................................................................30
ADC App v3.4 User Guide
Contents
4
ADC APP ANALYTICS ................................................................................................... 31ADC Analytics Tab........................................................................................................................31
Service Selection List ............................................................................................................................... 32Layer-4 Analytics........................................................................................................................32
Layer-4: KPI Bar for ADC Analytics Tab ............................................................................................... 32Layer-4 ADC App Selector Diagram .....................................................................................................33Layer-4 Analytics: Client .........................................................................................................................33Layer-4 Analytics: Thunder ADC (TCP) ...............................................................................................36Layer-4 Analytics: Thunder Cluster (TCP) ..........................................................................................38Layer-4 Analytics: App Servers .............................................................................................................38
Layer-7 Analytics ........................................................................................................................39Layer-7: KPI Bar for ADC Analytics Tab ...............................................................................................39Latency Drilldown ......................................................................................................................................40Layer-7 Analytics: ADC App Selector Diagram ..................................................................................42Layer-7 Analytics: Client ..........................................................................................................................42Layer-7 Analytics: Internet .....................................................................................................................46Layer-7 Analytics: WAF Security ........................................................................................................... 47Layer-7 Analytics: ADC Service .............................................................................................................50
Metrics Widgets ...................................................................................................................................50ADC Widgets ..........................................................................................................................................51HTTP2 Widgets .................................................................................................................................... 52SSLi Widgets ........................................................................................................................................53Caching Widgets .................................................................................................................................53
Layer-7 Analytics: Thunder Cluster (TCP) ...........................................................................................54Partition Service Latency .................................................................................................................55
Layer-7 Analytics: Applications .............................................................................................................56Layer-7 Analytics: App Servers ............................................................................................................. 57
ADC APP SERVICE OBJECTS ........................................................................................59How to Deploy an ADC Application Service ..........................................................................60Configuring Servers.....................................................................................................................61
Add/Edit a Server .......................................................................................................................................61Basic ........................................................................................................................................................61Advanced Server Options ..................................................................................................................61Template ...............................................................................................................................................62Port .........................................................................................................................................................62
Delete Server ..............................................................................................................................................64Configuring Server Ports: Add/Edit Port .............................................................................................64
Basic .......................................................................................................................................................64Advanced ..............................................................................................................................................65
Delete Server Port .....................................................................................................................................65Configuring Service Groups...................................................................................................... 67
Basic ....................................................................................................................................................... 67Advanced: Service Groups Options ...............................................................................................68
Delete Service Groups ..............................................................................................................................69
5
ADC App v3.4 User Guide
Contents
Configuring VIPs.......................................................................................................................... 70Configuring VPorts (Virtual Ports) ...........................................................................................71
Configuring Virtual Ports: Add VPort ..................................................................................................... 71Basic ........................................................................................................................................................ 71Advanced .............................................................................................................................................. 73
Delete VPort ................................................................................................................................................ 73
ADC APP SHARED OBJECTS ........................................................................................ 75Logical Partition ......................................................................................................................................... 76Configure Versions of Partition ...............................................................................................................77
Save .........................................................................................................................................................77Compare .................................................................................................................................................77Deploy .................................................................................................................................................... 78
Templates .................................................................................................................................................... 78Adding a Template ............................................................................................................................. 78
WAF Templates ..........................................................................................................................................80aFleX ..............................................................................................................................................................81Certificates ..................................................................................................................................................82CRLs ..............................................................................................................................................................83IP NAT Pool ..................................................................................................................................................84Health Monitor ............................................................................................................................................85How to Configure a Health Monitor for Service Objects ................................................................. 87
ADC APP LOG VIEW AND TROUBLESHOOTING ...............................................................89Log View Panel ............................................................................................................................89
Log View: HTTP ..........................................................................................................................................90Log View: Alerts ..........................................................................................................................................91Log View: License Audit ........................................................................................................................... 92Log View: WAF ............................................................................................................................................93
TroubleShooting..........................................................................................................................94HTTP Monitoring ........................................................................................................................................94WAF Security Policy Violations ...............................................................................................................95
SUPPORT INFORMATION FOR HARMONY CONTROLLER: ADC APP V3.4 ........................ 97Technical and Customer Support............................................................................................ 97
ADC App v3.4 User Guide
Contents
6
7
ADC App v3.4 User GuideFeedback
INTRODUCTION
The A10 Networks® Harmony Controller - ADC App v3.4 provides configuration management, visibility and analytics for your A10 Networks® ADC services and visibility and analytics for A10 Networks® WAF services.
The following topics are covered in this chapter:
• Overview
• Supported Platforms
OverviewThe A10 Networks® Harmony Controller - ADC App v3.4 provides the following functional capabilities for the users:
• Configuration of shared service objects and service objects and ability to deploy service configurations.
• Configuration versioning, compare and deployment to target devices.
• Real-time visibility and actionable insights on into service operation and performance.
• Transactional level visibility for analytics and troubleshooting of ADC services.
• ADC and WAF services for Harmony Controller.
• Supports L4 and L7 application services and WAF functionality.
• Service Configuration, Management and Analytics capabilities.
• Access to information at “Tenant” level, information can be segmented for logical partitions and App partitions.
ADC App v3.4 User Guide
Supported Platforms
8
eeeFF Feedback
Supported PlatformsADC App v3.4 is compatible with the following ACOS and Harmony Controller versions:
ACOS
The supported ACOS versions and compatibility matrix is as follows:
Harmony Controller
The supported Harmony Controller versions for ADC App v3.4 are as follows:
• 5.2.0
• 5.1.0-P1
• 5.1.0
• 5.0.0
• 4.2.1-P3
Video TutorialTo know more about the Harmony Controller - ADC App v3.4, see the following video and refer the procedures for installation.
NOTE: On Harmony Controller - ADC App Documentation Site: http://docs.hc.a10networks.com/ADCapp/3.4/ADC_App_Intro-ductory_Video.mp4
Harmony Controller ACOS Version
Configuration Management Analytics
HC 5.2.0 5.2.0, 5.1.0-P2, 5.0.0, 5.0-P1, 5.1.0
Yes Yes
HC 5.1.0-P1 5.1.0-P2, 5.0.0, 5.0-P1, 5.1.0
Yes Yes
HC 5.1.0-P1 4.1.4-GR1-P1 & P2 No Yes
HC 5.1.0-P1 4.1.1-P8-P12 No Yes
9
ADC App v3.4 User GuideFeedback
INSTALLATION AND UPGRADE
The A10 Networks® Harmony Controller - ADC App v3.4 software is packaged within Harmony Controller 5.2.0. There is no installation needed.
ADC App v3.4 is also available as a package file in .zip format. You can install on a Harmony Controller platform running 5.2.0 or higher.
The following topics are covered in this chapter:
• Management of ADC App/ Prerequisites
• App Catalog
• Upload an App
• Update an App
• Installed Apps
• Enabling or Disabling ADC App
• Delete/Uninstall ADC App
Management of ADC App/ Prerequisites
ADC App collects data from ACOS instances or standard hardware based ACOS devices like Thunder ADC. The ADC App can be installed and managed according to the Provider-Tenant architecture to manage tenants, and users.
User Roles: Super/Provider Admin, Tenant/App Admin
To know more about this provider-tenant model, refer to Harmony Controller documentation here:
http://docs.hc.a10networks.com/5.1.0p2/a10-providertenant-model.html
ADC App v3.4 User Guide
10
eeeFF Feedback
Thunder Devices and Clusters
The Thunder device connecting to the A10 HarmonyTM Controller may be single, part of a HA pair, or part of a VCS cluster. On connecting, a Device Cluster is created within the Provider account. This configuration can be loaded and accessed through ADC Apps. For more information, see:
http://docs.hc.a10networks.com/ThunderADC/a10-thunder-adc.html
App Catalog
When Harmony ADC App is successfully added, the ADC app is visible under App Catalog. The App Catalog on Harmony Controller displays the list of uploaded Harmony Apps.
NOTE: The Root or Provider Administrator can enable the ADC App andmake it available for its tenants .
Only Root Administrator can update or delete the ADC App fromapp catalog.
Upload an App
Follow the steps to upload a new app from the App Catalog section:
1. Select Harmony Controller > root or Provider account.
2. Click Apps > App Catalog from the app store.
3. Click on + Upload an App to add the new version of ADC App to Harmony Controller.
11
ADC App v3.4 User GuideFeedback
FIGURE 1 : Harmony Controller > root > + Upload an App
4. Browse the ADC App package file to upload from the local repository.
5. Add the app description and click Next.
ADC App v3.4 User Guide
12
eeeFF Feedback
FIGURE 2 : Upload App and provide details
Update an App
This option is available only for root or Provider account. Follow the steps to update an app from the App Catalog section:
1. Click Apps > App Catalog and select the provider from the drop-down.
2. Click : and select Update, to update an app.
3. Browse the ADC App package file to upload from the local repository.
4. Add the app description and click Update.
13
ADC App v3.4 User GuideFeedback
FIGURE 3 : root > Apps Manager > Apps Catalog > ADC App > Update
Installed Apps
All of the available apps for the root or Provider are displayed under Installed Apps.
Enabling or Disabling ADC App
This option is available for Tenant account . To enable or disable ADC app, follow the below steps:
1. Click Apps > My Apps and select the Tenant from the drop-down.
2. Click ADC App and select : > Enable/Disable to enable or disable the app.
ADC App v3.4 User Guide
14
eeeFF Feedback
FIGURE 4 : Enable ADC App
15
ADC App v3.4 User GuideFeedback
Delete/Uninstall ADC App
This option is available only for root or Provider account .Follow the steps to delete an app from the App Catalog section:
1. To uninstall the ADC App, select : > Uninstall.
2. To search for ADC App, type the app name in the search tab.
FIGURE 5 : root > Apps Manager > Apps Catalog > ADC App > Uninstall
17
ADC App v3.4 User GuideFeedback
ADC APP GETTING STARTED
The Harmony Controller ADC App v3.4 provides configuration management, visibility and analytics for A10 Networks® ADC services and visibility and analytics for A10 Networks® WAF services.
The following topics are covered in this chapter:
• Getting Started
• Launch ADC App from Tenant User
• Help Center for ADC App
• Overview of ADC App Tabs and Log View Panel
Getting StartedTo get started with the ADC App, view the Video Tutorial or Getting Started section in Harmony Controller Help Center.
FIGURE 6 : Getting Started with App from Harmony Controller
ADC App v3.4 User Guide
Launch ADC App from Tenant User
18
eeeFF Feedback
Launch ADC App from Tenant UserTo launch App from Harmony Controller Tenant user account:
1. Login to Harmony Controller.
2. Select the related Tenant user account in the top panel.
3. There are three ways the ADC App can be launched.
• From the Harmony Controller > Services > App Services page
FIGURE 7 : Launch ADC App from Harmony Controller > Services > App Services
• From the Harmony Controller > Services > Logical Partition page. This option is available only if logical partitions are enabled.
• From the Apps Manager > My Apps page
Launch ADC App from Apps Manager
To launch ADC App from Apps Manager:
1. Click Apps Manager drop-down on left hand panel of Harmony Controller.
2. The following two tabs are available in Harmony Controller Apps Manager ;
Tab Description
My Apps Provides a list of all enabled Apps
Installed Apps Provides a list of Apps loaded to the Controller Tenant Repository
19
ADC App v3.4 User Guide
Launch ADC App from Tenant User
Feedback
3. Click Installed Apps. Select the required App and click Enable.
FIGURE 8 : Harmony Controller (Tenant) > Apps Manager > Installed Apps
4. Click My Apps on left hand panel.
5. To launch ADC App, click menu “:” > Launch App on app in My Apps page as shown in the following image.
FIGURE 9 : .Harmony Controller > Apps Manager > My Apps
6. Select Tenant and click Proceed to launch app.
ADC App v3.4 User Guide
Help Center for ADC App
20
eeeFF Feedback
FIGURE 10 : Launch App > Select Tenant
NOTE: Disable pop-up blocker to ensure that the Select Tenant window pop-up functions correctly.
Help Center for ADC AppThe Help Center the following quick access links
• Product documentation
• Product Demos
• Technical Articles
• Video Tutorials
• White Papers
• Create Ticket
• Privacy Policy
• End of Sale
Click on the “?” icon on the top-right corner of the application navigation bar to access and explore the feature.
21
ADC App v3.4 User Guide
Overview of ADC App Tabs and Log View Panel
Feedback
FIGURE 11 : Select Help Menu
FIGURE 12 : ADC App Help Center Pop-up Menu Widget
Overview of ADC App Tabs and Log View PanelThe ADC App v3.4 has the following tabs/expandable windows:
Tabs / Expand Window Description
Dashboard Displays information about the logical partitions mapped to the tenant, configured App services, service monitoring, and key statistics about the service operations.
Analytics Displays visibility and analytics information for deployed App services, key performance indicators, and service operation metrics.
Service Objects Displays configured service objects and provides an ability to edit, save, compare, and deploy service configurations.
Shared Objects Displays configured shared service objects and an ability to manage shared objects.
Log panel A expandable panel at the bottom of App window. This panel provides access to detailed service logs and an ability to filter logs for detailed analysis and troubleshooting.
ADC App v3.4 User Guide
Overview of ADC App Tabs and Log View Panel
22
eeeFF Feedback
FIGURE 13 : ADC App > Top Panel with Tabs
FIGURE 14 : ADC App > Expandable Bottom Log Panel
For details, see the following sections:
• ADC App Dashboard
• ADC App Analytics
• ADC App Service Objects
• ADC App Shared Objects
• ADC App Log View and Troubleshooting
23
ADC App v3.4 User GuideFeedback
ADC APP DASHBOARD
The Harmony Controller ADC App v3.4 dashboard provides visibility and analytics for A10 Networks® ADC services and WAF services at a Provider-level or Tenant-level.
The Dashboard displays different widgets and this page gives the overall picture on alerts and events, users, apps, deployment locations, clusters, tenants and license usage.
The following topics are covered in this chapter:
• ADC App Service Selector
• ADC App Key Performance Indicator Bar
• Time Window Selector
• ADC App Dashboard
ADC App Service SelectorThe ADC App Service Selector is a selection list. Select the pre-defined application services to view the related data and statistics.
The App Service Selector is available for all ADC App tab selections.
FIGURE 15 : App Service Selector -ADC App Header
ADC App Key Performance Indicator BarThe KPI Bar Widget for ADC App displays the following information. This data is refreshed every time as per the selection in the Time Window Selector widget.
ADC App v3.4 User Guide
Time Window Selector
24
eeeFF Feedback
The KPI Bar widget for ADC Dashboard and Analytics page displays the following information:
FIGURE 16 : KPI Bar on ADC App Header
Time Window SelectorThe Time Window Selector displayed for ADC Dashboard and Analytics page, has the following components:
FIGURE 17 : Time Window Selector:
Widget / Field Description
Throughput (BPS) Total traffic for all the app services for the tenant.
Current Connections Number of active connections.
Connection Rate (CPS)
Number of closed connections.
Errors Number of errors.
Widget / Field Description
Calendar Widget - Date Selector Select date timeline using the calendar.
Time Selection Scroll Bar Select the timeline for data analysis.
Auto Refresh Timer Specify a time to refresh the page automatically.
25
ADC App v3.4 User Guide
ADC App Dashboard
Feedback
ADC App Dashboard The ADC App Dashboard displays the following main components:
• ADC App Service Selector
• ADC App Key Performance Indicator Bar
• Time Window Selector
• Alerts and Events
• WAF Events
• Deployment Locations
• Requests
• TOP 10 APP SERVICE BY THROUGHPUT
The ADC App Dashboard displays the following common components:
Widgets/ Fields Description
App Service Selector See ADC App Service Selector.
Key Performance Indicators (Averaged per minute). See The KPI Bar widget for ADC Dashboard and Analytics page displays the following information:
Time Range Slider Time range selector control. Applies to all the widgets in the app. See Time Window Selector
ADC App v3.4 User Guide
ADC App Dashboard
26
eeeFF Feedback
Inventory
Displays a list of logical partitions of type ADC with a list of the app services deployed in the logical partition for the selected tenant.
FIGURE 18 : ADC App > Dashboard > Inventory
Alerts and Events
Alerts and events displays information for a particular tenant or all tenants. You can filter the alerts and events according to following criteria:
• Severity,
• Warning,
• Notification
• Information.
You can toggle to check the log collection statistics for the timestamp, tenant ID, cluster ID, system module and message.
27
ADC App v3.4 User Guide
ADC App Dashboard
Feedback
FIGURE 19 : ADC App > Dashboard > Alerts, Events
WAF Events
The following WAF events widget displays distribution of number of WAF events or requests that triggered WAF policy violation(s) reported on time scale.
FIGURE 20: ADC App > Dashboard > WAF Events
ADC App v3.4 User Guide
ADC App Dashboard
28
eeeFF Feedback
Deployment Locations
This world map displays distribution of service devices by geographical location. The deployment locations are highlighted displaying the number of clusters or devices associated with the particular location in a color-coded map format with statistics.
FIGURE 21 : ADC App > Dashboard > Deployment Locations
Requests
The Requests widget displays the summation of all response codes for requests processed for a time range plotted on a time series chart.
The ADC App Dashboard provides the following “Request” locations and Latency information:.
Widgets Description
Request Locations Displays distribution of client location(s) for received requests.
Request Methods Displays distribution of HTTP method of requests received..
Response Codes Displays distribution of HTTP response codes.
Average End-to-end Latency
Displays the average end-to-end latency for a full request-response cycle (the time taken by the one request-response cycle averaged for the selected time range) plotted as a time series chart.
REQUESTS Displays number of requests received plotted on a time series chart.
29
ADC App v3.4 User Guide
ADC App Dashboard
Feedback
FIGURE 22 : ADC App > Dashboard > Requests
ADC App v3.4 User Guide
ADC App Dashboard
30
eeeFF Feedback
TOP 10 APP SERVICE BY THROUGHPUT
This widget displays the “Top 10 App Services by throughput” for the selected time range with the following fields:
FIGURE 23: ADC App > Dashboard > Top 10 App Services by throughput
Fields Description
App Services App service name
Throughput Displays the throughput data in pps or packets per second.
31
ADC App v3.4 User GuideFeedback
ADC APP ANALYTICS
The Harmony Controller ADC App v3.4 provides configuration management, visibility and analytics for your A10 Networks® ADC services and visibility and analytics for A10 Networks® WAF services.
The following topics are covered in this chapter:
• ADC Analytics Tab
• Layer-4 Analytics
• Layer-7 Analytics
ADC Analytics TabThe analytics tab displays the following information for monitoring and analysis of service operations.
The ADC App Analytics tab displays the following information. The information displayed is for all deployed app services for the tenant as follows:
Widgets/ Fields Description
App service Selector A drop down control to select and filter the information for a given app service
Key Performance Indicators Time range selector control. Applies to all the charts on the page below.
Time Range Slider Time range selector control. Applies to all the widgets in the app. See Time Window Selector
ADC Selector Diagram Graphic menu to load analytics information for the following entities involved in the service operations.
ADC App v3.4 User Guide
Layer-4 Analytics
32
eeeFF Feedback
Service Selection List
KPI Bar has a Service selection drop-down list where you can select pre-configured Services. The Services are of two types:
• Layer-4 Services
• Layer-7 Services
Layer-4 AnalyticsThe Analytics page displays different statistics related to Layer-4 when L4 Service is selected on the KPI bar Service Selection list.
Layer-4: KPI Bar for ADC Analytics Tab
The KPI Bar widget for ADC Analytics tab displays the following information for Layer-7 Key Performance Indicators (averaged per minute):
Widget / Field Description
Throughput (BPS) Total traffic for all the app services for the tenant. Average throughput in bits per second over default value minutes of data. Refreshed every min-ute. Default value is 3.
Current Connections Number of active connections. Number of active connections averaged over default value minutes. Default value is 3.
Packet Rate Number of packets received and sent per second measured over the last minute. Default value is 3.
Errors Number of errors. Number of 4xx plus 5xx responses in the last minute.
33
ADC App v3.4 User Guide
Layer-4 Analytics
Feedback
Layer-4 ADC App Selector Diagram
The Harmony ADC App Selector Diagram is a graphic menu to load analytics information for the following entities involved in the service operations:
• Layer-4 Analytics: Client
• Layer-4 Analytics: Thunder ADC (TCP)
• Layer-4 Analytics: Thunder Cluster (TCP)
• Layer-4 Analytics: App Servers
FIGURE 24: ADC App > Analytics > Selector Diagram (graphic menu)
Layer-4 Analytics: Client
The ADC App > Analytics > Client section displays the following widgets for Layer-7 selection:
Widget/Field Description
BYTES RECEIVED AND SENT Distribution graphs of number of bytes for the selected time range, for:
• Total bytes• Sent• Received
PACKETS RECEIVED AND SENT Distribution graphs of number of packets for the selected time range, for:
• Total bytes• Sent• Received
ADC App v3.4 User Guide
Layer-4 Analytics
34
eeeFF Feedback
FIGURE 25 : Layer-7 Analytics > Client
Clients widgets Continued...
CONNECTIONS Distribution graphs of number of connections per second for the selected time range, for:
• Total Connections• Peak• Rate (/sec)
CLIENT RELATED ERRORS AND FAILURES
Number of TCP and policy errors plotted on a time series chart, filtered by:
• Client Connections Failure• Other Failures Total• Connection Drops
Widget/Field Description
Widget Description
TOP CLIENTS BY Distribution statistics graph of Top Usage Clients, filtered by:
• BANDWIDTH: Distribution of clients utilizing the most bandwidth.• CONNECTIONS: Distribution of clients establishing the most
connections.• THROUGHPUT: Distribution of clients with the most throughput.
CONNECTIONS Distribution graph of total number of connections for the selected time range plotted on a time series.
CONNECTION RATE Distribution graph of number of connections closed per second for the selected time range plotted on a time series chart.
35
ADC App v3.4 User Guide
Layer-4 Analytics
Feedback
FIGURE 26: Layer-7 Analytics > Client > Top Clients By ...
THROUGHPUT Average throughput (bits per second) plotted on a time series chart.
PACKET RATE Average number of packets received and sent per second plotted on a time series chart.
Widget Description
ADC App v3.4 User Guide
Layer-4 Analytics
36
eeeFF Feedback
Layer-4 Analytics: Thunder ADC (TCP)
The ADC App > Analytics > Thunder ADC (TCP) > Overview section displays the following widgets for Layer-7 selection:
Widget Description
DROPPED TRAFFIC Distribution of number of packets dropped from TCP and Policy Errors for the selected time period.
ERRORS AND FAILURES Distribution of Errors and Failures from TCP errors, for the selected time period.
ANOMALIES Distribution of anomalies because of TCP errors, for the selected time period.
LOAD DISTRIBUTION Distribution of connections filtered by application servers.
TCP SYN RECEIVED Number of TCP SYN requests received and plotted on a time series chart.
TCP SYN RATE Number of TCP SYN requests received per second plotted on a time series chart.
DSR RECEIVED Number of DSRs received for the selected time range, filtered by con-figured DSRs:
• L2 DSR Received• L3 DSR Received
DROPPED TRAFFIC Dropped traffic plotted on a time series chart, filtered by reason:
• BW limit exceeded.• BW watermark• Connection Limit• Connection Rate Limit• NAT CPS Exceeded.• TCP SYN Cookie Buffer• NAT No-Session• Aflex• Vport Mismatch
ERRORS AND FAILURES TCP errors and failures plotted on a time series chart, filtered by:
• Client Connection Fail• Server Connection Fail• SYN-Cookie Fail• L4 SYN attack• Source NAT failures• ADC Reset count to Client• L4 Handshake fail
37
ADC App v3.4 User Guide
Layer-4 Analytics
Feedback
FIGURE 27 : Layer-7 Analytics > Thunder ADC Widgets
ADC App v3.4 User Guide
Layer-4 Analytics
38
eeeFF Feedback
Layer-4 Analytics: Thunder Cluster (TCP)
The ADC App > Analytics > Thunder Cluster (TCP) > Overview section displays the following widgets for Layer-4 selection:
Layer-4 Analytics: App Servers
The ADC App > Analytics > App Servers section for Layer-7 selection, displays the following filterable distribution of application server operational metrics on time scale:
Widget Description
CLUSTER CPU Maximum utilization of data and management CPUs across all devices in the cluster.
CLUSTER MEMORY Maximum utilization of memory across all devices in the cluster.
CLUSTER THROUGHPUT Peak and average throughput for all devices in the cluster in bits per second (bps).
DEVICES IN CLUSTER List of devices in the cluster, along with the averaged out CPU and memory utilization for each device across the selected time range.
DEPLOYMENT LOCATIONS World map with location of all devices in the cluster marked in blue gradients according to number of deployments.
CLUSTER TRAFFIC Volume of traffic across all devices in the cluster plotted as a time series chart for:
• THROUGHPUT: Throughput across all devices in the cluster plotted as a time series chart, filtered by data: • Ingress• Egress
• ACTIVE SESSIONS: Number of active connections across all devices in the cluster plotted on a time series chart.
Widget Description
TOTAL CONNECTIONS Displays number of connections for each application server plotted on a time series chart, filtered by individual connections.
CURRENT CONNECTIONS Displays number of current connections for each application server plotted on a time series chart filtered by current individual connections.
THROUGHPUT Displays throughput for each application server plotted on a time series chart, filtered by individual connections.
39
ADC App v3.4 User Guide
Layer-7 Analytics
Feedback
Layer-7 AnalyticsThe Analytics page displays different statistics related to Layer 7 when L7 Service is selected on the KPI bar Service Selection list.
Layer-7: KPI Bar for ADC Analytics Tab
The KPI Bar widget for ADC Analytics tab displays the following information for Layer-4 Key Performance Indicators (averaged per minute)
L4 CONNECTION RATE Displays number of connections closed per second for the selected time range plotted on a time series chart, filtered by individual connections.
PACKETS Displays number of packets received and sent by each application server, filtered by individual connections.
Widget Description
Widget / Field Description
Throughput (BPS) Total traffic for all the app services for the tenant. Average throughput in bits per second over default value minutes of data. Refreshed every min-ute.
Current Connections Number of active connections. Number of active connections averaged over default value minutes.
Requests Number of requests received per minute over last 3 minutes of data. Refreshed every minute.
Request Rate Request rate. Number of requests received per second.
Errors Number of errors. Number of 4xx plus 5xx responses in the last minute.
Client TTFB Application latency (Time to First Byte). Average time to first byte for requests received in the last minute. Click on >| to view the details of Layer-7 Analytics: ADC App Selector Diagram.
ADC App v3.4 User Guide
Layer-7 Analytics
40
eeeFF Feedback
Latency Drilldown
Latency Drilldown Analytics page is available on the Layer-4 Analytics KPI bar.
Navigate to Latency Drilldown page as follows:
Analytics > Layer-4 selection in Service Selection > KPI Bar > Client TTFB >|
This page has the following components:
FIGURE > Latency Analysis Illustration
Widget / Field Description
Latency Analysis Displays Network Illustration with latency information in milliseconds:
• In Latency • Out Latency • App Latency
AVG. END-TO-END LATENCY Average end-to-end latency for a full request-response cycle plotted on a time series chart, filtered by:
• In Latency• Out Latency• Client RTT• Response Transfer Time• Server RTT• Request Transfer time• App Latency
AVG. APP SERVER LATENCY Displays response latency for each app server averaged over the selected time range plotted on a time series chart, can be filtered by indi-vidual app server.
CLIENT PERFORMANCE Displays distribution of top clients having the highest response time, can be filtered by individual client IPs.
URL PERFORMANCE Displays distribution of top URLs having the highest response time, can be filtered by individual URL data.
ACCESS LATENCY Displays distribution of latency for client locations plotted on a geoloca-tion map.
41
ADC App v3.4 User Guide
Layer-7 Analytics
Feedback
FIGURE 28: Latency Drilldown
ADC App v3.4 User Guide
Layer-7 Analytics
42
eeeFF Feedback
Layer-7 Analytics: ADC App Selector Diagram
The Harmony ADC App Selector Diagram is a graphic menu to load analytics information for the Layer-4 and Layer-7 entities involved in the service operations. The App Selector Diagram for Layer-4 selection displays the following entities:
• Layer-7 Analytics: Client
• Layer-7 Analytics: Internet
• Layer-7 Analytics: WAF Security
• Layer-7 Analytics: ADC Service
• Layer-7 Analytics: Thunder Cluster (TCP)
• Layer-7 Analytics: Applications
• Layer-7 Analytics: App Servers
FIGURE 29 : ADC App > Analytics > Selector Diagram (graphic menu)
Layer-7 Analytics: Client
The ADC App > Analytics > Client section displays the following widgets:
Widget/Field Description
Request Location Distribution graph of request origins / locations.
Request Methods Distribution graph of request methods.
Response Codes Distribution graph of request response codes.
Average End-to-End Latency
Average of “request latency”, the time taken by one request-response cycle for a selected time range.
Requests Distribution graph of number of requests on time scale.
43
ADC App v3.4 User Guide
Layer-7 Analytics
Feedback
FIGURE 30: ADC App > Analytics > Client
FIGURE 31 : ADC App > Analytics > Client > Average End-to-End Latency, Requests
Client section continued...
Widget/Field Description
Location Distribution graph of client locations.
OS Distribution graph of client machine operating systems.
Response Codes Distribution graph of request response codes.
Device Distribution graph of client device types.
Browser Distribution graph of client browsers.
ADC App v3.4 User Guide
Layer-7 Analytics
44
eeeFF Feedback
FIGURE 32: ADC App > Analytics > Client > Location, OS, Response Codes...
The ADC App > Analytics > Client >Top Clients By widget has the following tabs:
Widget/Field Description
Requests Distribution graph of top clients sending requests.
Throughput Distribution graph of top clients by total traffic throughput.
45
ADC App v3.4 User Guide
Layer-7 Analytics
Feedback
FIGURE 33: ADC App > Analytics > Client > Top Clients By
The ADC App > Analytics > Client > Security widget has the following options:
FIGURE 34: ADC App > Analytics > Client > Security
Widget/Field Description
Requests Denied Distribution graph of requests handled by Security WAF on time scale. The distribution can be filtered for top clients by number of “requests denied” due to a WAF policy.
Requests Allowed Distribution graph of requests handled by Security WAF on time scale. The distribution can be filtered for top clients by number of “requests allowed” due to a WAF policy.
ADC App v3.4 User Guide
Layer-7 Analytics
46
eeeFF Feedback
Layer-7 Analytics: Internet
The ADC App > Analytics > Internet section displays the following information for requests distributed geographically.
• Access Latency
• HTTP
• HTTPS
• Requests
• Average Throughput
FIGURE 35: ADC App > Analytics > Internet
47
ADC App v3.4 User Guide
Layer-7 Analytics
Feedback
Layer-7 Analytics: WAF Security
The ADC App > Analytics > WAF SECURITY section displays the following information:
Widget/Field Description
Violations Distribution graph of WAF policy violations with following tabs and view options:
• Overall distribution• HTTP Limit Violations• HTTP Protocol Violations• filterable distribution of violations on a time scale.
VIOLATIONS TIME SERIES
Triggered WAF violations plotted on a time series chart.
WAF Request Handling Widget that displays filterable distribution graph of WAF policy events or the number of requests allowed, and requests denied plotted on a time series chart.
Cookie Security Widget that displays filterable distribution graph of cookie policy events:
• Cookies• Set-Cookies• Violations
Events Widget that displays distribution of WAF policy events on time scale for requests that were denied; “Requests Denied”.
Top Sources Widget that displays graph of top request sources that generated the WAF policy events.
ADC App v3.4 User Guide
Layer-7 Analytics
48
eeeFF Feedback
FIGURE 36: ADC App > Analytics > WAF Security
49
ADC App v3.4 User Guide
Layer-7 Analytics
Feedback
FIGURE 37 : ADC App > Analytics > WAF Security > Events, Top Sources
ADC App v3.4 User Guide
Layer-7 Analytics
50
eeeFF Feedback
Layer-7 Analytics: ADC Service
The ADC App > Analytics > ADC Service section displays the following widgets.
Metrics Widgets
The ADC App > Analytics > ADC Service section displays the following metrics and information about service operations:
FIGURE 38: ADC App > Analytics > ADC Service > (Metrics Widgets)
Widget/Field Description
Cache Rate Displays percentage of cache utilization.
Cache Utilization Displays number of cache hits per second.
Throughput Displays average throughput in (bps).
Throughout Peak Displays peak of the throughput averages.
Client Connections Displays average connections, closed connections per second, and maximum current connections.
Load Distribution Displays distribution of load on the servers.
51
ADC App v3.4 User Guide
Layer-7 Analytics
Feedback
ADC Widgets
The ADC App > Analytics > ADC Service section displays the following ADC related information:
Widget/Field Description
Load Distribution Displays filterable server load distribution on time scale.
Throughput Displays distribution of throughput on time scale filterable for:
• incoming• outgoing.
ADC Service Latency Displays time taken by request in and out of service device) filterable for:
• REV - outgoing• FWD - incoming.
Error Traffic Displays the filterable distribution of response codes on time scale.
ADC App v3.4 User Guide
Layer-7 Analytics
52
eeeFF Feedback
FIGURE 39: ADC App > Analytics > ADC Service > (ADC Widgets)
HTTP2 Widgets
The ADC App > Analytics > ADC Service section displays the following HTTP2 related filterable distributions on time scale:
Widget/Field Description
PROXY CONNECTIONS Number of total, current and peak connections plotted on a time series chart.
Total Bytes Number of Control, Header and Data Bytes expressed as a percentage of the Total Bytes and plotted on a time series chart.
Streams Closed Number of streams closed plotted on a time series chart.
Frame Types Sent to Client Number of types of frames sent to remote client plotted on a time series chart.
53
ADC App v3.4 User Guide
Layer-7 Analytics
Feedback
SSLi Widgets
The ADC App > Analytics > ADC Service section displays the following SSLi related filterable distributions of current and total client and server SSL connections on time scale:
FIGURE 40: ADC App > Analytics > ADC Service > (SSLi Widgets)
Caching Widgets
The ADC App > Analytics > ADC Service section displays the following Caching related filterable distributions of operational metrics on time scale:
Widget/Field Description
Client SSL Connections Number of total and current client SSL connections plotted on a time series chart.
Server SSL Connections Number of total and current server SSL connections plotted on a time series chart.
Widget/Field Description
Averaged Cached Entries
Displays average number of response entries that are cached.
Cached Utilization Displays percentage of response entries in the cache that are served.
Compress / Uncompressed
Displays distribution of compressed / uncompressed content on time scale.
ADC App v3.4 User Guide
Layer-7 Analytics
54
eeeFF Feedback
FIGURE 41 : ADC App > Analytics > ADC Service > (Caching Widgets)
Layer-7 Analytics: Thunder Cluster (TCP)
The ADC App > Analytics > Thunder Cluster (TCP) has the following widget groups:
Device Cluster Widgets
Displays filterable distribution of device metrics on time scale (irrespective of the number of device services mapped to the tenant):
• CPU Utilization
• Memory Utilization
• Bandwidth
• Total Connections
55
ADC App v3.4 User Guide
Layer-7 Analytics
Feedback
FIGURE 42: ADC App > Analytics > ADC Service > (Device Cluster Widgets)
Partition Service Latency
Displays Partition Service Latency; distribution of service latency, filterable for:
• FWD - forward traffic
• REV - reverse traffic
• TTFB - Total Time to First Byte
• TTLB - Total Time to Last Byte
ADC App v3.4 User Guide
Layer-7 Analytics
56
eeeFF Feedback
FIGURE 43: ADC App > Analytics > ADC Service > Partition Service Latency
Layer-7 Analytics: Applications
The ADC App > Analytics > Applications section displays the following distributions of application performance metrics:
Widget/Field Description
Response Time Displays average response time from server.
App Latency Displays average server / application latency.
Top URL Displays distribution statistics of top URLs.
Top Domain Displays distribution statistics of top domains.
Response Time by Port Displays average response time per minute per port.
Slowest Transactions Displays distribution statistics of slowest transactions.
57
ADC App v3.4 User Guide
Layer-7 Analytics
Feedback
FIGURE 44: ADC App > Analytics > Applications
Layer-7 Analytics: App Servers
The ADC App > Analytics > App Servers section displays the following filterable distribution of application server operational metrics on time scale:
Widget/Field Description
Server Health Displays numbers of servers up or down.
Server Response Time Displays server response time to first byte.
New Connections Displays number of new connections.
Current Connections Displays number of active connections.
ADC App v3.4 User Guide
Layer-7 Analytics
58
eeeFF Feedback
FIGURE 45: ADC App > Analytics > App Servers
•
59
ADC App v3.4 User GuideFeedback
ADC APP SERVICE OBJECTS
The Service Object tab provides configuration management options to deploy an ADC service, configure or model an ADC service and WAF service. It displays service objects that can be configured in the logical partition and allow users to perform service configuration changes.
The following service objects can be fully managed with the app:
• Servers
• Service Groups
• vPorts
• VIPs
The following topics are covered in this chapter:
• How to Deploy an ADC Application Service
• Configuring Servers
• Add/Edit a Server
• Delete Server
• Configuring Server Ports: Add/Edit Port
• Delete Server Port
• Configuring Service Groups
• Delete Service Groups
• Configuring VPorts (Virtual Ports)
• Delete VPort
• Configuring VIPs
ADC App v3.4 User Guide
How to Deploy an ADC Application Service
60
eeeFF Feedback
How to Deploy an ADC Application ServiceTo deploy and ADC App Service using the ADC App > Service Objects tab:
1. Configure the list of Servers
2. Configure the list of Service Groups
3. Configure Virtual Ports
4. Configure VIPs.
FIGURE 46: ADC App > Service Objects
61
ADC App v3.4 User Guide
Configuring Servers
Feedback
Configuring ServersThe ADC App > Service Objects > Servers tab provides options to Add, Edit to Configure Servers. and also Delete a server.
Add/Edit a Server
Configure Servers and health checks on servers by manually specifying values or loading predefined server templates using the ADC App > Service Objects > Servers > +Add a Server or Edit Server option.
Basic
The + Add a Server > Basic configuration contains has the following fields:
Advanced Server Options
The + Add a Server/ Edit a Server > Advanced configuration contains the following fields:
Field DescriptionName Specify the server name
Type Select the server type as: Host, IPv6, or FQDN
Resolve As Resolve server IP address as: IPv4 or IPv6
Action Configure server action as: Enable, Disable or Disable with Health Check
Health Check Select templates with Health Check options
Health Check Disable Enable or Disable Health Check. Disabled by default
Connection Limit Configure active connection limit. The valid range is 1-64000000
No Logging Disable or Enable logging connection over limit event. Disabled by default.
Field DescriptionExternal IP Configure external IP address for GSLB network address translation.
IPv6 Configure IPv6 address Mapping for GSLB.
Connection Resume Configure the minimum number of active connections before resuming to take on new connections). The valid range is 1-1000000.
Weight The Connection weight for the real server. The valid range is 1 to 1000.
Slow Start Slowly ramp up the connection number after server is up (start from 128, then double every 10 sec till 4096).
Spoofing Cache This DNS server is a spoofing cache.
Stats Data Action Enable or disable Statistics data. Enabled by default.
ADC App v3.4 User Guide
Configuring Servers
62
eeeFF Feedback
Template
This section provides the option to load a pre-defined server template configuration to create or edit the Server.
Port
The +Add a Server/ Edit a Server > Port configuration contains the following fields:
Extended Stats Enable or disable extended statistics on real server. Disabled by default.
Alternate Server Specify alternate server IP:
• Alternate: Priority or weight of alternate server. • Name: Name of alternate server. • +Add another item: Add another alternate server.
Field Description
Field DescriptionTemplate Server Select predefined server configuration template from drop-down
list.
Field DescriptionPort Displays Port ID.
Port Number Displays port number.
Protocol Specifies protocol (TCP, UDP, or HTTP) running on port.
Range Displays range of port values.
Health Check Displays if health check enabled or disabled on port.
63
ADC App v3.4 User Guide
Configuring Servers
Feedback
FIGURE 47 : ADC App > Service Objects > Servers > Add a Server
ADC App v3.4 User Guide
Configuring Servers
64
eeeFF Feedback
Delete Server
To delete a Server:
• Select Service Objects > Servers > : > Delete
• Click OK on the pop-up confirmation
Configuring Server Ports: Add/Edit Port
The ADC App > Service Objects > Servers provides options to Add, Edit to Configure Servers.
Configure Servers port and health checks on ports by manually specifying values or loading predefined server templates using the ADC App > Service Objects > Servers > Ports > +Add Server Port or Edit Port option.
Basic
The + Add ServerPort > Basic configuration contains has the following fields:
Field DescriptionPort Number Specify port number. Valid range is 0 to 65534.
Protocol Configure protocol for port. Options are TCP or UDP
Range Define port range value used for vip-to-rport-mapping, VIP-to-Remote Port-mapping and Virtual Port-Remote Port range mapping. Valid range is 0 to 254.
Health Check Select from pre-defined health check monitor options; for example: “ping”, “http”, or “Hm_WebApps_80_Http”
Health Check Follow Port
Specify which port to follow for health status. Valid range is 1 to 65534.
Follow Port Protocol Specify which port to follow to configure port protocol.
Health Check Disable Enable or Disable Health Check. Disabled by default.
Connection Limit Configure active connection limit. The valid range is 1 to 64000000.
No Logging Disable or Enable logging connection over limit event. Disabled by default.
65
ADC App v3.4 User Guide
Configuring Servers
Feedback
Advanced
The + Add Server Port / Edit Server Port > Advanced configuration contains the following fields:
Delete Server Port
To delete a port:
• Select Service Objects > Servers > Ports > : > Delete
• Click OK on the pop-up confirmation.
Field DescriptionWeight The Connection weight for the real server port. The valid range is 1 to 1000.
Connection Resume Configure the minimum number of active connections before resuming to take on new connections). The valid range is 1-1000000.
Stats Data Action Enable or disable Statistics data. Enabled by default.
Extended Stats Enable or disable extended statistics on real server. Disabled by default.
Alternate Port Specify alternate server port:
• Alternate: Priority or weight of alternate server port. • Alternate Name: Name of alternate server port. • Alternate Server Port: Priority or weight of alternate server port. • +Add another item: Add another alternate server port.
Service Principal Name
Kerberos principal port name
ADC App v3.4 User Guide
Configuring Servers
66
eeeFF Feedback
FIGURE 48: ADC App > Service Objects > Servers > Ports > Add Server Port
67
ADC App v3.4 User Guide
Configuring Service Groups
Feedback
Configuring Service GroupsThe ADC App > Service Objects > Service Groups tab provides options to Add, Edit to Configure Servers. and also Delete a service group
Basic
The + Add a Service Group > Basic configuration contains has the following fields:
Field DescriptionName Specify the ADC Service name
Protocol Select the service protocol
LB Method Load Balancing method: Various methods selection list with description
LC Method Least connection method
Stateless LB Method Stateless LB method
Pseudo Round Robin PRR, select the oldest node for sub-select
Stateless Auto Switch Enable auto stateless method
Stateless LB Method2 Stateless LB method
Connection Rate (conn/sec)
Dynamically enable stateless method by conn-rate. Rate to trigger state-less method(conn/sec). Valid range: 1-1000000
Rate Duration (seconds)
Enable auto stateless method. Valid range: 1-600
Revert Rate (conn/sec)
PRR, select the oldest node for sub-select. Valid range: 1-1000000
Revert Rate Duration (seconds)
Period that revert condition consistently happens(seconds).Valid range: 1-600
Grace Period (seconds)
Define the grace period during transition(seconds).Valid range: 1-600.
Connection Rate Log Send log if transition happens
L4 Session Usage Dynamically enable stateless method by connection rate. Rate to trigger stateless method(conn/sec). The valid range is 1-100.
L4 Session Usage Duration (seconds)
Period that trigger condition consistently happens(seconds). The valid range is 1-600
L4 Session Usage Revert Rate
Usage to revert to statelful method. The valid range is 1-100
L4 Session Revert Duration (seconds)
Period that trigger condition consistently happens(seconds). The valid range is 1-600
L4 Session Usage Grace Period (seconds)
Define the grace period during transition. Define the grace period during transition(seconds). The valid range is 1-600
L4 Session Usage Log Send log if transition happens
Strict Select Strict selection for service group
ADC App v3.4 User Guide
Configuring Service Groups
68
eeeFF Feedback
Advanced: Service Groups Options
The + Add a Service Group/ Edit a Service Group > Advanced configuration contains the
Health Check Select templates with Health Check options
Health Check Disable Enable or Disable Health Check. Disabled by default
Field Description
Fields Description
Template Port Port template name
Template Server Server template name
Template Policy Policy template name
Min Active Member Minimum Active Member Per Priority.Minimum Active Member before Action. Valid range is 1-1024.
Min Active Member Action Select the action on Minimum active member event.
Reset On Server Selection Fail
Enable or disable send reset to client if server selection fails
Priority Affinity Enable or Disable priority affinity. Persist to the same priority if possi-ble.
Reset Priority Affinity Reset the priority affinity
Backup Server Event Log Send log information on back up server events
Stats Data Action Statistical data collection
Extended Stats Enable extended statistics on service group
Traffic Replication Mirror Mirror the bi-directional packets
Traffic Replication Mirror DA Repl
Replace Destination MAC
Traffic Replication Mirror IP Repl
Replace IP with server-IP
Traffic Replication Mirror SA DA Repl
Replace Source MAC and Destination MAC address
Traffic Replication Mirror SA Repl
Replace Source MAC address
Priorities Configure values for sub-fields:
• Priority option: Valid range is 1-16. Define different action for each priority node.
• Priority Action: Select options from drop-down list.For example: Proceed: Move to next priority when all priority nodes fail.
• +Add another item: Add new priority
Sample Rsp Time Enable or disable sample server response time
69
ADC App v3.4 User Guide
Configuring Service Groups
Feedback
fields:
Delete Service Groups
To delete a service group:
• Select Service Objects > Servers > Ports > : > Delete
• Click OK on the pop-up confirmation.
Rpt Ext Server Enable or disable reporting of top 10 fastest/slowest servers
Report Delay Reporting frequency (in minutes). Reporting frequency (in minutes). Valid range is 1-7200
Top Slowest Enable or disable to report top 10 slowest servers
Top Fastest Enable or disable to report top 10 fastest servers
Fields Description
ADC App v3.4 User Guide
Configuring VIPs
70
eeeFF Feedback
Configuring VIPsThe ADC App > Service Objects > VIPs provides options to Add and configure VIPs, and also Delete a VIP. Configure Servers VIPS by manually specifying values or loading predefined VIP templates. The Add VIP page contains various advanced configuration parameters from ACOS GUI. Please refer Application Delivery Controller Guide or ACOS GUI Online Help. for details.
Figure 10: ADC App > Service Objects > VIPs > Add VIP
71
ADC App v3.4 User Guide
Configuring VPorts (Virtual Ports)
Feedback
Configuring VPorts (Virtual Ports) The ADC App > Service Objects > VPorts provides options to Add, Edit to Configure virtual ports, and also Delete a virtual port.
Configuring Virtual Ports: Add VPort
The ADC App > Service Objects > VPorts provides options to Add, Edit to Configure Servers.
Configure virtual ports and health checks, run aFlex scripts, on virtual ports by manually specifying values or loading predefined virtual port templates using the ADC App > Service Objects > VPorts > +Add VPort option.
Basic
The + Add ServerPort > Basic configuration contains has the following fields:
Field DescriptionPort Number Specify port number. Valid range is 0 to 65534.
Protocol Configure protocol for port. Options are TCP or UDP
Range Define port range value used for vip-to-rport-mapping, VIP-to-Remote Port-mapping and Virtual Port-Remote Port range mapping. Valid range is 0 to 254.
Alternate Port Enable or disable alternate Virtual Port
Connection Limit Configure active connection limit. The valid range is 1 to 64000000.
Def Selection If Pref Failed
Enable or disable virtual port selection If Preference Failed is defined.
Service Group Bind a Service Group to this Virtual Server.
No Destination NAT Disable destination NAT, this option only supports in wildcard VIP or when a connection is operated in SSLi + EP mode
Port Translation Enable port translation under no-dest-nat.
ADC App v3.4 User Guide
Configuring VPorts (Virtual Ports)
72
eeeFF Feedback
FIGURE 49: Service Objects > VPorts > Add vPorts > Basic
73
ADC App v3.4 User Guide
Configuring VPorts (Virtual Ports)
Feedback
Advanced
The + Add vPort > Advanced configuration contains various advanced configuration parameters similar to ACOS GUI. Please refer Application Delivery Controller Guide or ACOS GUI Online Help
Delete VPort
To delete a virtual port:
• Select Service Objects > vPorts > : > Delete
• Click OK on the pop-up confirmation.
FIGURE 50: ADC App > Service Object Tab
ADC App v3.4 User Guide
Configuring VPorts (Virtual Ports)
74
eeeFF Feedback
75
ADC App v3.4 User GuideFeedback
ADC APP SHARED OBJECTS
The Harmony Controller ADC App v3.4 provides configuration management, visibility and analytics for your A10 Networks® ADC services and WAF services and Shared Objects.
Shared objects are used to extend the configuration of the primary ADC application object, such as a virtual server or server and can be referenced by multiple application objects.
The following topics are covered in this chapter:
• Logical Partition
• Configure Versions of Partition
• Templates
• WAF Templates
• aFleX
• Certificates
• CRLs
• IP NAT Pool
• Health Monitor
• How to Configure a Health Monitor for Service Objects
In the app shared objects are defined at the logical partition level and can be re-used for all app services deployed with-in the partition. Logical Partition level shared objects can reference provider level shared objects which are defined at the provider level by a provider user.
ADC App v3.4 User Guide
76
eeeFF Feedback
FIGURE 51 : ADC App > Shared Objects
Logical Partition
Logical partition is a logical entity predefined at Harmony Controller, based on the type of application run on the device.
Cluster partition is a physical device entity that deals with Shared and Layer 3 Virtualization (L3V) partitions inside a device.
Shared objects can be configured in a logical partition and during deployment, they are pushed to the corresponding Thunder partition. Shared objects can also be configured in the provider space andreferenced from one or more logical partitions belonging to one or more tenants within the provider.
For instance, provider admin can define a TCP template in a provider space. An application or tenant admin defining application related configuration in a logical partition can refer to the TCP template in the provider scope. This can achieved by creating a TCP template local to the logical partition and having it refer to the one in provider scope.
This ADC App > Shared Objects > Logical Partition drop-down lists the various predefined Logical Partitions available.
77
ADC App v3.4 User GuideFeedback
Configure Versions of Partition
Versions of Logical Partition for “[Name of Thunder Instance]”
Three options are available for this selection:
• Save
• Compare
• Deploy
Save
Click Save to save the shared objects configuration to load ADC App and Thunder ADC functionalities.
Compare
Select Compare to compare the different pre-configured versions of Logical Partition Configurations.
For deployment to work correctly, please ensure that “config-replace” is enabled on Thunder ADC.
Save or Hide unsaved configuration.
• Make Candidate - Select the logical partition and make it the “Candidate”
• Validate - Validates the loaded logical partition.
• Deploy - Deploys the loaded logical partition.
ADC App v3.4 User Guide
78
eeeFF Feedback
FIGURE 52 : Deploy Shared Objects Configuration.
Deploy
Click Deploy, to deploy or implement the configuration template or code.
Templates
You can add various templates, using Shared objects page .
Adding a Template
To add a new template, follow the below steps:
1. Click Shared Objects > Templates.
2. Click on Add Template.
79
ADC App v3.4 User GuideFeedback
3. Select the any one Template in Select Template Type page and select the “sub-type” as shown in image. Click Next:
• ADC
• Apps
• SSL
• SSLi
• System
• Protocol
• Policy
FIGURE 53: Shared Objects > Template > + Add a Template > Select ADC Template > Virtual
Server
4. For example, select ADC > Virtual Server “sub-type”. The Add Virtual Server Template pop-up is displayed, with various related configuration parameters. Fill in the configurations required.
5. Click Create to add the new template.
ADC App v3.4 User Guide
80
eeeFF Feedback
WAF Templates
You can add various WAF templates, using Shared objects page .
To add a new template, follow the below steps:
1. Click Shared Objects > WAF Templates.
2. Click on +Add WAF Template.
3. Enter the Template Information , deployment mode , logging template, and select the various WAF configuration parameters. For details, refer Web Application Firewall Guide
4. Click Save to save and load the WAF template.
81
ADC App v3.4 User GuideFeedback
FIGURE 54: Shared Objects > WAF Template > + Add WAF Template
aFleX
You can add aflex scripts, using Shared objects page .
To add a new template, follow the below steps:
1. Click Shared Objects > aFlex.
2. Click on +Add AFlex.
3. Enter the aFlex Name, Description and aFlex Script. For details, refer ACOS aFlex Refer-ence Guide.
4. Click Save to save and load the aFlex script.
ADC App v3.4 User Guide
82
eeeFF Feedback
FIGURE 55: Shared Objects > aFlex > + Add aFlex
Certificates
To import a certificate, follow the steps:
1. Select Shared Objects > Certificates.
2. Click + Import a Certificate.
3. Create or update certificate information and type. Click ot upload Certificate.
4. Click Save.
83
ADC App v3.4 User GuideFeedback
FIGURE 56: Shared Objects > Certificate > + Import Certificate
CRLs
To import a CRL, follow the steps:
1. Select Shared Objects > CRL .
2. Click + Import a CRL.
3. Enter the file name, description, and click to Upload the CRL file.
4. Click Save.
ADC App v3.4 User Guide
84
eeeFF Feedback
FIGURE 57 : Shared Objects > CRL > + Import CRL
IP NAT Pool
To add an IP or IPv6 NAT Pool Group, follow the steps:
1. Click Shared Objects > IPNAT Pool .
2. Click on +Add > IP NAT Pool Groups or IPv6 NAT Pool Groups.
FIGURE 58: Shared Objects > IPNAT Pool > +Add
85
ADC App v3.4 User GuideFeedback
3. Enter the Pool Name and Member List.
4. Click Create to create new IP NAT Pool.
FIGURE 59: Figure 9 > Shared Objects > IPNAT Pool > +Add > Add IP NAT Pool Group
Health Monitor
To create or add a new Health Monitor, follow the steps:
1. Click Shared Objects > Health Monitor .
2. Click on +Add Health Monitor.
ADC App v3.4 User Guide
86
eeeFF Feedback
3. Enter the Health Monitor Name. Configure the various health monitor parameters and select Method.
4. Click Create to create new Health Monitor.
The various Health monitor parameters are as follows:
Field DescriptionName Specify Monitor Name
Dsr L2 Strict Enable strict Layer 2 DSR health-check
Retry Specify the Healthcheck Retries. Valid range for retry Count is 1-10. Default is 3.
Up Retry Specify the Healthcheck Retries before declaring target up.Up-retry count. Default is 1
Override IPv4 Override implicitly inherited IPv4 address from target.
Override IPv6 Override implicitly inherited IPv6 address from target.
Override Port Override implicitly inherited port from target. Valid Port number (1-65534)
Strict Retry On Server Err Resp
Enable or disable require strictly retry.
Disable After Down Disable the target if health check failed. Default is disable
Interval Specify the Healthcheck Interval.Default value, in seconds is 5
Timeout Specify the Healthcheck Timeout. Timeout Value, in seconds(default 5), Timeout should be less than or equal to interval
SSL Ciphers Specify OpenSSL Cipher Suite name(s) for Health check..Default value is DEFAULT
For example: AES128-SHA256), if the cipher is invalid, would give informa-tion reason for Health monitor down
Method Specify pre-defined HM method.
87
ADC App v3.4 User GuideFeedback
FIGURE 60: Shared Objects > Health Monitor > +Add Health Monitor
How to Configure a Health Monitor for Service Objects
We can configure Health Monitor and associate it only to a Server or Service Group:
To configure health monitor for Servers or Service Groups:
• Configure Health Monitor as mentioned.
• Goto ADC App > Service Objects > Servers / Service Groups > + Add a Server / Edit a Server > Basic
• Select predefined health monitor in Health Check drop-down.
• Enable Health Check button.
89
ADC App v3.4 User GuideFeedback
ADC APP LOG VIEW AND TROUBLESHOOTING
ADC App provides quicker troubleshooting with visibility and analytics for the application traffic and infrastructure through the Log View Panel, Dashboard, and Analytics. The Log view panel is an expandable panel at the bottom of App window. This panel provides access to detailed service logs and an ability to filter logs for troubleshooting.
The sections in this chapter are as follows:
• Log View Panel
• TroubleShooting
Log View PanelIt is an expandable panel at the bottom of the ADC App page. It displays service operation and system logs for detailed analysis and troubleshooting. It displays the following types of logs:
• Log View: HTTP
• Log View: Alerts
• Log View: Alerts
• Log View: License Audit
• Log View: WAF
The logs can be filtered on an extensive set of parameters, using the filter controls available on the left hand side of the panel.
FIGURE 61 : ADC App > Log View Panel
ADC App v3.4 User Guide
Log View Panel
90
eeeFF Feedback
Log View: HTTP
The HTTP Log View tab provides various statistics and logs for the following options:
• Reset
• Browser
• Client OS
• Devices
• Client IP
• Server IP
• URL
• Request Type
• Server Port
• Service Name
• Response Code
• Request Size
• Response Size
The following statistics are provided for each HTTP Log View option:
• Timestamp
• Client IP
• URI
• Request
• Response
• Response Size
• End-To-End
• Cached
91
ADC App v3.4 User Guide
Log View Panel
Feedback
FIGURE 62: Log View > HTTP
Log View: Alerts
Displays Log Collection Statistics that can be reset or filtered by:
• Cluster
• Device
• App Svc Type
• App Svc Name
• Tenant Name
• Trigger Name
• Alert Name
• Severity
ADC App v3.4 User Guide
Log View Panel
92
eeeFF Feedback
FIGURE 63: Log View > Alerts
Log View: License Audit
Displays license audit logs for the following options:
• License State
• Entitlement Key
• Device
• Log Source
93
ADC App v3.4 User Guide
Log View Panel
Feedback
FIGURE 64: Log View > License Audit
Log View: WAF
Displays WAF logs filtered by:
• URL
• Status
• Violations
• Source IP
ADC App v3.4 User Guide
TroubleShooting
94
eeeFF Feedback
FIGURE 65: Log View > WAF
TroubleShooting This section specifies some trouble shooting scenarios where user can monitor and troubleshoot specific issues using the ADC App.
• HTTP Monitoring
• WAF Security Policy Violations
HTTP Monitoring
To monitor HTTP2 response issues and broken app services link issues, follow the steps:
• Check CGN App > Dashboard >Response Codes and CGN App > Analytics (Client) > Response Codes widget. This widget displays the distribution of HTTP response codes. To monitor app accessibility issues, check request response codes.
• Check for 400 series response codes.
• Now in Log View > HTTP filter for 400 Response Codes.
• Check which client IP and URI are showing 400 response code.
• View the URI, browser, IP Server in the Log View Panel > HTTP Logs > Client IP drill down.
95
ADC App v3.4 User Guide
TroubleShooting
Feedback
WAF Security Policy Violations
To monitor WAF Security Policy Violations, follow the steps:
• Drilldown to Log View > WAF tab
• Check which URLs are logged for WAF security policy violations
97
ADC App v3.4 User GuideFeedback
SUPPORT INFORMATION FOR HARMONY CONTROLLER: ADC APP V3.4
The A10 Networks® technical and customer support team is available at your service on phone, email and web channels:
Technical and Customer SupportTo know more about A10 Networks® Harmony Controller and ADC App v3.4, refer the following:
• Contact: https://www.a10networks.com/company/contact-us
• Support: https://www.a10networks.com/support
• Call (International): 1-408-325-8676
• Call (Toll-Free USA & Canada): 1-888-TACS-A10
ADC App v3.4 User Guide
Technical and Customer Support
98
eeeFF Feedback
99
ADC App v3.4 User Guide
Contents
1