To deploy the PingIntelligence
policy, first import and configure the policy.
The PingIntelligence policy is
specific to an ASE cluster. If you have more than one ASE cluster, then add the
policy to a new workspace and create a new plugin. When you import the PingIntelligence policy, it is
imported to an LX workspace and opens in a Node.js editor.
To import the PingIntelligence policy in
F5:
Sign on to F5 and navigate to Local Traffic > iRules > LX Workspaces.
The policy is pre-loaded with the extension oi_ext.
Edit the ASE configuration by clicking the ASEConfig.js
file.
The following table describes the ASE variables:
Variable
Description
ase_primary
IP address of primary ASE node
ase_primary_port
Port number of primary ASE node
ase_secondary
IP address of secondary ASE node
ase_secondary_port
Port number of secondary ASE node
is_ase_ssl
Set to true if traffic to ASE is sent
over HTTPS
ase_token
The ASE sideband authentication token that was generated
as part of prerequisites
use_ca
Set to true if ASE is using a CA-signed
certificate
include_paths
Provide the list of paths that the policy should process.
If / is provided as path, then all the
traffic is monitored. The maximum number of subpaths in
path is 3. For example, /a/b/c/.
enable_auth
Set to true if traffic contains access
token in authorization header or
querystring.
is_access_token_in_header
Set to true if access token is present
in authorization header.
access_token_variable
If the access token is present in
querystring, then specify the key
used for token.
authorization_header_prefix
If the access token is present in
authorization header, then specify
the prefix used for access token.
user_key_mapping
The location of username in JSON payload
of JWT access token.
clientid_key_mapping
The location of client ID in JSON payload of JWT access
token
