Deploy Customer Edge Mode in F5 Distributed Cloud (XC) with Application Hosted on GCP
Solution overview
This deployment mode is ideal for scenarios where backend applications are isolated from internet access, providing a secure and private connection to these applications for maximum security and privacy.
In this setup, Customer Edge sites can connect private customer sites to the Distributed Cloud Global Network through IPSEC tunnels initiated from the Distributed Cloud Customer Edge to the nearest two Regional Edge sites, enabling a secure and private link to backend applications.
In this lab, you'll deploy an Google Kubernetes cluster configured with a NodePort and attach it as a source to the F5 HTTPS Load Balancer. The F5 HTTPS Load Balancer will connect to the Google Kubernetes cluster through an IPSEC tunnel established via the F5 GCP Vnet Site.
All components will be deployed using the vesctl F5 command-line tool. Traffic from the F5 HTTPS Load Balancer will flow across the Distributed Cloud Global Network to an egress Regional Edge and then through an IPSEC tunnel to the Customer Edge site, where it will be directed to the backend application as pure IP-based traffic.