F5Networks
diff --git a/‎.gitlab-ci.yml‎
Lines changed: 49 additions & 128 deletions b/‎.gitlab-ci.yml‎
Lines changed: 49 additions & 128 deletions
diff --git a/‎README.md‎
Lines changed: 2 additions & 2 deletions b/‎README.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎contributing/README.md‎
Lines changed: 1 addition & 1 deletion b/‎contributing/README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎deployment-tool‎ b/‎deployment-tool‎
diff --git a/‎docs/images/aws/AWSIAMRoleAssignedToInstance2.png‎
38.5 KB b/‎docs/images/aws/AWSIAMRoleAssignedToInstance2.png‎
38.5 KB
diff --git a/‎docs/index.rst‎
Lines changed: 3 additions & 3 deletions b/‎docs/index.rst‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎docs/revision-history.rst‎
Lines changed: 7 additions & 1 deletion b/‎docs/revision-history.rst‎
Lines changed: 7 additions & 1 deletion
diff --git a/‎docs/userguide/aws-same-az.rst‎
Lines changed: 4 additions & 4 deletions b/‎docs/userguide/aws-same-az.rst‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎docs/userguide/aws.rst‎
Lines changed: 6 additions & 6 deletions b/‎docs/userguide/aws.rst‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎docs/userguide/azure.rst‎
Lines changed: 6 additions & 3 deletions b/‎docs/userguide/azure.rst‎
Lines changed: 6 additions & 3 deletions
@@ -1,4 +1,4 @@
-# f5-cloud-failover
+# F5 BIG-IP Cloud Failover extension for AWS, Azure, and GCP
 [![Releases](https://img.shields.io/github/release/f5networks/f5-cloud-failover-extension.svg)](https://github.com/f5networks/f5-cloud-failover-extension/releases)
 [![Issues](https://img.shields.io/github/issues/f5networks/f5-cloud-failover-extension.svg)](https://github.com/f5networks/f5-cloud-failover-extension/issues)
 
@@ -8,7 +8,7 @@
 
 ## Introduction
 
-The F5 Cloud Failover Extension (CF) is an iControl LX extension that provides L3 failover functionality in cloud environments, effectively replacing Gratuitous ARP (GARP). Cloud Failover uses a declarative model, meaning you provide a JSON declaration using a single REST API call. The declaration represents the configuration that Cloud Failover is responsible for creating on a BIG-IP system.
+The F5 BIG-IP Cloud Failover Extension (CFE) for AWS, Azure, and GCP is an iControl LX extension that provides L3 failover functionality in cloud environments, effectively replacing Gratuitous ARP (GARP). Cloud Failover uses a declarative model, meaning you provide a JSON declaration using a single REST API call. The declaration represents the configuration that Cloud Failover is responsible for creating on a BIG-IP system.
 
 ### How does it work?
 
 
@@ -8,7 +8,7 @@ This is the top-level documentation which provides notes and information about c
 ---
 ## Overview
 
-The purpose of the F5 Cloud Failover (CF) iControl LX extension is to provide L3 failover functionality in cloud environments, effectively replacing Gratuitous ARP (GARP).  This requires moving/updating certain cloud resources during a failover event, as described below.
+The purpose of the F5 BIG-IP Cloud Failover (CF) iControl LX extension is to provide L3 failover functionality in cloud environments, effectively replacing Gratuitous ARP (GARP).  This requires moving/updating certain cloud resources during a failover event, as described below.
 
 - Failover IP(s) - Move Azure IP configuration(s) between NICs, update AWS EIP/private IP associations, and move GCP alias IP(s) between instances to point to a virtual address on the active BIG-IP device.
 - Failover Route(s) - Update Azure user-defined Routes (UDR), AWS route tables, and GCP forwarding rule targets to point to a self IP address of the active BIG-IP device.
 
@@ -1,7 +1,7 @@
-F5 Cloud Failover
-=================
+F5 BIG-IP Cloud Failover
+========================
 
-Welcome to the F5 Cloud Failover Extension User Guide.
+Welcome to the F5 BIG-IP Cloud Failover Extension User Guide.
 
 Use the following links, the navigation on the left, and/or the Next and Previous buttons to explore the documentation.
 
 
@@ -11,6 +11,12 @@ Document Revision History
         - Description
         - Date
 
+      * - 2.2.6
+        - Improved performance of Azure failover provider.
+        - Fixed issue with logging of proxy server settings.
+        - Updated the documentation for Cloud Failover Extension v1.14.0 with the following changes: |br| • Updated documentation in :ref:`isolated-env`, :ref:`aws`, :ref:`aws-same-az`, :ref:`gcp`, and :ref:`azure`.
+        - 02-17-23
+
       * - 2.2.5
         - Fixed issue where failover does not correctly check traffic group status in recovery mode.
         - 7-26-22
@@ -80,7 +86,7 @@ Document Revision History
         - 01-23-20
 
       * - 1.0
-        - Documentation for the initial release of F5 Cloud Failover Extension
+        - Documentation for the initial release of F5 BIG-IP Cloud Failover Extension
         - 11-22-19
 
 
 
@@ -410,8 +410,8 @@ Alternatively, for *Actions* that **do** allow resource level permissions, but t
 
 .. _aws-same-az-define-objects:
 
-Define AWS Network Infrastructure Objects
------------------------------------------
+Define AWS Infrastructure Objects
+---------------------------------
 
 Define or Tag your cloud resources with the keys and values that you configure in your CFE declaration.
 
@@ -460,8 +460,8 @@ Tag the Network Interfaces in AWS:
 
 .. _aws-same-az-define-storage:
 
-Define the Storage Account in AWS
-`````````````````````````````````
+Define Remote Storage for State File in AWS
+```````````````````````````````````````````
 
 .. sidebar:: :fonticon:`fa fa-info-circle fa-lg` Version Notice:
 
 
@@ -150,11 +150,11 @@ In order to successfully implement CFE in AWS, you need an AWS Identity and Acce
 
    |
 
-2. Assign an IAM role to each instance by navigating to **EC2 > Instances > Instance > Actions > Instance Settings > Attach/Replace IAM Role**.
+2. Assign an IAM role to each instance by navigating to **Actions > Security > Modify IAM Role**.
 
    For example:
 
-   .. image:: ../images/aws/AWSIAMRoleAssignedToInstance.png
+   .. image:: ../images/aws/AWSIAMRoleAssignedToInstance2.png
 
 |
 
@@ -402,8 +402,8 @@ Alternatively, for *Actions* that **do** allow resource level permissions, but t
 
 .. _aws-define-objects:
 
-Define AWS Network Infrastructure Objects
------------------------------------------
+Define AWS Infrastructure Objects
+---------------------------------
 
 Define or Tag your cloud resources with the keys and values that you configure in your CFE declaration.
 
@@ -440,8 +440,8 @@ Tag the Network Interfaces in AWS:
 
 .. _aws-define-storage:
 
-Define the Storage Account in AWS
-`````````````````````````````````
+Define Remote Storage for State File in AWS
+```````````````````````````````````````````
 .. sidebar:: :fonticon:`fa fa-info-circle fa-lg` Version Notice:
 
    - The property ``scopingName`` is available in Cloud Failover Extension v1.7.0 and later.
 
@@ -99,6 +99,8 @@ Create and assign a Managed Service Identity (MSI)
 In order to successfully implement CFE in Azure, you need a system-assigned or user-managed identity with sufficient access. Your Managed Service Identity (MSI) should be limited to the resource groups that contain the BIG-IP instances, VNET, route tables, etc. that will be updated. Read more about managed identities |managed-identity|.
 To create and assign a Managed Service Identity (MSI) you must have a role of `User Access Administrator` or `Contributor access`. The following example shows a system-assigned MSI.
 
+.. IMPORTANT:: CFE supports only one Managed Service Identity assigned to each Azure Virtual Machine instance; failover will not work correctly when multiple identities are assigned. You must create a single identity with all of the permissions required by CFE, as well as any other necessary permissions. You can create a managed identity manually or using the F5 access template. See https://github.com/F5Networks/f5-azure-arm-templates-v2/tree/main/examples/modules/access for more information.
+
 #. Enable MSI for each VM: go to **Virtual Machine > Identity > System assigned** and set the status to ``On``.
 
    For example:
@@ -156,14 +158,15 @@ Below is an example Azure role definition with permissions required by CFE.
    - This example provides the minimum permissions required and serves as an illustration. You are responsible for following the provider's IAM best practices.
    - Certain resources such as the virtual network are commonly deployed in a separate resource group; ensure the correct scopes are applied to all applicable resource groups.
    - Certain resources such as route tables may be deployed in a separate subscription, ensure the assignable scopes applies to all relevant subscriptions.
+   - CFE supports only one Managed Service Identity assigned to each Azure Virtual Machine instance; failover will not function when multiple identities are assigned. You must create a single identity with all of the permissions listed above, as well as any other required permissions. You can create a managed identity manually, or by using the F5 access template. See https://github.com/F5Networks/f5-azure-arm-templates-v2/tree/main/examples/modules/access for more information.
 
 |
 
 
 .. _azure-define-objects:
 
-Define your Azure Network Infrastructure Objects
-------------------------------------------------
+Define your Azure Infrastructure Objects
+----------------------------------------
 
 Define or Tag your cloud resources with the keys and values that you configure in your CFE declaration.
 
@@ -193,7 +196,7 @@ Add a storage account in Azure to your resource group for Cloud Failover to use.
    |
 
 
-   Alternatively, if you are using the Discovery via Tag option, tag the S3 bucket with your custom key:values in the `externalStorage.scopingTags` section of the CFE declaration.
+   Alternatively, if you are using the Discovery via Tag option, tag the Azure Storage Account with your custom key:values in the `externalStorage.scopingTags` section of the CFE declaration.
 
    .. code-block:: json