Merge pull request #106 from f5devcentral/v20_update

module 3 and 4 updates

docs/class5/class5.rst

@@ -1,4 +1,4 @@
-SSLO 102: BIG-IP Next SSL Orchestrator (AppWorld 2024 | 2 hours)
+SSLO 102: Diving into SSL Orchestrator for BIG-IP Next (AppWorld 2024 | 2 hours)
 ===============================================================================================
 
 

docs/class5/module3/lab1.rst

@@ -22,27 +22,47 @@ through the Central Manager.
    .. image:: ./images/bigip-home.png
 
 
-#. Click the **Start Adding Instances** button to add a new BIG-IP Next
-   instance.
+#. Since no BIG-IP Next instances have been added yet, click the
+   **Start Adding Instances** button.
 
-#. In the new **Add Instance** drawer, enter ``10.1.1.7`` as the IP address of the BIG-IP
-   Next instance and click the **Connect** button.
+#. In the **Add Instance** panel, enter ``10.1.1.7`` as the IP address of the BIG-IP Next instance to add.
 
-#. In the following drawer, enter the **Username** and **Password** information,
-   and then click the **Submit** button.
+#. Click the **Connect** button.
 
-#. In the following drawer, under **Management Credentials**, you will need to enter a
-   new password for the **admin-cm** user. Enter ``Welcome123!`` (for consistency in this lab), then click the **Add Instance** button.
+   .. image:: ./images/add-bigip-1.png
+
+#. In the login panel, enter ``admin`` in the **Username** field and enter ``Welcome123!`` in the **Password** field.
+
+#. Click the **Next** button to continue.
+
+   .. image:: ./images/add-bigip-2.png
+
+#. In the **Management Credentials**, you will need to enter a new password for the **admin-cm** user. Enter ``Welcome123!`` in the **Password** and **Confirm Password** fields, then click the **Add Instance** button.
+
+   .. image:: ./images/add-bigip-3.png
+
+#. At the **Start Central Management on this instance?** prompt, click on the **Add** button.
+
+#. At the **Continue Connecting?** prompt, click on the **Accept** button.
+
+#. Once the instance has been added, you should see the new instance in the BIG-IP list.
+
+   .. image:: ./images/add-bigip-4.png
+
+#. Click the BIG-IP instance name link under the **Name** column to open the **Properties** panel.
+
+   .. image:: ./images/add-bigip-5.png
 
-#. Once the instance has been added, click the BIG-IP instance name link
-   under the **Name** column. This will open a new Properties drawer.
 
 #. Click the **License** button at the bottom of the left column of this
-   drawer, then click the **Activate License** button.
+   panel. 
+
+   .. attention::
+      This BIG-IP Next instance already has an activated license, so there is no need to activate it here.
+
+#. Click the **Cancel & Exit** button to close this panel.
 
-#. Click the **Next** button in the **Activate License** drawer.
 
-#. Copy the contents of the JWT token into the JST window and provide a unique name.
 
-#. Click the **Activate** button.
+   .. image:: ./images/add-bigip-6.png
 

docs/class5/module3/lab2.rst

@@ -1,57 +1,53 @@
 Deploying an Application
 ==============================================================================
 
-Install Certificates and Keys
+TLS Certificates and Keys
 --------------------------------------------------------------------------------
 
-With the BIG-IP Next instance activated, follow these steps to install the
-certificate and private key needed to host an HTTPS application.
+.. note::
+   The **wildcard.f5labs.com** certificate and key has been pre-loaded into the BIG-IP CM, so you will not need to import any certificates at this time.
 
-#. In the top left corner of the CM UI, click on the workspace menu tool (9
-   dots) and click **Applications**, then click **Certificates & Keys**
-   in the left menu.
+#. In the top left corner of the BIG-IP Central Manager (CM) UI, click on the **Workspace** icon (it looks like a waffle pattern) to show the **Workspace Menu**.
 
-#. Click on the **Add Certificates** button, then in the following panel
-   select **Import a Certificate**.
+   .. image:: ./images/workspace-menu-1.png
 
-   - **Name**: Create New. Enter a unique name.
+#. Click on **Applications** to navigate to the Applications workspace.
 
-   - **Type**: Certificate & Key
+   .. image:: ./images/workspace-menu-2.png
 
-   - **Source**: Import
+#. Click on **Certificates & Keys** in the left menu.
 
-   - **Certificate**: Import the certificate.
+   .. image:: ./images/certs.png
 
-   - **Key**: Import the private key.
+#. Click on **wildcard.f5labs.com** to view the certificate properties panel.
 
-   - **Key Security Type**: Normal
-
-#. Click on the **Save** button.
+#. Click on the **Cancel & Exit** button to close the panel.
 
 
 Create an HTTPS Application
 --------------------------------------------------------------------------------
 
-It's now time to create a simple HTTPS application. Follow these steps:
-
-#. In the Applications UI, click on **My Application Services** under the
-   **Applications** menu.
+Now, you will create a simple HTTPS application.
 
-   .. image:: ./images/applications-menu.png
+#. In the **Applications** menu, click on **My Application Services**.
 
 #. Click on the **Start Adding Apps** button to open the **Add Application** panel.
 
 #. Enter ``my-app-1`` in the **Application Service Name** field.
 
 #. Leave the **Application Service** type selection as **Standard** (default).
 
+   .. image:: ./images/add-app-1.png
+
 #. Click on the **Start Creating** button to open the **Application Service Properties** panel.
 
 #. Enter ``My first application`` in the **Description** field.
 
 #. Click on the **Start Creating** button to reveal the **Virtual Server** and **Pool** configuration options.
 
-#. Click on **Pools** to switch to reveal Pool configuration options.
+#. Click on **Pools** to show the Pool configuration options.
+
+   .. image:: ./images/add-app-2.png
 
 #. Click on **+ Create** to add a new Pool.
 
@@ -61,6 +57,9 @@ It's now time to create a simple HTTPS application. Follow these steps:
    - Deselect **http** and select **icmp**
    - Click outside of the list to use the selected options.
 
+   .. image:: ./images/add-app-3.png
+
+
 #. Click on **Virtual Servers** to switch to back to the Virtual Server configuration options.
 
    - Enter ``my-app`` in the **Virtual Server Name** field.
@@ -69,13 +68,18 @@ It's now time to create a simple HTTPS application. Follow these steps:
 
 #. In the **Protocols & Profiles** field, click on the edit icon to open the settings panel.
 
+   .. image:: ./images/add-app-4.png
+
+
 #. Enable the **Enable HTTPS (Client-Side TLS)** option to show additional settings.
 
    - Click on the **Add** button to open the configuration panel.
    - In the **Add Client-Side TLS** panel, enter ``wildcard.f5labs.com`` as the name
    - Select **wildcard.f5labs.com** in the **RSA certificate** dropdown list box. This certificate was pre-installed in your lab environment.
    - Click on the **Save** button to close the panel.
 
+   .. image:: ./images/add-app-5.png
+
 #. Scroll down to see the other **Protocol & Profiles** options.
 
 #. Enable the **Enable Server-side TLS** option.
@@ -84,33 +88,44 @@ It's now time to create a simple HTTPS application. Follow these steps:
 
 #. Disable the **Enable Connection Mirroring** option.
 
+   .. image:: ./images/add-app-6.png
+
 #. Click on the **Save** button to the close the **Protocols & Profiles** panel. 
 
    Notice that the **TLS** and **HTTPS** badges were added, and **MIRRORING** was removed.
 
+   .. image:: ./images/add-app-7.png
+
 #. At the bottom right corner, click on the **Review & Deploy** button to open the **Deploy** panel.
 
    - Click on the **Start Adding** button.
    - Select the instance named **bigip-next.f5labs.com**.
    - Click on the **+ Add to List** button.
    - Enter ``10.1.10.20`` in the **Virtual Address** field.
 
+   .. image:: ./images/add-app-8.png
+
 #. In the **Members** column, click on the down arrow and then click **+ Pool Members** to open the settings panel.
 
    - Click on the **+ Add Row** button 3 times to create empty entries.
 
    - Add the following entries:
 
       - Name: ``mbr-192.168.100.11``, IP Address: ``192.168.100.11``
-
       - Name: ``mbr-192.168.100.12``, IP Address: ``192.168.100.12``
-
       - Name: ``mbr-192.168.100.13``, IP Address: ``192.168.100.13``
 
    - Click on the **Save** button to close the Pool settings panel.
 
+   .. image:: ./images/add-app-9.png
+
 #. Click on the **Validate All** button to validate the pending configuration changes.
 
-#. Once successful, click on the **Deploy Changes** button and then the **Yes, Deploy** 
-   button to send the application definition to the BIG-IP Next instance.
+   .. image:: ./images/add-app-10.png
+
+
+#. If Validation is successful, click on the **Deploy Changes** button. Then, click on the **Yes, Deploy** button to send the application definition to the BIG-IP Next instance.
+
+   After deployment, the **Application Services** dashboard will show the status of your application.
 
+   .. image:: ./images/add-app-11.png

docs/class5/module3/lab3.rst

@@ -27,6 +27,7 @@ GUI in the UDF lab:
    desktop GUI. Enter the username (``user``) and password (``user``) to access
    the client desktop through the browser window.
 
+
 The simplest test of the HTTPS application can be done with a command
 line cURL request.
 
@@ -40,6 +41,7 @@ line cURL request.
 
    The output of this command will contain the full payload of the webpage.
 
+
 #. To see just the headers and TLS handshake output, add the **I** flag:
 
    .. code-block:: bash
@@ -50,6 +52,8 @@ line cURL request.
 
 #. Look for the **Server certificate** section. You should see that the **subject** field is **\*.f5labs.com**. This confirms that the site is being presented from the BIG-IP deployed application.
 
+   .. image:: ./images/add-app-12.png
+
 |
 
 .. attention::

docs/class5/module4/lab2.rst

@@ -7,37 +7,67 @@ The first step in this journey is to create the SSL Orchestrator inspection serv
 Create an Inline L3 Inspection Service
 --------------------------------------------------------------------------------
 
-#. In the top left corner of the CM UI, click the workspace menu icon (9 dots) to see menu options.
+#. In the top left corner of the BIG-IP Central Manager (CM) UI, click on the **Workspace** icon to show the **Workspace Menu**.
 
-#. Click on **Security**, then click on **Inspection Services** under **SSL Orchestrator**.
+#. Click on **Security** to navigate to the Security workspace.
+
+#. In the **SSL Orchestrator** menu, click on **Inspection Services**.
 
 #. Click the **Start Creating** button.
 
-#. In the **Create Inspection Service** drawer, select **Generic Inline L3** and then click the **Start Creating** button to open the configuration settings drawer.
+   .. image:: ./images/service-1.png
+
+
+   .. image:: ./images/service-2.png
+
+
+#. In the **Create Inspection Service** panel, select **Generic Inline L3** and then click the **Start Creating** button to open the configuration settings panel.
 
    - Enter ``my-sslo-ngfw`` in the service name field.
 
    - Enter ``next-gen firewall`` in the description field (optional).
 
+   .. image:: ./images/service-3.png
+
+
 #. Click the **Save & Continue** button.
 
+
+   .. image:: ./images/service-4.png
+
+
 #. In the **Network** settings:
 
-   - Enter ``sslo-insp-l3-in`` for the **To: VLAN**.
+   - Enter ``sslo-insp-l3-in`` in the **To: VLAN** Name field.
+
+   - Enter ``sslo-insp-l3-out`` in the **From: VLAN** Name field.
+
+   .. note::
+      In the future, the VLAN names will be selectable from a list.
 
-   - Enter ``sslo-insp-l3-out`` for the **From: VLAN**.
 
    - Select **ICMP** for the **Device Monitor**.
 
-   - In the **Endppoints** section, click the **Start Adding** button.
+   - In the **Inspection Service Endpoints** section, click the **Start Adding** button.
 
-   - Enter ``198.19.64.30`` for the **IP Address**.
+   - Enter ``198.19.64.30`` in the **Server Address** field.
+
+   .. image:: ./images/service-5.png
 
 #. Click the **Review & Deploy** button.
 
-#. In the **Deploy Inspection Service** drawer, add the BIG-IP Next instance.
+#. In the **Deploy Inspection Service** panel, add the BIG-IP Next instance.
 
    - Click the checkbox to the left of the assigned instance and then click the **Validate** button.
 
-   - If Validation is Successful, click the **Deploy Changes** button to push this inspection service configuration to the BIG-IP Next instance.
+   - If Validation is successful, click the **Deploy Changes** button to push this inspection service configuration to the BIG-IP Next instance.
+
+   .. image:: ./images/service-6.png
+
+   - At the **Deploy Inspection Service?** prompt, click on the **Yes, Deploy** button and wait for the task to complete.
+
+     After deployment, the new inspection service will appear in the list.
+
+   .. image:: ./images/service-7.png
+
 

docs/class5/module4/lab3.rst

@@ -10,20 +10,27 @@ With inspection services created, we will create a service chain that contains b
 Create a Service Chain
 --------------------------------------------------------------------------------
 
-#.	Click **Service Chains** under **SSL Orchestrator** in the left menu.
 
-#.	Click the **Start Creating** button.
+#. In the **SSL Orchestrator** menu, click on **Service Chains**.
 
-#.	Enter ``my-service-chain-lab2`` in the **Name** field
 
-#. Enter ``sc-ngfw-only`` in the **Description** field (optional).
+#. Click the **Start Creating** button to open the **Create Service Chain** panel.
 
-#.	In the **Inspection Services** section, click the **Start Adding** button.
+   - Enter ``my-service-chain-lab2`` in the **Name** field
 
-#. Select the previously created inspection service.
+   - Enter ``sc-ngfw-only`` in the **Description** field (optional).
 
-#.	Click the **Save** button to save the service chain configuration.
 
+   .. image:: ./images/service-chain-1.png
+
+#. In the **Inspection Services** section, click the **Start Adding** button.
+
+#. Select the previously created inspection service and click **Add to List**.
+
+   .. image:: ./images/service-chain-2.png
+
+
+#. Click the **Save** button to save the service chain configuration.
+
+   .. image:: ./images/service-chain-3.png
 
-.. note::
-   Multiple service chains could be created here, but you will only create one for this lab module.