Agentic AI with F5 BIG-IP using Model Context Protocol and OpenShift

Agentic AI Demonstration with BIG-IP & Model Context Protocol (MCP)

Key Concepts:

• Agentic AI: AI systems capable of autonomously taking actions to achieve goals, leveraging tools and external resources.
• Model Context Protocol (MCP): A protocol enabling communication between AI applications and AI agents, facilitating tool usage.
• F5 BIG-IP: A network services platform used for application delivery, security, and observability, integrated with Kubernetes and FICS Controller.
• FICS Controller: F5’s controller for managing BIG-IP via Kubernetes APIs.
• Olama: A framework for running Large Language Models (LLMs) locally.
• Kubernetes CRDs (Custom Resource Definitions): Extensions to the Kubernetes API, used here for defining BIG-IP virtual server configurations.
• Session Persistence (Stickiness): Ensuring requests from the same user session are consistently routed to the same server.
• iRules: F5’s proprietary scripting language for customizing network traffic processing.
• Data Groups: Containers for storing data used in iRules, allowing for dynamic configuration changes.

1. Introduction to Agentic AI and MCP

The demonstration focuses on showcasing the capabilities of Agentic AI using BIG-IP and the Model Context Protocol (MCP). MCP is presented as the most relevant protocol currently for enabling Agentic AI functionality. The core concept is to allow AI models to leverage external tools without requiring modifications to the AI application or the model itself. This is achieved through a layered architecture where an AI application interacts with AI agents, which in turn provide access to tools.

2. MCP Workflow: A Four-Step Process

The MCP workflow is detailed in four steps:

• Step 1: Tool Discovery: The AI application queries available agents to determine the tools they offer, receiving a list of tools with descriptions and required parameters.
• Step 2: Request with Tool Awareness: When the AI application sends a request to the AI model, it includes information about the available tools.
• Step 3: Tool Utilization: If the AI model determines it lacks the necessary built-in capabilities, it utilizes the provided tools through the AI application.
• Step 4: Result Composition: The AI model combines its internal knowledge with the results obtained from the tools to generate a final response.

A key takeaway is that the AI application only needs to support the MCP protocol to utilize any tool, simplifying integration and extensibility. As stated, “This letter is very important because it means that we can extend AI models on the fly without requiring to rebuild the AI applications or even modify the AI models.”

3. Practical Demonstration: F1 & Airport Query

A practical example demonstrates the process using Libra Chat as the AI application, a locally served KUN3 model via Olama, and two agents: a flight agent and a Formula 1 agent. The query posed was: “What is the closest airport to the circuit that hosted the first race of the F1 championship in the year 1970?”

The AI model successfully utilized the “get race calendar” and “airport search” tools to determine the answer: Grand Central Airport in Midrand, South Africa. The UI displays the parameters used for each tool call and the corresponding responses, illustrating the transparent interaction facilitated by MCP.

4. BIG-IP Integration with Red Hat Open Shift

The demonstration showcases how BIG-IP integrates with a Red Hat Open Shift environment to provide reliability, observability, and security for MCP workloads. The architecture consists of:

• Olama LLM Server: Hosting the KUN3 model.
• MCP Agents: Providing access to flight and Formula 1 data.
• Libra Chat: The user interface for interacting with the AI.
• BIG-IP: Exposing the LLM server and MCP agents through two virtual servers.

BIG-IP is configured using Kubernetes API resources (specifically F5 virtual server CRDs) ingested by the FICS Controller, which dynamically updates BIG-IP configurations. BIG-IP can be deployed as an appliance, virtual appliance, or even within OpenC virtualization.

5. Kubernetes Configuration & Virtual Hosting

The configuration process involves defining virtual servers in Kubernetes using F5 CRDs. The demonstration highlights:

• Virtual Hosting: Two virtual servers share the same IP address to reduce IP address consumption.
• Service Mapping: Each virtual server is mapped to a specific service within Open Shift.
• Health Checks: BIG-IP performs both Kubernetes readiness probes and connectivity checks to the MCP server ports, ensuring service availability.

6. Session Persistence for MCP Workloads

Session persistence, based on the MCP session ID, is crucial for MCP workloads. It guarantees that requests from the same session are consistently routed to the same server. The demonstration shows how this is configured using a shared virtual server shd, applying the setting to all MCP servers. Removing session persistence results in session errors and ultimately, AI chat failures, as observed in the application logs.

7. Observability & Logging with BIG-IP

BIG-IP acts as a central vantage point for logging all MCP activity due to its position as a load balancer aggregating requests. The demonstration shows how:

• MCP Profiles (SSC & JSON): The MCP virtual server incorporates SSC and JSON profiles to interpret the MCP protocol.
• High-Speed Logging: BIG-IP’s data plane provides high-speed logging capabilities with minimal overhead.
• iRules for Custom Logging: An iRule is used to log all requests and responses, including the client’s IP address.

8. Security: Tool Blocking with iRules & Data Groups

BIG-IP’s iRules and data groups are leveraged to enhance security by controlling which tools are advertised by the MCP servers and blocking requests for unauthorized tools.

• Tool Advertisement Control: iRules can filter the list of tools advertised to the AI application.
• Unauthorized Tool Blocking: Requests using blocked tools are denied.
• Dynamic Configuration: The list of blocked tools is stored in a data group, allowing for easy updates without modifying the iRule.

The demonstration shows the initialization process of an MCP server and how the “airport search” tool is blocked when configured in the data group, preventing the AI application from accessing it. This blocking occurs both during tool advertisement and when a user attempts to directly use the blocked tool.

9. Conclusion

The demonstration successfully illustrates the power of Agentic AI with MCP and the benefits of integrating BIG-IP for reliability, observability, and security. BIG-IP’s capabilities, including Kubernetes integration, session persistence, logging, and iRules, provide a robust platform for deploying and managing Agentic AI applications. The final statement emphasizes the availability of further information on all available features.

Technical Terms Explained:

• LLM (Large Language Model): A type of AI model trained on a massive dataset of text, capable of generating human-like text.
• CRD (Custom Resource Definition): An extension to the Kubernetes API that allows you to define custom resources.
• SAP (Server Assigned Port): A dynamically assigned port number used for network communication.
• SSC (SSL Certificate Check): A security feature that verifies the validity of SSL certificates.
• JSON (JavaScript Object Notation): A lightweight data-interchange format.