Blueprint inputs reference guide

Use the following input descriptions to assist you when completing the BIG-IQ or Gi LAN, Gi Firewall and VNFM Base inputs YAML files. You require an inputs YAML file for each solution blueprint. In each inputs file downloaded from the VNFM public GitHub repository you will find examples of all the inputs using the required format.

The following table lists the supported inputs file for each release of VNF Manager:

Parameter VNFM Version Required Blueprint VIM Description
big_iq_pool_license 1.3.x Yes BIG-IQ
Gi-LAN/F
All The base registration key code provided by F5 Networks after Purchase. Used to create RegKey Pool on the F5 BIG-IP system. You received this key in email from F5 Networks after purchase.
big_iq_primary_host_license 1.3.x Yes BIG-IQ
Gi-LAN/F
All Base registration key used to license the primary BIG-IQ system of an HA-pair. You received this key in email from F5 Networks after purchase.
big_iq_secondary_host_license 1.3.x Yes BIG-IQ All Base registration key used to license the secondary BIG-IQ system of an HA-pair. You received this key in email from F5 Networks after purchase.
big_iq_passphrase 1.3.x Yes BIG-IQ All The passphrase value that BIG-IQ uses to generate a Master Key (minimum of 16-characters, 1 or more capital letters 1 or more lowercase letters, 1 or more numbers, and 1 or more special characters).
big_iq_pool_name 1.3.x Yes BIG-IQ All The license pool name to use for the VNFM.
default_sg_name 1.3.x Yes BIG-IQ OpenStack The name of the pre-existing default security group.
key_name 1.3.x Yes BIG-IQ OpenStack The name of the local, private SSH key used for connecting to BIG-IQ.
sw_ref_bigiq 1.3.x Yes BIG-IQ All The dictionary that defines the BIG-IQ image name, flavor name, availability zone (OpenStack only), and revision value to use for the BIG-IQ HA pair instance. The revision number is used during the upgrade process. Instances with revision values lower than the number of the upgrade image provided, is considered as using an old version of the software.
floating_network_id 1.x Yes BIG-IQ
Gi-LAN/F
OpenStack The OpenStack ID or name of the external network where you assigned a floating IP addresses (for example, external_net).
mgmt_net 1.x Yes All All The name of the pre-existing management OpenStack network or VMware port group, connecting the BIG-IQ licensing utility, VNFM, and related blueprints that orchestrate BIG-IP VE service layers.
mgmt_net_sw_dist 1.3 Yes BIG-IQ vSphere The vSphere setting (true/false) of the switch distributed flag for the management network.
mgmt_sg_name 1.x Yes All OpenStack The name of the pre-existing management security group.
mgmt_subnet 1.x Yes All OpenStack The name of the pre-existing management network subnet.
ntp_server 1.x Yes All All The IP address or DNS name of the NTP server. If not specified, the default 132.163.96.1 value is used.
timezone 1.1.x No All All Enter the local timezone for the location of your application server; for example, Pacific/Pago_Pago. Default value is UTC. For acceptable values, consult the TZ database name in this list.
default_gateway 1.x Yes Base
Gi-LAN/F
All The next hop IP address for outbound traffic egressing the VNF.
ric_purchasing_model 1.1.x Yes Gi-LAN/F All The purchasing model for licensing (options include: subscription or perpetual).
ric_vnfm_serial 1.1.x Yes Gi-LAN/F All The VNFM license key provided in your email from F5 (used for support purposes only).
ric_throughput (deprecated) 1.0 - 1.1.1 Yes Gi-LAN/F OpenStack DEPRECATED in version 1.2: Desired throughput for the VNF layer, in Gbps (options include: 5, 10, 50 Gbps).
auto_last_hop 1.x Yes Gi-LAN/F All Controls how the DAG receives return traffic from the internet. Enable this input, if you are using an F5 device to NAT outbound connections; otherwise, disable.
bgp_dag_pgw_peer_ip 1.x No Gi-LAN/F All If your environment uses Border Gateway Protocol (BGP) on the client-side, then enter the neighbor address of the PGW to which the DAG BIG-IPs will advertise their default routes.
bgp_vnf_pgw_peer_ip 1.x No Gi-LAN/F All If using BGP on the client-side, then enter the neighbor address of the PGW, enabling the VNF to send traffic directly back to the client without passing it back through the DAG.
bgp_pgw_peer_as 1.x No Gi-LAN/F All If using BGP on the client-side, then enter the autonomous system number (ASN) for the BGP neighbor.
bgp_dag_egw_peer_ip 1.x No Gi-LAN/F All If using BGP on the external-side, then enter the BGP neighbor address.
bgp_egw_peer_as 1.x No Gi-LAN/F All If using BGP on the external-side, then enter the BGP ASN.
external_net 1.x No Base All The name of the pre-existing external network that connects to your users.
external_sg_name 1.x No Base All The name of the pre-existing external security group.
external_subnet 1.x No Base All The subnet name for the pre-existing external network.
internal_net 1.x No Base All The name of the pre-existing internal network that connects to your servers.
internal_sg_name 1.x No Base All The name of the pre-existing internal security group.
internal_subnet 1.x No Base All The subnet name for the pre-existing internal network.
sw_ref_ltm 1.x No Base All The dictionary that defines the image/template name, flavor/configuration name, availability zone (OpenStack only), and revision number to use for the BIG-IP VE instances. The revision number is used during the upgrade process. Instances with revision values lower than the number of the upgrade image provided, is considered as using an old version of the software.
default_ltm_number 1.x No Base All The default number of BIG-IPs that will get deployed by this blueprint. Verify that the same number of license keys defined in the registration key pool matches this input value.
mgmt_subnet_cidr 1.2 No Base vSphere The network ID and subnet mask for the applicable network; for example, 10.6.149.0/24.
internal_subnet_cidr 1.2 No Base vSphere The network ID and subnet mask for the applicable network; for example, 10.6.149.0/24.
internal_net_sw_dist 1.2 No Base vSphere The vSphere switch distributed flag for internal network. Set to true if your system uses a distributed switch on this network or false if not.
external_net_sw_dist 1.2 No Base vSphere The vSphere switch distributed flag for external network. Set to true if your system uses a distributed switch on this network or false if not.
ctrl_net 1.x Yes Gi-LAN/F All The name of the control network, where F5 NFV solutions connect to processes such as, your policy and control rules function engine, subscriber service-charging functions, signaling, and other similar processes.
ctrl_subnet 1.x Yes Gi-LAN/F All The name of the control network subnet.
ctrl_ip_range 1.2 Yes Gi-LAN/F vSphere The IP range defined for the control network; for example, 10.30.0.2-10.30.0.100.
ctrl_net_sw_dist 1.2 Yes Gi-LAN/F vSphere The vSphere switch distributed flag for Control network. Set to true if your system uses a distributed switch on this network or false if not.
ctrl_subnet_cidr 1.2 Yes Gi-LAN/F vSphere The network ID and subnet mask for the applicable network; for example, 10.6.149.0/24.
ha_net 1.x Yes Gi-LAN/F All The name of the high availability network (for config. sync and network failover purposes).
ha_subnet 1.x Yes Gi-LAN/F All Name of the high availability network subnet.
ha_ip_range 1.2 Yes Gi-LAN/F vSphere The IP range defined for the high availability network; for example, 10.40.0.2-10.40.0.100.
ha_net_sw_dist 1.2 Yes Gi-LAN/F vSphere The vSphere switch distributed flag for HA network. Set to true if your system uses a distributed switch on this network or false if not.
ha_subnet_cidr 1.2 Yes Gi-LAN/F vSphere The network ID and subnet mask for the applicable network; for example, 10.6.149.0/24.
centos_image_id (deprecated) 1.0-1.1 Yes Gi-LAN/F OpenStack DEPRECATED in version 1.1.1: The OpenStack ID of the CentOS image to use when creating the monitoring nodes.
nagios_flavor_id (deprecated) 1.0-1.1 Yes Gi-LAN/F OpenStack DEPRECATED in version 1.1.1: The OpenStack ID of the flavor to use when creating the monitoring nodes.
mgmt_default_gw 1.2 Yes Base
Gi-LAN/F
vSphere IP address of the default gateway for Management network
manager_mgmt_host 1.x Yes Base
Gi-LAN/F
All The internal IP address of the VNF Manager instance.
manager_rest_password 1.x Yes Base
Gi-LAN/F
All Password for the VNF Manager. Default value is admin.
manager_rest_username 1.x Yes Base
Gi-LAN/F
All The user name of the VNF Manager project/tenant. Default value is admin.
mgmt_ip_range 1.2 Yes Base
Gi-LAN/F
vSphere The range of host IP addresses you will use to assign to BIG-IP VEs; for example, 10.50.50.2-10.50.50.100, enabling you to assign 98 addresses. You can also create multiple, smaller IP address groups with that larger range; for example, 10.50.50.2-10.50.50.20, 10.50.50.21-10.50.50.30, and so forth.
mgmt_dns 1.2 Yes Base
Gi-LAN/F
vSphere DNS server address used for management network.
bigip_ssh_key 1.2 Yes Base
Gi-LAN/F
vSphere The name of the SSH key that you will import into the BIG-IP VE instances.
bigip_os_ssh_key (deprecated) 1.0-1.1.1 Yes Base
Gi-LAN/F
OpenSack DEPRECATED in version 1.2: The name of the OpenStack SSH key that you will import into the BIG-IP VE instances.
big_iq_host 1.x Yes Base
Gi-LAN/F
All The IP address of the BIG-IQ VE instance that will assign licenses to the BIG-IP VE instances.
big_iq_lic_pool 1.x Yes Base
Gi-LAN/F
All The name of the BIG-IQ key or pool that will be used to assign licenses to the BIG-IP VE instances.
sw_ref_dag 1.x Yes Gi-LAN/F All

Depending upon your VIM:

  • A dictionary that defines the OpenStack image name, flavor name, availability zone (version 1.2), and revision to use for the BIG-IP VE disaggregation instances. The revision number is used during the upgrade process. Instances with revision values lower than the number of the upgrade image provided, is considered as using an old version of the software.
  • A dictionary that defines the VMware template name, configuration, and revision to use for the BIG-IP VE disaggregation instances. Instances with revision values lower than the number of the upgrade image provided, is considered as using an old version of the software.
sw_ref_vnf 1.x Yes Gi-LAN/F All

Depending upon your VIM:

  • A dictionary that defines the OpenStack image name, flavor name, availability zone (version 1.2), and revision to use for the BIG-IP VE virtual network functions instances. Instances with revision values lower than the number of the upgrade image provided, is considered as using an old version of the software.
  • A dictionary that defines the VMware template name, configuration, and revision to use for the BIG-IP VE virtual network functions instances. Instances with revision values lower than the number of the upgrade image provided, is considered as using an old version of the software.
sw_ref_nagios 1.1.1 Yes Gi-LAN/F All

Depending upon your VIM:

  • A dictionary that defines the OpenStack image name, flavor name, availability zone (version 1.2), and revision to use for the CentOS monitoring nodes. Instances with revision values lower than the number of the upgrade image provided, is considered as using an old version of the software.
  • A dictionary that defines the VMware template name, configuration, and revision to use for the CentOS monitoring nodes. Instances with revision values lower than the number of the upgrade image provided, is considered as using an old version of the software.
nagios_pass 1.2 Yes Gi-LAN/F vSphere Password for the Nagios server.
nagios_user 1.2 Yes Gi-LAN/F vSphere Username for the Nagios server.
mgmt_sg_name 1.x Yes Gi-LAN/F All The name of the pre-existing management security group.
pgw_sg_name 1.x Yes Gi-LAN/F All The name of the pre-existing packet gateway (PGW) security group.
pdn_sg_name 1.x Yes Gi-LAN/F All The name of the pre-existing provider data network (PDN) security group.
snmp_sg_name 1.x Yes Gi-LAN/F All The name of the pre-existing SNMP security group.
pgw_net 1.x Yes Gi-LAN/F All Name of the OpenStack network or the VMware port group.
pgw_subnet 1.x Yes Gi-LAN/F All The name of the pre-existing PGW sub-network.
pgw_ip_range 1.2 Yes Gi-LAN/F vSphere The range of host IP addresses you will use to assign to BIG-IP VEs; for example, 10.0.0.2-10.0.0.100, enabling you to assign 98 addresses. You can also create multiple, smaller IP address groups with that larger range; for example, 10.0.0.2-10.0.0.20, 10.0.0.21-10.0.0.30, and so forth.
pdn_net 1.x Yes Gi-LAN/F All Name of the OpenStack network or the VMware port group.
pdn_subnet 1.x Yes Gi-LAN/F All The name of the pre-existing PDN network subnet.
pdn_ip_range 1.2 Yes Gi-LAN/F vSphere The range of host IP addresses you will use to assign to BIG-IP VEs; for example, 10.0.0.2-10.0.0.100, enabling you to assign 98 addresses. You can also create multiple, smaller IP address groups with that larger range; for example, 10.0.0.2-10.0.0.20, 10.0.0.21-10.0.0.30, and so forth.
pgw_dag_net 1.x Yes Gi-LAN/F All Name of the OpenStack network or the VMware port group.
pgw_dag_subnet 1.x Yes Gi-LAN/F All The name of the pre-existing PGW-DAG network subnet.
pgw_dag_subnet_cidr 1.2 Yes Gi-LAN/F vSphere The network ID and subnet mask for the applicable network; for example, 10.6.149.0/24.
pgw_dag_ip_range 1.2 Yes Gi-LAN/F vSphere The range of host IP addresses you will use to assign to BIG-IP VEs; for example, 10.20.0.2-10.20.0.100, enabling you to assign 98 addresses. You can also create multiple, smaller IP address groups with that larger range; for example, 10.20.0.2-10.20.0.20, 10.20.0.21-10.20.0.30, and so forth.
pgw_dag_net_sw_dist 1.2 Yes Gi-LAN/F vSphere The vSphere switch distributed flag for PGW DAG network. Set to true if your system uses a distributed switch on this network or false if not.
pgw_subnet_cidr 1.2 Yes Gi-LAN/F vSphere The network ID and subnet mask for the applicable network; for example, 10.6.149.0/24.
pdn_dag_net 1.x Yes Gi-LAN/F All Name of the OpenStack network or the VMware port group.
pdn_dag_subnet 1.x Yes Gi-LAN/F All The name of the pre-existing PDN-DAG network subnet.
pdn_subnet_cidr 1.2 Yes Gi-LAN/F vSphere The network ID and subnet mask for the applicable network; for example, 10.6.149.0/24.
pdn_dag_ip_range 1.2 Yes Gi-LAN/F vSphere The range of host IP addresses you will use to assign to BIG-IP VEs; for example, 10.15.0.2-10.15.0.100, enabling you to assign 98 addresses. You can also create multiple, smaller IP address groups with that larger range; for example, 10.15.0.2-10.15.0.20, 10.15.0.21-10.15.0.30, and so forth.
pdn_net_sw_dist 1.2 Yes Gi-LAN/F vSphere The vSphere switch distributed flag for PDN network. Set to true if your system uses a distributed switch on this network or false if not.
pdn_dag_net_sw_dist 1.2 Yes Gi-LAN/F vSphere The vSphere switch distributed flag for PDN DAG network. Set to true if your system uses a distributed switch on this network or false if not.
pdn_dag_subnet_cidr 1.2 Yes Gi-LAN/F vSphere The network ID and subnet mask for the applicable network; for example, 10.6.149.0/24.
agent_user 1.2 Yes Gi-LAN/F vSphere The user for the client agents.
Parameter VNFM Version Required Blueprint VIM Description
ctrl_sg_name 1.x Yes Gi-LAN/F All The name of the pre-existing control security group.
max_scale_dag_group 1.x Yes Gi-LAN/F All The maximum number of layers to which the DAG group will scale.
max_scale_vnf_group 1.x Yes Gi-LAN/F All The maximum number of layers to which the VNF group will scale.
max_heal_vnfd_dag_ve 1.x Yes Gi-LAN/F All Maximum number of times a DAG VE will heal before it stops trying and shows an error.
max_heal_vnf_layer 1.x Yes Gi-LAN/F All Maximum number of times a layer will heal before it stops trying and returns an error.
max_heal_vnf_slave_ve 1.x Yes Gi-LAN/F All Maximum number of times a slave VE will heal before it stops trying and returns an error.
vnf_layer_cpu_threshold 1.x Yes Gi-LAN/F All Maximum number of times a slave VE will heal before it stops trying and returns an error.
vnf_layer_cpu_threshold_check_interval 1.x Yes Gi-LAN/F All Interval between checks, in minutes.
vnf_group_throughput 1.x Yes Gi-LAN/F All The desired aggregate throughput (Gigabits In Out) for every layer in the group. Example values: 5 for 5 gig, 0 for 10 gig, 0.5 for 500mb.
vnf_group_throughput_threshold 1.x Yes Gi-LAN/F All New layer is added to group when the percentage of average aggregate layer throughput exceeds this value (for example, 75).
dag_group_cpu_threshold_check_interval 1.x Yes Gi-LAN/F All Interval between checks, in minutes.

What’s next?

Deploy local F5 (Gi LAN) blueprint.