Last updated on: 2023-08-29 10:06:08.

OpenStack setup

Currently, F5 supports BIG-IP Virtual Edition 15.1.5.1 or BIG-IP Virtual Edition 16.1.2.1 and BIG-IQ Virtual Edition version 6.0.1 and 8.2 on OpenStack Queens Version 13 and Train Version 16 using the following setup:

OpenStack 13/16 Component Description
Flavors (OS v13 or OS v16)

Define flavors sized to accommodate the VNFM component images you previously uploaded. The minimum flavor requirements for deploying the F5 VNF Manager include:

  • vCPU: 4 (8 recommended)
  • RAM: 8GB (16GB recommended)
  • Root disk: 160GB
Networks (OS v13 or OS v16)

Define the following networks and one subnet for each, with sufficient IP address space in each network:

  • Management network (mgmt) – Configure the VNF Manager and BIG-IP VE management interfaces on this network, specifying at least one DNS server in the subnet configuration.
  • Provider gateway network (pgw_net) – Network used for the internal-facing DAG data plane interfaces.
  • Provider data network (pdn_net) – Network used for the external-facing DAG data plane interfaces.
  • DAG to provider gateway network (pgw_dag_net) – Network used for the internal-facing VNF data plane interfaces. VNFM creates this network automatically, during the launch process.
  • DAG to provider data network (pdn_dag_net) – Network used for the external-facing VNF data plane interfaces. VNFM creates this network automatically, during the launch process.
  • Control network (control_net) – Network used for communication with control and value-added services.
  • HA network (ha_net) – Network used for internal HA communication between clustered VNF BIG-IP VE instances.
  • External network (external_net) - Network used for accessing the VNFM externally. You assign this network when attaching a floating IP to the VNFM instance.
Network Ports (OS v13 or OS v16)
  1. Select the Networks tab, from the list click the Management network (created in the previous section), click the Ports tab, and then click Create Port.
  2. Complete the form setting the following:
    • Specify IP address or subnet value to Subnet
    • Subnet value as the Management network created in the previous section.
    • Leave all other settings with default values.
  3. Click Create Port.
Security Groups (OS v13 or OS v16)

Security groups are required for versions 1.2.1 and earlier, but are OPTIONAL for version 1.3.0 and later for ALL blueprint solutions. To set up security groups, consider the following:

  • SNMP security group (snmp_sg) – Allow UDP ports 161/162.
  • Control security group (control_sg) – Configure as needed for your environment.
  • Management security group (mgmt_sg) – Allow TCP port 443, and add an Ingress rule for ALL ICMP.
  • Provider data network security group (pdn_sg) – Configure as needed for your environment.
  • Provider gateway security group (pgw_sg) – Configure as needed for your environment.

Default behavior for OpenStack is to create a default security group for every instance. If you are not using security groups, then in VNFM version 1.3.0 and later inputs files, set the security_groups input to disable, and for VNFM version 1.4.0 and later set the VNF-BIG-IQ solution blueprint, security_groups input to 0 (disable).

Key Pair (OS v13 or OS v16) Defined PEM-encoded key pairs for accessing VNFM instance remotely, using SSH.

What’s Next?

Back to setup.