Linux KVM: BIG-IP VE Setup¶
To deploy BIG-IP Virtual Edition (VE) on KVM, you will perform these tasks.
|1||Choose the license you want to buy, the BIG-IP VE modules you want, and the throughput you need. See K14810: Overview of BIG-IP VE license and throughput limits on the AskF5 Knowledge Base for details.|
|2||Confirm that you are running a hypervisor version that is compatible with a BIG-IP VE release. See BIG-IP Virtual Edition Supported Platforms for details.|
|3||Verify that the host hardware meets the recommended requirements.|
|4||If you plan to use SR-IOV, enable it on the hypervisor.|
|5||Download a BIG-IP VE image and deploy it.|
|6||If you are running a multi-NIC configuration without DHCP, manually assign an IP address for the BIG-IP Config Utility.|
After you complete these tasks, you can log in to the BIG-IP VE system and run the Setup utility to perform basic network configuration.
About single NIC and multi-NIC configurations¶
A typical BIG-IP VE configuration might include four NICs: one for management, one for internal, one for external, and one for high availability.
However, if you want to create a VM for a quick test, you can create a configuration with just one NIC. In this case, BIG-IP VE creates basic networking objects for you.
When BIG-IP VE first boots, it determines the number of active NICs. If BIG-IP VE detects one NIC, then:
- Networking objects (vNIC 1.0, a VLAN named Internal, and an associated self IP address) are created automatically for you.
- The port for the Configuration utility is moved from 443 to 8443.
- High availability (failover) is not supported, but config sync is.
- VLANs must have untagged interfaces.
If BIG-IP VE detects multiple NICs, then you create the networking objects. The port for the Configuration utility remains 443.
You can change the number of NICs after first boot and move from single to multi-NIC and vice versa.
If there is no DHCP server in your environment and no IP address automatically assigned, then the networking objects will not be created and the port will not be moved.
Prerequisites for BIG-IP Virtual Edition¶
Host CPU requirements¶
The host hardware CPU must meet the following requirements.
- The CPU must have 64-bit architecture.
- The CPU must have virtualization support (AMD-V or Intel VT-x) enabled.
- The CPU must support a one-to-one, thread-to-defined virtual CPU ratio, or on single-threading architectures, support at least one core per defined virtual CPU.
- If your CPU supports the Advanced Encryption Standard New Instruction (AES-NI), SSL encryption processing on BIG-IP VE will be faster. Contact your CPU vendor for details about which CPUs provide AES-NI support.
Host memory requirements¶
|Number of cores||Memory required|
Virtual machine memory requirements¶
The guest should have a minimum of 4 GB of RAM for the initial 2 virtual CPUs. For each additional CPU, you should add an additional 2 GB of RAM.
If you license additional modules, you should add memory.
|Provisioned memory||Supported modules||Details|
|4 GB or fewer||Two modules maximum.||AAM can be provisioned as standalone only.|
|4-8 GB||Three modules maximum.||BIG-IP DNS does not count toward the module limit. Exception: Application Acceleration Manager (AAM) cannot be provisioned with any other module; AAM is standalone only.|
|8 GB||Three modules maximum.||BIG-IP DNS does not count toward the module-combination limit.|
|12 GB or more||All modules.||N/A|
To achieve licensing performance limits, all allocated memory must be reserved.
Virtual machine storage requirements¶
The amount of storage you need depends on the BIG-IP modules you want to use, and whether or not you intend to upgrade.
|Provisioned storage||Supported modules||Details|
|9 GB (LTM_1SLOT)||Local Traffic Manager (LTM) module only; no space for LTM upgrades.||You can increase storage if you need to upgrade LTM or provision additional modules.|
|40 GB (LTM)||LTM module only; space for installing LTM upgrades.||You can increase storage if you decide to provision additional modules. You can also install another instance of LTM on a separate partition.|
|60 GB (ALL_1SLOT)||All modules except Secure Web Gateway (SWG); no space for installing upgrades.||The Application Acceleration Manager (AAM) module requires 20 GB of additional storage dedicated to AAM. If you are not using AAM, you can remove the datastore disk before starting the VM.|
|82 GB (ALL)||All modules except SWG and space for installing upgrades.||The Application Acceleration Manager (AAM) module requires 20 GB of additional storage dedicated to AAM. If you are not using AAM, you can remove the datastore disk before starting the VM.|
For production environments, virtual disks should be deployed Thick (allocated up front). Thin deployments are acceptable for lab environments.
To change the disk size after deploying the BIG-IP system, see Increase disk space for BIG-IP VE.
Virtual machine network interfaces¶
When you deploy BIG-IP VE, a specific number of virtual network interfaces (vNICs) are available.
Each virtual machine can have a maximum of 28 NICs.
Configure SR-IOV on the hypervisor¶
To increase performance, you can enable Single Root I/O Virtualization (SR-IOV). You need an SR-IOV-compatible network interface card (NIC) installed and the SR-IOV BIOS must be enabled.
See the hypervisor documentation for details.
To complete SR-IOV configuration, after you deploy BIG-IP VE, you must add three PCI device NICs and map them to your networks.
Deploy BIG-IP VE in KVM¶
To deploy BIG-IP VE, download an image from F5 and deploy it in your environment.
Do not change the configuration (CPU, RAM, and network adapters) of the KVM guest environment with settings less powerful than those recommended and described here.
In a browser, open the F5 Downloads page and log in.
On the Downloads Overview page, click Find a Download.
Under Product Line, click the link similar to BIG-IP v.x/Virtual Edition.
Click the link similar to x.x.x_Virtual-Edition.
If the End User Software License is displayed, read it and then click I Accept.
Download the BIG-IP VE file package ending with
Extract the file from the Zip archive and save it where your
qcow2files reside on the KVM server.
Use VNC to access the KVM server, and then start Virt Manager.
Right click localhost (QEMU), and from the popup menu, select New.
The Create a new virtual machine, Step 1 of 4 dialog box opens.
In the Name field, type a name for the connection.
Select import existing disk image as the method for installing the operating system, and click Forward.
Type the path to the extracted
qcowfile, or click Browse to navigate to the path location; select the file, and then click the Choose Volume button to fill in the path.
In the OS type setting, select Linux, for the Version setting, select Red Hat Enterprise Linux 6, and click Forward.
In the Memory (RAM) field, type the appropriate amount of memory (in megabytes) for your deployment. (For example
4096for a 4GB deployment). From the CPUs list, select the number of CPU cores appropriate for your deployment, and click Forward.
Select Customize configuration before install, and click the Advanced options arrow.
Select the network interface adapter that corresponds to your management IP address, and click Finish.
The Virtual Machine configuration dialog box opens.
Click Add Hardware.
The Add New Virtual Hardware dialog box opens.
If SR-IOV is not required, select Network.
From the Host device list, select the network interface adapter for your external network, and from the Device model list, select virtio. Then click Finish.
Do this again for your internal and HA networks.
If SR-IOV is required, select PCI Host Device and then select the PCI device for to the virtual function mapped to your host device’s external VLAN. Then click Finish.
Do this again for your host device’s internal VLAN and HA VLAN.
From the left pane, select Disk 1.
Click the Advanced options button.
From the Disk bus list, select Virtio.
From the Storage format list, select qcow2.
Click Begin Installation.
Virtual Machine Manager creates the virtual machine just as you configured it.
Use BIG-IP configuration utility tool to set management IP address¶
If your network has DHCP, an IP address is automatically assigned to BIG-IP VE during deployment. You can use this address to access the BIG-IP VE Configuration utility or tmsh command-line utility.
If no IP address was assigned, you can assign one by using the BIG-IP Configuration utility tool.
Connect to the virtual machine by using the hypervisor’s console.
At the login prompt, type
At the password prompt, type
configand press Enter.
The F5 Management Port Setup screen opens.
Select No and follow the instructions for manually assigning an IP address and netmask for the management port.
You can use a hypervisor generic statement, such as
tmsh show sys management-ipto confirm that the management IP address was set properly.
You can now log into the BIG-IP VE Config utility, and license and provision BIG-IP VE.