F5OS-A 1.0.0 - System Resource Provisioning¶
Feature Overview¶
The rSeries platform is an all-in-one appliance running F5OS-A, similar to F5OS-C on VELOS but without the controllers and partitions. The system has resources, in terms of CPU, memory and interfaces. Some of those resources are used for F5OS itself, and the rest by the tenants in this release of F5OS. In this page you can find how many resources are available for tenants, and how you can deploy a tenant using those resources.
Feature deeper overview¶
When configuring F5OS-A rSeries appliance system, all of the resources are assigned to a single partition.
The administrator is responsible for configuring tenant deployments within the appliance. Once a tenant has been deployed, there is a per-tenant administrator role, whose responsibilities include configuring the services that are available on that tenant.
Tenants inherit certain capabilities, such as the license and VLANs, from the appliance. Do not try to install a new license or delete the existing license on the tenants.
When configuring VLANs, if you add VLANs at the tenant level, they won’t be configured in the appliance level, and for this reason they may not carry traffic.
When looking at resources you have the following to assign to your tenants:
Memory
vCPUs
Network ( interfaces and VLANs )
Storage
Let’s look at them one by one:
| Model | Memory | vCPUs | Network | Storage* |
|---|---|---|---|---|
| r5x00 | 128 GB | 1 x 16-Core Intel® Xeon® processor (total 32 hyperthreaded logical processing cores) | 8 x 25GbE SFP28 ports 2 x 100GbE QSFP28 ports 1 x 1GbE management port |
1 x 960 GB M.2 solid-state drive (SSD) |
| r10x00 | 256 GB | 1 x 24-Core Intel® Xeon® processor (total 48 hyperthreaded logical processing cores) | 16 x 25GbE SFP28 ports 4 x 40GbE QSFP28 ports 1 x 1GbE management port |
2 x 1 TB U.2 solid-state drives (SSDs) RAID 1 Mirror |
*Note: As the aggregate disk usage within deployed tenants increases, the host disk can start to reach capacity on systems
with many large tenants. The administrator will need to monitor disk usage to make sure there is sufficient space for the tenants.
Tenants Overview¶
Currently we support only “BIG-IP” type tenants.A tenant is a guest system running software on the appliance(for example, a Classic BIG-IP system). You can run several tenants in the same appliance, by assigning them resources from the appliance.
The maximum number of lightweight tenants that can be created in an appliance is depends on the model and resources available on that model. Each lightweight tenant requires a minimum of one vCPU or 4096 MB minimum memory.
Bear in mind that suchlightweight tenant, in the BIG-IP case, has limitations, so you can’t provision multiple modules. If you need faster throughput and more storage for tenants, you might want to create fewer tenants and allocate more vCPUs (at least two) and memory to them.
In summary, for tenants you are required to assign at least 1 vCPU and a minimum of 4GB. However it is recommended to use at least 2 vCPU.
When provisioning your tenant, you can either select the amount of vCPU to use, and the system will calculate the minimum memory required, or you can select the vCPU and the memory yourself.The suggested formula to calculate the minimummemory per tenant is :
Formula Minimum Memory¶
min-memory = (3.5 *1024* vCPU-cores-per-node) + 512Examples¶
The minimum memory assignment for 1 vCPU is:4GB = (3.5 *1024* 1) + 512
The minimum memory assignment for 2 vCPU is:7680 MB = (3.5 *1024* 2)+ 512
The minimum memory assignment for 4 vCPU is:15360 MB = (3.5 *1024* 4) + 512
Tenant images available¶
When creating a tenant, you need to deploy from an image. There are multiple image variations, for example the “T1” variant is like the “1SLOT” image for BigIP virtual-edition. Refer to the table for the mapping of each use case to the correct image to be used:
| Image | Use Case | Provision | Upgrade |
|---|---|---|---|
| T1 | Maximum tenant density, maximum tenants per appliance | Lightweight LTM or GTM only (also called micro-instance) | No upgrade or hotfix application available |
| T2 | Maximum upgradeable tenant density, maximum upgradeable tenants per appliance | LTM or GTM only | Live-upgradeable |
| ALL | Multi-tenancy, multi-module, and service chaining | Provisioning all modules (also called the all-module instance) | Live-upgradeable |
| T4 | Single tenant with multiple modules | All modules with increased capacity | Live-upgradeable |
Looking at the memory usage, the vCPU to use, and the images available, the tenants sizing recommendation is as follows:
Tenants Sizing Recommendation for rSeries¶
| Tenant Image | Disk Size | Minimum Memory | Minimum # vCPU | Max tenants r5900 | Max tenants r10900 |
|---|---|---|---|---|---|
| T1 | 22 GB | 4 GB | 1 | 26 | 36 |
| T2 | 45 GB | 8 GB | 2 | 13 | 18 |
| ALL | 76 GB | 8 GB | 2 | 11 | 11 |
| T4 | 142 GB | 8 GB | 2 | 6 | 6 |
The steps needed to deploy a tenant are as follows:
*Tenant naming: Tenant names must start with a lower case letter or deployment will fail.
GUI Screen Shots¶
The main dashboard shows information about CPU, memory, and storage availability:
Here is the page for the port groups configuration. From the drop-down menu, you can configure each port to one of the following configurations: 100GbE, 40 GbE, 4 x 25 GbE and 4 x 10GbE
*Note: Changing the mode for a port group reboots the system, removes stale interfaces from your configuration, and removes any references to stale interfaces from your configuration. You will then need to reconfigure any previously-configured protocols to use the modified port group.
*Note: Port Mode for ports 1 and 2; 11 and 12 must match. For example, if port 1 is set to 100GbE and port 2 is set to 40 GbE, the changes can not be saved.
By default, no link aggregation ( LAG ) is configured. In case you want to aggregate multiple physical interfaces, you can “add” a LAG. Shown below is a screenshot of the GUI page that allows you to aggregate interfaces.
Here is the VLAN page. You can create as many VLANs as you need. The interface column will tell you if any of those VLANs are assigned to any physical interface(s).
The interfaces page shows the interfaces available, and whether any VLAN is configured:
If you want to assign a VLAN to an interface, you need to go to the page that edits that interface, and add the VLANs there as needed.
The tenant page will allow you to deploy new tenants, as shown below:
CLI commands¶
Everything that is available on the GUI is also availableat CLI level. You can see the running-config details below for port groups, LAG, VLANs, Interfaces and Tenants. As the admin user, you can configure these as indicated below.
Port groups configuration:
vanquish-01# show running-config portgroups`
portgroups portgroup 1
config name 1
config mode MODE_100GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 2
config name 2
config mode MODE_100GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 3
config name 3
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 4
config name 4
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 5
config name 5
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 6
config name 6
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 7
config name 7
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 8
config name 8
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 9
config name 9
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 10
config name 10
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 11
config name 11
config mode MODE_100GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 12
config name 12
config mode MODE_100GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 13
config name 13
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 14
config name 14
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 15
config name 15
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 16
config name 16
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 17
config name 17
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 18
config name 18
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 19
config name 19
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
portgroups portgroup 20
config name 20
config mode MODE_25GB
config ddm ddm-poll-frequency 30
!
*Note: Changing the mode for a port group reboots the system, removes stale interfaces from your configuration, and removes any references to stale interfaces from your configuration. You will then need to reconfigure any previously-configured protocols to use the modified port group.
vanquish-01# config
vanquish-01(config)# portgroups portgroup 3 config mode MODE_10GB
vanquish-01(config-portgroup-3)# commit
The following warnings were generated:
'portgroups portgroup': Portgroup mode changes result in a reboot of the box.
Proceed? [yes,no]
*Note: Adjacent QSFP Port Modes MUST match, such as port mode for ports 1 and 2 or 11 and 12. For example, if port 1 is set to 100GbE and port 2 is set to 40 GbE, the changes can not be saved.
vanquish-01# config
Entering configuration mode terminal
vanquish-01(config)# portgroups portgroup 1 configmode MODE_40GB
vanquish-01(config-portgroup-1)# commit
Aborted: 'portgroups portgroup': Homogeneous portgroup mode is required for adjacent QSFP ports. The following portgroups: 2 1 do not follow the constraint.
vanquish-01(config-portgroup-1)# exit
vanquish-01(config)# portgroups portgroup 11 config mode MODE_40GB
vanquish-01(config-portgroup-11)# commit
Aborted: 'portgroups portgroup': Homogeneous portgroup mode is required for adjacent QSFP ports. The following portgroups: 2 1 12 11 do not follow the constraint.
LAG configuration:
Configuration Resources
vanquish-01# show running-config interfaces interface testLAG
interfaces interface testLAG
config name testLAG
config type ieee8023adLag
aggregation config lag-type LACP
aggregation config distribution-hash src-dst-ipport
!
vanquish-01# show running-config interfaces interface aggregation
interfaces interface testLAG
aggregation config lag-type LACP
aggregation config distribution-hash src-dst-ipport
!
vanquish-01# show running-config interfaces interface 4.0
interfaces interface 4.0
config name 4.0
config type ethernetCsmacd
config enabled
ethernet config aggregate-id testLAG
!
vanquish-01# show running-config interfaces interface 5.0
interfaces interface 5.0
config name 5.0
config type ethernetCsmacd
config enabled
ethernet config aggregate-id testLAG
!
VLAN configuration:
VLANs per tenant
vanquish-01# show running-config tenants tenant test-tenant config vlans
tenants tenant test-tenant
config vlans [ 2030 2040 ]
!
vanquish-01#
VLANs configuration
vanquish-01# show running-config vlans
vlans vlan 2030
config vlan-id 2030
config name vlan-internal
!
vlans vlan 2040
config vlan-id 2040
config name vlan-external
!
vlans vlan 2050
config vlan-id 2050
config name server
!
vanquish-01# show running-config vlan-listeners
vlan-listeners vlan-listener 0.host 2030
config entry-type VLAN-LISTENER
config owner test-tenant
config ifh-fields ndi-id 4095
config ifh-fields svc 8
config ifh-fields sep 15
config ifh-fields mirroring disabled
!
vlan-listeners vlan-listener 0.host 2040
config entry-type VLAN-LISTENER
config owner test-tenant
config ifh-fields ndi-id 4095
config ifh-fields svc 8
config ifh-fields sep 15
config ifh-fields mirroring disabled
!
Interfaces:
Configuration Interfaces
vanquish-01# show running-config interfaces
interfaces interface 1.0
config name 1.0
config type ethernetCsmacd
config enabled
!
interfaces interface 2.0
config name 2.0
config type ethernetCsmacd
config enabled
!
interfaces interface 3.0
config name 3.0
config type ethernetCsmacd
config enabled
!
interfaces interface 4.0
config name 4.0
config type ethernetCsmacd
config enabled
!
interfaces interface 5.0
config name 5.0
config type ethernetCsmacd
config enabled
!
interfaces interface 6.0
config name 6.0
config type ethernetCsmacd
config enabled
!
interfaces interface 7.0
config name 7.0
config type ethernetCsmacd
config enabled
!
interfaces interface 8.0
config name 8.0
config type ethernetCsmacd
config enabled
!
interfaces interface 9.0
config name 9.0
config type ethernetCsmacd
config enabled
!
interfaces interface 10.0
config name 10.0
config type ethernetCsmacd
config enabled
!
interfaces interface 11.0
config name 11.0
config type ethernetCsmacd
config enabled
!
interfaces interface 12.0
config name 12.0
config type ethernetCsmacd
config enabled
!
interfaces interface 13.0
config name 13.0
config type ethernetCsmacd
config enabled
!
interfaces interface 14.0
config name 14.0
config type ethernetCsmacd
config enabled
!
interfaces interface 15.0
config name 15.0
config type ethernetCsmacd
config enabled
!
interfaces interface 16.0
config name 16.0
config type ethernetCsmacd
config enabled
!
interfaces interface 17.0
config name 17.0
config type ethernetCsmacd
config enabled
!
interfaces interface 18.0
config name 18.0
config type ethernetCsmacd
config enabled
!
interfaces interface 19.0
config name 19.0
config type ethernetCsmacd
config enabled
!
interfaces interface 20.0
config name 20.0
config type ethernetCsmacd
config enabled
!
interfaces interface mgmt
config name mgmt
config type ethernetCsmacd
config enabled
ethernet config auto-negotiate true
ethernet config duplex-mode FULL
ethernet config port-speed SPEED_1GB
!
vanquish-01#
Tenants:
Tenant Configuration
vanquish-01# show running-config tenants tenant test-tenant
tenants tenant test-tenant
config name test-tenant
config type BIG-IP
config image BIGIP-bigip151x-miranda-15.1.4.1-0.0.176.ALL-VELOS.qcow2.zip.bundle
config nodes [ 1 ]
config mgmt-ip 10.10.10.68
config prefix-length 24
config gateway 10.10.10.254
config vlans [ 2030 2040 ]
config cryptos enabled
config vcpu-cores-per-node 4
config memory 14848
config storage size 76
config running-state deployed
config appliance-mode disabled
!
vanquish-01#
Troubleshooting tips¶
With regards to VLANs, when configuring them in ConfD ( either via CLI, GUI or RestConf ), the configuration is pushed directly to the hardware via the platform software.When a VLAN is assigned to a tenant, the VLAN information is pushed to the tenant in the same way VLAN info is passed to vCMP guest in a Viprion system. For this reason you can view the VLAN configuration from within the tenant.
VLANs view from the tenant ( BIG-IP )¶
[root@localhost:Active:Standalone] config # tmsh list net vlan
net vlan vlan-2030 {
if-index 160
tag 2030
}
net vlan vlan-2040 {
if-index 176
tag 2040
}
However, the physical interfaces used are not visible from the tenant. To view that information, you need to log in to the appliance directly:
VLANs view from the partition¶
vanquish-01# show running-config tenants tenant config vlans
tenants tenant test-tenant
config vlans [ 2030 2040 ]
!
Whenever you need to troubleshoot networking issues, please consider starting your triage with the following commands:
Command for Networking issues¶
vanquish-01# show vlan-listeners
NDI SERVICE
INTERFACE VLAN ENTRY TYPE OWNER ID SVC VTC SEP DMS DID CMDS MIRRORING IDS
------------------------------------------------------------------------------------------------------
0.host 2030 VLAN-LISTENER test-tenant 4095 8 - 15 - - - disabled -
0.host 2040 VLAN-LISTENER test-tenant 4095 8 - 15 - - - disabled -
vanquish-01# show fdb
fdb mac-table entries entry 00:94:a1:69:43:25 2030 tag_type_vid
state vlan 2030
state tag-type tag_type_vid
state vid 2030
state entry-type L2-LISTENER
state owner test-tenant
state ifh-fields ndi-id 4095
state ifh-fields svc 8
state ifh-fields cmds 1
fdb mac-table entries entry 00:94:a1:69:43:25 2040 tag_type_vid
state vlan 2040
state tag-type tag_type_vid
state vid 2040
state entry-type L2-LISTENER
state owner test-tenant
state ifh-fields ndi-id 4095
state ifh-fields svc 8
state ifh-fields cmds 1
vanquish-01# show dag-states dag-state test-tenant
dag-states dag-state test-tenant
publisher dagd
publisher-instance 1
publish-time 1637231376
commit-tenant-instance 1
commit-time 1637231376
dag-version 16
tenant-instance-ids [ 15 63 ]
sdag-table "f 3f f 3f f 3f f 3f f 3f f 3f f 3f f 3f f 3f f 3f f 3f f 3f"
sdag-table-hash 36876
vanquish-01#