Applies To:

Show Versions Show Versions

Manual Chapter: Initial vCMP Setup
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Overview: Initial vCMP setup

Virtual Clustered Multi-Processing (vCMP) is a feature of the BIG-IP® system that makes it possible for you to run multiple instances of the BIG-IP® software on a single hardware platform.

Using the following implementation, you can create one guest on a vCMP® system, and then, within the guest, configure the basic Local Traffic Manager™ objects for processing HTTP application traffic: a pool, an HTTP profile, and a standard virtual server. A vCMP guest is a virtual BIG-IP device.

Task summary

vCMP deployment worksheet

There are a number of points during the vCMP® deployment process at which you will need to make decisions or provide values. Use this table as a prompt for gathering the answers and values you will need, so that you can provide them when performing the vCMP initial setup.

Configuration component Considerations
Active slots How many blades are installed (and in which slots)?
CPU core requirements How many CPU cores do you want to allocate to each guest?
External gateway address What is the gateway address (next hop) for external traffic?
FQDN What is the fully-qualified domain name (FQDN) for your BIG-IP® system?
Guest mode Should your guests be in bridged or isolated mode?
IP address range What is the IP address range that is valid for the vCMP guests you create?
Link aggregation control protocol Do your trunks require LACP mode?
Network mask What is the network mask for the guest IP?
Cluster primary IP address What is the cluster primary IP address? The management IP address assigned to the chassis' primary cluster during chassis installation is used to access the vCMP host.
User role Do you have a user role of Administrator? You need to have a user role of Administrator to perform the tasks in this process.

Activating the BIG-IP license for a vCMP VIPRION

To activate the vCMP® license, you need access to a browser and the base registration key. The base registration key is a character string that the license server uses to verify the type and number of F5 Networks products that you are entitled to license. If you do not have a base registration key, contact the F5 Networks sales group (http://www.f5.com).
You license vCMP from the License screen of the Setup Utility.
  1. From a workstation attached to the network on which you configured the management interface, type the following URL syntax where <management_IP_address> is the address you configured for device management: https://<management_IP_address>
  2. At the prompts, type the user name admin and the password admin.
  3. Click Log in. The Setup Utility screen opens.
  4. Click Activate. The License screen opens.
  5. In the Base Registration Key field, paste your base registration key.
  6. Click Next. The End User License Agreement (EULA) displays.
  7. Review the EULA. When you click Accept, the Platform screen opens.

Configuring the management port and administrative user accounts

Configure the management port, time zone, and the administrative user names and passwords.
  1. On the screen for configuring general properties, for the Management Port Configuration setting, select Manual and specify the IP address, network mask, and default gateway.
  2. In the Host Name field, type a fully-qualified domain name (FQDN) for the system. The FQDN can consist of letters, numbers, and/or the characters underscore ( _ ), dash ( - ), or period ( . ).
  3. For the Host IP Address setting, retain the default value Use Management Port IP Address.
  4. From the Time Zone list, select a time zone. The time zone you select typically reflects the location of the F5® system.
  5. For the Root Account setting, type and confirm a password for the root account. The root account provides console access only.
  6. For the Admin Account setting, type and confirm a password. Typing a password for the admin account causes the system to terminate the login session. When this happens, log in to the F5 Configuration utility again, using the new password. The system returns to the appropriate screen in the Setup utility.
  7. For the SSH Access setting, select or clear the check box.
  8. Click Next.
  9. In the Standard Network Configuration area of the screen, click Next. This displays the screen for enabling configuration synchronization and high availability.

Provisioning the BIG-IP system for vCMP

You must activate the license and provision the vCMP® feature before you can create any vCMP guests.
  1. On the Main tab, click System > Resource Provisioning.
  2. From the vCMP list, select Dedicated. Because you are setting up the vCMP host, not the guests, verify that all other modules are set to None. The vCMP feature must be run as a dedicated application. You license and provision the BIG-IP® modules on the vCMP guests once you create them.
  3. Click Update.
TMOS® now functions as the hypervisor for the vCMP system.

Accessing the vCMP host

Before you can access the vCMP® host, configure the VIPRION® chassis or appliance, including the management IP address. Also, you must have the Administrator user role assigned to your user account.
Perform this task to access the vCMP host after you have created and configured the VIPRION chassis or appliance.
Important: After you access the vCMP host, you do not create self IP addresses on the vCMP host. While self IP addresses on hypervisors are completely functional for basic traffic like ICMP (ping) and verifying that the host self IP addresses work correctly is an integral part of testing and hypervisor traffic switch verification, these self IP addresses are not visible nor useful from a guest perspective. You create self IP addresses that process guest traffic from the individual guests, because otherwise the guests could not "see" or make use of them.
  1. From a system on the external network, display a browser window.
  2. In the URL field, type the management IP address that you previously assigned to the chassis, as follows: https://<ip_address> The browser displays the login screen for the BIG-IP® Configuration utility.

Creating trunks

To configure trunks for the VIPRION® chassis or appliance, the four external interfaces must be cabled to your Internet gateway, external bridge, or vendor switch.
The first objects you configure are trunks that tie the internal and external vendor switch interfaces to the corresponding VIPRION chassis or appliance interfaces.
  1. Use a browser to log in to the management IP address of the VIPRION® chassis or appliance. This logs you in to the vCMP® host.
  2. On the peer (vendor) switch on the external network, create a trunk that includes the four external interfaces to which you have physically connected the external interfaces of the four blades. If the peer switch is configured to use Link Aggregation Control Protocol (LACP), you must enable LACP.
  3. Create a trunk, and if the peer switch is configured to use LACP, enable LACP on the new trunk:
    1. On the Main tab, expand Network, and click Trunks. The Trunks screen opens.
    2. At the upper right corner of the screen, click Create. The New Trunk screen opens.
    3. Assign the name trunk_ext, and assign an external interface of blade 1 to the trunk.
    4. Enable LACP mode, if required.
    5. Click Finished.
  4. Repeat the previous step, but this time, configure a trunk that ties the vendor switch internal interface to the VIPRION internal interface. Assign the name trunk_int.

Creating VLANs

You create VLANs and associate them with interfaces or trunks so that traffic will route to pool members in that VLAN's network space.
  1. Use a browser to log in to the management IP address of the VIPRION® chassis or appliance. This logs you in to the vCMP® host.
  2. On the Main tab, expand Network, and click VLANs. The VLANs screen opens.
  3. Click Create. The New VLAN screen opens.
  4. Configure a VLAN named external, and assign it to the trunk named trunk_ex as an untagged interface.
  5. Click Finished.
  6. Repeat steps 3 through 5, but this time, configure a VLAN named internal, and assign it to the trunk named trunk_int.
  7. Repeat steps 3 through 5 one more time, but this time, configure a VLAN named HA, assign it to the trunk named trunk_int as a tagged interface.

Creating a vCMP guest

To create a vCMP® guest, you need a VIPRION® chassis or appliance configured with a management IP address, some base network objects such as trunks and VLANs, and you must license and provision the system to run the vCMP feature.
You create a vCMP guest when you want to configure and run one or more BIG-IP® modules as though the modules were running together on their own BIG-IP device. For example, you can create a guest that runs BIG-IP® Local Traffic Manager™ and BIG-IP® Global Traffic Manager™. You specify on which slots the guest runs and how many cores you want for each guest.
Note: This procedure creates a guest in Bridged mode.
Note: When creating a guest, if you see an error message such as Insufficient disk space on /shared/vmdisks. Need 24354M additional space., you must delete existing unattached virtual disks until you have freed up that amount of disk space.
  1. Use a browser to log in to the management IP address of the VIPRION® chassis or appliance. This logs you in to the vCMP® host.
  2. On the Main tab, click vCMP > Guest List.
  3. Click Create.
  4. From the Properties list, select Advanced.
  5. In the Name field, type a name for the guest.
  6. In the Host Name field, type the host name of the BIG-IP system. Assign a fully-qualified domain name (FQDN). If you assign a name that is not an FQDN, the system might display an error message. If you leave this field blank, the system assigns the name localhost.localdomain.
  7. From the Cores Per Slots list, select the number of cores you want allocated to this guest.
    Tip: The number of cores allocated to a guest determines the system resources for this guest. The number you can select depends on the type of hardware you have.
    Important: For appliance devices, the next three steps do not apply; the corresponding user interface controls appear only on chassis devices. For appliance devices, skip to configuring the Management Network.
  8. From the Number of Slots list, select the maximum number of chassis slots on which you want your guest to reside. This specifies the maximum number of slots that your guest can consume on the chassis. Note that once you configure the number of slots your guest spans, you can change this value later to suit your needs.
  9. From the Minimum Number of Slots list, select the minimum number of chassis slots that must be available for this guest to deploy.
    Important: The minimum number of slots you specify must not exceed the maximum number of slots you specified.
    Important: If you are creating a guest that will deploy on a B4300 blade and you plan to provision that guest with the AM module, specify a minimum of 4 cores for this guest.
  10. From the Allowed Slots List select the specific slots on which you want your guest to reside by moving the slot number to the Selected field using the Move button.
    Important: If you want to allow the guest to deploy onto any slots in the chassis, add them all. Bear in mind that the number of slots in the Allowed Slots list must equal or exceed the number specified in the Minimum Number of Slots list.
  11. From the Management Network list, select Bridged.
  12. For the IP Address setting, fill in the required information:
    1. In the IP Address field, type a unique management IP address that you want to assign to the guest. You use this IP address to access the guest when you want to manage a module running within the guest.
    2. In the Network Mask field, type the network mask for the management IP address.
    3. In the Management Route field, type a gateway address for the management IP address.
  13. From the Initial Image list, select an ISO image file for installing TMOS® software onto the guest's virtual disk.
  14. In the Virtual Disk list, retain the default value of None. The BIG-IP system creates a virtual disk with a default name (the guest name plus the string .img, such as guestA.img). Note that if an unattached virtual disk file with that default name already exists, the system displays a message, and you must manually attach the virtual disk. You can do this using the tmsh command line interface, or use the Configuration utility to view and select from a list of available unattached virtual disks.
  15. For the VLAN List setting, select both an internal and an external VLAN name from the Available list, and use the Move button to move the VLAN names to the Selected list.
  16. From the Requested State list, select Provisioned. This allocates all necessary resources to the guest, such as CPU cores, virtual disk, and so on.
  17. Click Finish.
After clicking Finished, wait while the system installs the selected ISO image onto the guest's virtual disk. When this process is complete, you can deploy the guest.
Note: You can also skip the Provisioned state and instead go straight to the Deployed state if you are confident of your guest configuration. Provisioning first and then deploying makes it more straightforward to make changes to the slots to which your guests are allocated if you find you need to make changes.

Setting a vCMP guest to the Deployed state

Until you deploy a vCMP® guest, your vCMP host has no medium for provisioning and running the BIG-IP® modules that you can use to process traffic.
  1. Ensure that you are still logged in to the vCMP host using the management IP address.
  2. On the Main tab, click vCMP > Guest List.
  3. In the Name column, click the name of the vCMP guest that you want to deploy.
  4. From the Requested State list, select either Provisioned or Deployed.
  5. Click Update.
    Important: Depending on the extent of the changes made to the vCMP guest, the guest may reboot.
After moving a vCMP guest to the Deployed state, wait while the guest boots and becomes accessible. Then, you can log into the vCMP guest to provision specific BIG-IP modules.

Provisioning a BIG-IP module within a guest

Before you can access a guest to provision BIG-IP® modules, the vCMP® guest must be in the Deployed state.
You determine which BIG-IP modules run within a guest by provisioning the modules. For example, if you want guestA to run LTM® and GTM™, log into guestA and provision it with LTM and GTM. If you want guestB to run LTM and ASM™, log into guestB and provision it with BIG-IP LTM and BIG-IP ASM. Bear in mind that guests inherit the licenses of the vCMP host on which they were created, so any BIG-IP modules that you want to provision on a guest must be included in the license you installed with the vCMP host.
Note: This procedure applies to guests in Bridged mode only. Guests in isolated mode can be accessed only using vconsole and tmsh.
  1. Use a browser and the management IP address that you configured for the guest to log in to the guest. If the system prompts you to run the Setup Utility, do not. Instead, complete this task to produce an initial configuration better suited for a vCMP guest. The BIG-IP Configuration utility opens so that you can configure the guest.
  2. On the Main tab, click System > Resource Provisioning.
  3. In the Resource Provisioning (Licensed Modules) area, from the Local Traffic (LTM) list, select Minimal, Nominal, or Dedicated, depending on your needs.
  4. Click Update.
    Important: Depending on the extent of the changes made to the vCMP guest, the guest may reboot.
After provisioning the module from within the guest, create self IP addresses and assign a vCMP host VLAN to each one. The vCMP host VLANs that you assign to these self IP addresses are the VLANs you created before creating the guest.

Creating a self IP for a VLAN

Ensure that you have at least one VLAN or VLAN group configured before you create a self IP address.
Self IP addresses enable the BIG-IP® system, and other devices on the network, to route application traffic through the associated VLAN or VLAN group.
  1. On the Main tab, click Network > Self IPs. The Self IPs screen opens.
  2. Click Create. The New Self IP screen opens.
  3. In the Name field, type a unique name for the self IP.
  4. In the IP Address field, type an IPv4 or IPv6 address. This IP address should represent the address space of the VLAN that you specify with the VLAN/Tunnel setting.
  5. In the Netmask field, type the network mask for the specified IP address.
  6. From the VLAN/Tunnel list, select the VLAN to associate with this self IP address.
    • On the internal network, select the VLAN that is associated with an internal interface or trunk.
    • On the external network, select the VLAN that is associated with an external interface or trunk.
  7. From the Port Lockdown list, select Allow Default.
  8. Click Finished. The screen refreshes, and displays the new self IP address in the list.
The BIG-IP system can send and receive traffic through the specified VLAN or VLAN group.

Overview: Verifying initial vCMP configuration

Verifying your vCMP configuration confirms that the setup performed up to this point is functioning properly. Once you establish that the vCMP® configuration is correct, you will likely need to create a profile, pools, and virtual server that are tailored to your network topology before your guest can begin processing LTM® traffic.

Task summary

Creating a pool to process HTTP traffic

You can create a pool of web servers to process HTTP requests.
  1. On the Main tab, click Local Traffic > Pools. The Pool List screen opens.
  2. Click Create. The New Pool screen opens.
  3. In the Name field, type a unique name for the pool.
  4. For the Health Monitors setting, from the Available list, select the http monitor, and click << to move the monitor to the Active list.
  5. From the Load Balancing Method list, select how the system distributes traffic to members of this pool. The default is Round Robin.
  6. For the Priority Group Activation setting, specify how to handle priority groups:
    • Select Disabled to disable priority groups. This is the default option.
    • Select Less than, and in the Available Members field type the minimum number of members that must remain available in each priority group in order for traffic to remain confined to that group.
  7. Using the New Members setting, add each resource that you want to include in the pool:
    1. Type an IP address in the Address field.
    2. Type 80 in the Service Port field, or select HTTP from the list.
    3. (Optional) Type a priority number in the Priority field.
    4. Click Add.
  8. Click Finished.
The new pool appears in the Pools list.

Creating a virtual server to manage HTTP traffic

You can create a virtual server to manage HTTP traffic as either a host virtual server or a network virtual server.
  1. On the Main tab, click Local Traffic > Virtual Servers. The Virtual Server List screen opens.
  2. Click the Create button. The New Virtual Server screen opens.
  3. In the Name field, type a unique name for the virtual server.
  4. For the Destination setting, in the Address field, type the IP address you want to use for the virtual server. The IP address you type must be available and not in the loopback network.
  5. In the Service Port field, type 80, or select HTTP from the list.
  6. From the HTTP Profile list, select http.
  7. In the Resources area of the screen, from the Default Pool list, select a pool name.
  8. Click Finished.
The HTTP virtual server appears in the list of existing virtual servers on the Virtual Server List screen.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)