F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. BIG-IQ Cloud
  4. BIG-IQ Cloud: Cloud Administration
  5. Integrating with VMware Networking
Manual Chapter : Integrating with VMware Networking

Applies To:

Show Versions Show Versions

BIG-IQ Cloud

  • 4.5.0
Manual Chapter
Table of Contents | << Previous Chapter | Next Chapter >>

About VMware Networking integration

There are two VMware products that you can integrate with the BIG-IQ Networking connector.

  • For VMware vShield version 5.1 and 5.5 (also known as VCNS version 5.5), and VMware NSX 6.0, the BIG-IQ software integration provides you with the tools to provide tenants access to self-deployable iApps.
  • For vCloud Director versions 1.5 and 5.1, BIG-IQ Cloud integration makes it possible for you to use the VCD interface with your cloud applications to manage the F5 cloud applications.

Network requirements for communication with VMware cloud services

For proper communication, BIG-IQ Cloud must have network access to the resources on which VMware software is installed. Before you can manage cloud resources, you must define a network route between the BIG-IQ Cloud device’s VLAN and the management VLAN on the VMware.

Creating a connection between BIG-IQ Cloud and VMware

To enable integration between a third-party cloud provider and BIG-IQ Cloud, you must configure a cloud connector. A cloud connector is a resource that identifies the local or virtual environment in which a tenant deploys applications and, when necessary, adds parameters required by third-party cloud providers.
  1. Hover over the Connectors header, click the + icon when it appears, and then click New Connector.
  2. In the Name and Description fields, type a name and description. You can use the name and description to help you organize network resources into logical groups based on certain criteria, such as the location or application.
  3. From the Cloud Provider list, select VMware NSX 6.1.
  4. From the Devices list, select the device you want to associate with this connector.
  5. To select additional devices to associate with this connector, click the + icon at the right of the list. BIG-IQ system discovers application servers associated with this connector, and populates them in the Server panel. If the system discovers F5 devices, it populates the Device panel with them.
  6. In the VMware Networking Address field, type the IP address of the VMware system. The VMware IP address must be fully accessible from the BIG-IQ device's internal VLAN.
  7. In the VMware Networking User Name and VMware Networking Password fields, type the credentials for the VMware administrator.
  8. From the BIG-IQ User Name list, select the BIG-IQ user the VMware administrator should contact and, in the BIG-IQ Password field, type the password for that user.
  9. Click the Save button.

Discovering devices located in the VMware cloud

After you license and perform the initial configuration for the BIG-IQ system, you can discover BIG-IP devices running version 11.5 or later. For proper communication between the managing BIG-IQ system and the devices it manages, you must configure the BIG-IQ system with a route to each F5 device you want to manage. If you do not specify the required network communication route between the devices, then device discovery fails.

You must know the IP address that the BIG-IQ device will use to access the BIG-IP device.

Discover a device by providing the BIG-IQ system with the device's IP address, user name, and password.

  1. Log in to BIG-IQ Cloud with your administrator user name and password.
  2. Hover over the Devices header, click the + icon when it appears, and then select New Device. The Devices panel expands to show the New Device screen.
  3. In the IP Address field, type the device's IP address. The preferred address for discovering a BIG-IP device is its management IP address.
  4. (This step applies only if the BIG-IQ system is not hosted on AWS version 4.4 or later.) If the BIG-IQ system and the BIG-IP device are on different subnets, then you need to log in to the BIG-IQ system using SSH to specify an IP route between them.
    • If the BIG-IQ system and the BIG-IP device communicate using the management IP address, then there must be a default route specified. If there is no default route, issue a route command.
      1. Use SSH to log in to the BIG-IQ system's management IP address as the root user.
      2. Type the following command: route <route name> {gw <x.x.x.x> network default}
    • If the BIG-IQ system and the BIG-IP device use something other than the management IP address to communicate, then issue a tmsh route command.
      1. Use SSH to log in to the BIG-IQ system's management IP address as the root user.
      2. Type the following command: tmsh create net route <route name> {gw <x.x.x.x> network default}
      Note: Where <route name> is a user-provided name to identify the new route, and <x.x.x.x> is the IP address of the default gateway for the internal network.
  5. In the User Name and Password fields, type the administrator user name and password for the managed device.
  6. For the Auto Update Framework setting, select the Update Automatically check box to direct the BIG-IQ system to perform any required REST framework updates on the BIG-IP device. For the BIG-IQ system to properly manage a BIG-IP device, the BIG-IP device must be running the most recent REST framework.
    Important: When you update the REST framework for BIG-IP devices running version 11.6 or earlier, the traffic management interface (TMM) restarts. Before you update the REST framework on a BIG-IP device, verify that no critical network traffic is targeted to that device. Additionally, In any system upgrade scenario, the potential exists for unexpected errors. Because there is not currently an automatic recovery and rollback feature, if an upgrade fails, it is conceivable that a BIG-IP device would not be left in the pre-discovery state. If you want to roll back the upgrade due to an error or any other reason, the recommended recovery for this situation is to perform a partition restore (restoring both the pre-discovery management components and any related configuration).
  7. Click the Add button.
The BIG-IQ system populates the properties of the device that you added, and displays the device in the Devices panel. Its configuration files display in the Configuration panel.
If you want to use the BIG-IP device just discovered to host NSX virtual servers, you should now associate it with a VMware cloud connector.

About vCloud Director integration

Integrating VMware vCloud Director with your cloud applications makes it possible for you to use the vCloud Director (VCD) interface to manage the F5 cloud applications. The integration process involves tasks using the user interface in both the F5 BIG-IQ Cloud and the VMware VCD.

After you integrate vCloud Director (VCD) with BIG-IQ Cloud, you can use VCD to manage your cloud applications. After integration, a catalog of BIG-IP Cloud applications appears in the VCD user interface.

BIG-IQ Cloud refers to a service provider's customers as tenants. The VCD equivalent to a tenant is referred to as an organization. BIG-IQ Cloud identifies tenants using a tenant ID. One key to successfully integrating VCD with BIG-IQ Cloud is associating the tenant ID assigned to that catalog with a VCD organization.

To deploy an F5 application catalog in vShield Manager, you deploy a vShield Manager service profile. While vShield Manager service profiles do not currently recognize F5 tenants, they do recognize VCD organizations. So when your tenant’s ID is associated with a VCD organization, you can use vShield Manager and VCD to administer and deploy the tenant’s application catalog.

When you create a tenant for VCD integration, make a note of the tenant ID so you can connect it to a VCD organization.

Task summary

When you are integrating vCloud Director (VCD) and BIG-IQ Cloud, you must configure VCD, then BIG-IQ, then VCD again.

Network requirements for communication with VMware cloud services

For proper communication, BIG-IQ Cloud must have network access to the resources on which VMware software is installed. Before you can manage cloud resources, you must define a network route between the BIG-IQ Cloud device’s VLAN and the management VLAN on the VMware.

Creating a connection between BIG-IQ Cloud and VMware

To enable integration between a third-party cloud provider and BIG-IQ Cloud, you must configure a cloud connector. A cloud connector is a resource that identifies the local or virtual environment in which a tenant deploys applications and, when necessary, adds parameters required by third-party cloud providers.
  1. Hover over the Connectors header, click the + icon when it appears, and then click New Connector.
  2. In the Name and Description fields, type a name and description. You can use the name and description to help you organize network resources into logical groups based on certain criteria, such as the location or application.
  3. From the Cloud Provider list, select VMware NSX 6.1.
  4. From the Devices list, select the device you want to associate with this connector.
  5. To select additional devices to associate with this connector, click the + icon at the right of the list. BIG-IQ system discovers application servers associated with this connector, and populates them in the Server panel. If the system discovers F5 devices, it populates the Device panel with them.
  6. In the VMware Networking Address field, type the IP address of the VMware system. The VMware IP address must be fully accessible from the BIG-IQ device's internal VLAN.
  7. In the VMware Networking User Name and VMware Networking Password fields, type the credentials for the VMware administrator.
  8. From the BIG-IQ User Name list, select the BIG-IQ user the VMware administrator should contact and, in the BIG-IQ Password field, type the password for that user.
  9. Click the Save button.

Discovering devices located in the VMware cloud

After you license and perform the initial configuration for the BIG-IQ system, you can discover BIG-IP devices running version 11.5 or later. For proper communication between the managing BIG-IQ system and the devices it manages, you must configure the BIG-IQ system with a route to each F5 device you want to manage. If you do not specify the required network communication route between the devices, then device discovery fails.

You must know the IP address that the BIG-IQ device will use to access the BIG-IP device.

Discover a device by providing the BIG-IQ system with the device's IP address, user name, and password.

  1. Log in to BIG-IQ Cloud with your administrator user name and password.
  2. Hover over the Devices header, click the + icon when it appears, and then select New Device. The Devices panel expands to show the New Device screen.
  3. In the IP Address field, type the device's IP address. The preferred address for discovering a BIG-IP device is its management IP address.
  4. (This step applies only if the BIG-IQ system is not hosted on AWS version 4.4 or later.) If the BIG-IQ system and the BIG-IP device are on different subnets, then you need to log in to the BIG-IQ system using SSH to specify an IP route between them.
    • If the BIG-IQ system and the BIG-IP device communicate using the management IP address, then there must be a default route specified. If there is no default route, issue a route command.
      1. Use SSH to log in to the BIG-IQ system's management IP address as the root user.
      2. Type the following command: route <route name> {gw <x.x.x.x> network default}
    • If the BIG-IQ system and the BIG-IP device use something other than the management IP address to communicate, then issue a tmsh route command.
      1. Use SSH to log in to the BIG-IQ system's management IP address as the root user.
      2. Type the following command: tmsh create net route <route name> {gw <x.x.x.x> network default}
      Note: Where <route name> is a user-provided name to identify the new route, and <x.x.x.x> is the IP address of the default gateway for the internal network.
  5. In the User Name and Password fields, type the administrator user name and password for the managed device.
  6. For the Auto Update Framework setting, select the Update Automatically check box to direct the BIG-IQ system to perform any required REST framework updates on the BIG-IP device. For the BIG-IQ system to properly manage a BIG-IP device, the BIG-IP device must be running the most recent REST framework.
    Important: When you update the REST framework for BIG-IP devices running version 11.6 or earlier, the traffic management interface (TMM) restarts. Before you update the REST framework on a BIG-IP device, verify that no critical network traffic is targeted to that device. Additionally, In any system upgrade scenario, the potential exists for unexpected errors. Because there is not currently an automatic recovery and rollback feature, if an upgrade fails, it is conceivable that a BIG-IP device would not be left in the pre-discovery state. If you want to roll back the upgrade due to an error or any other reason, the recommended recovery for this situation is to perform a partition restore (restoring both the pre-discovery management components and any related configuration).
  7. Click the Add button.
The BIG-IQ system populates the properties of the device that you added, and displays the device in the Devices panel. Its configuration files display in the Configuration panel.
If you want to use the BIG-IP device just discovered to host NSX virtual servers, you should now associate it with a VMware cloud connector.
Table of Contents | << Previous Chapter | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information