F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. BIG-IQ Device
  4. BIG-IQ Device: Device Management
  5. Integrating OpenStack
Manual Chapter : Integrating OpenStack

Applies To:

Show Versions Show Versions

BIG-IQ Device

  • 4.4.0
Manual Chapter
Table of Contents | << Previous Chapter | Next Chapter >>

About OpenStack integration

BIG-IQ Cloud provides you with the tools to manage OpenStack versions 2013.1 (Grizzly) and 2013.2 (Havana) resources required to run applications. Management tasks include discovering BIG-IP VE virtual machines and discovering, creating, starting, and stopping OpenStack application servers running in the private cloud. You can use this feature to accommodate seasonal traffic fluctuations by periodically adding and retracting devices and application servers as needed. Additionally, you can provide tenants access to self-deployable iApps through OpenStack integration.

To provide access to these services for OpenStack tenants, you configure communication between OpenStack products, and BIG-IQ Cloud. Then, you associate an OpenStack cloud connector with a device, and create a catalog entry for a corresponding OpenStack service profile. The tenants to whom you give access to the catalog entry see it in their applications panel. From there, they can use it to self-deploy their own iApps.

Network requirements for communication with OpenStack cloud services

Before you can manage devices residing in an OpenStack private cloud, you must establish proper communication between the BIG-IQ Cloud and the OpenStack controller node. Generally, this means defining a network route between the BIG-IQ Cloud internal VLAN and the public Internet, or the OpenStack private cloud endpoint.

The BIG-IQ Cloud connector for OpenStack parses the OpenStack cloud's network naming convention as follows:

  • Any network that contains the name mgmt, management, internal, or external is assumed to indicate a network type (always-on management network, internal network, and external network, respectively). If there are multiple networks, BIG-IQ Cloud uses the first network it finds with those names to communicate with the OpenStack cloud.
  • If there are no networks with those names, BIG-IQ Cloud assigns the network type based on the order in which the network was discovered. For example, if BIG-IQ Cloud discovers networks 10.10.10.0/24, 20.20.20.0/24, and 30.30.30/24, it assigns them as follows:
  • Management network 10.10.10.0/24
  • External network 20.20.20.0/24
  • Internal network 30.30.30.0/24

This is important to know, because when you create a new application server in OpenStack through BIG-IQ Cloud, you are allowed to select the internal or external network, but not the management network.

Tip: If you deploy a BIG-IP device in the OpenStack cloud and you want to discover it from BIG-IQ Cloud, you must have an external or interface route from BIG-IQ Cloud to the OpenStack cloud network. If BIG-IQ Cloud is not on same network as OpenStack, you might need to add a floating IP address to the interface to make it accessible. While either external or internal interfaces are acceptable, we recommend using the external interface.
Important: For specific instructions about how to configure your network for OpenStack, refer to the OpenStack documentation.

OpenStack Compute edits required to use BIG-IP VE systems

Before you create BIG-IP VE systems in an OpenStack environment, you must edit a file on each OpenStack Compute node. If you do not edit this file, any BIG-IP VE system you configure fails to start.

  1. Log in to the command line of each OpenStack Compute node and edit /etc/nova/release to read as follows: [Nova] vendor = Red Hat product = Bochs package = RHEL 6.3.0 PC
  2. Restart the OpenStack Compute node services.
This edit provides the BIG-IP VE system required access to the OpenStack hypervisor. Any BIG-IP VE systems you create in the OpenStack environment can now properly start.

Discovering devices located in the OpenStack cloud

After you license and perform the initial configuration for the BIG-IQ system, you can discover BIG-IP devices running version 11.3 or later. For proper communication, you must configure each F5 device you want to manage with a route to the BIG-IQ system. If you do not specify the required network communication route between the devices, then device discovery fails.

For devices located in a third-party cloud, you must know the internal self IP address (For OpenStack or VMware cloud) or the external self IP address for Amazon EC2. You also must configure BIG-IQ Cloud with DNS so it can resolve the endpoint by name. To access this setting, log in to BIG-IQ System, select the BIG-IQ system you want to modify, and click the gear icon.

  1. Hover over the Devices header, click the + icon when it appears, and then select Discover Device.
  2. In the IP Address field, type the device's external self IP address. You cannot discover a BIG-IP device using its management IP address.
  3. When the BIG-IQ system and the BIG-IP device are on different subnets, you must create a route:
    1. Use SSH to log in to the BIG-IQ system's management IP address as the root user.
    2. Type the following command: tmsh create net route <route name> {gw <x.x.x.x> network default}
    Where <route name> is a user-provided name to identify the new route, and <x.x.x.x> is the IP address of the default gateway for the internal network.
  4. In the Admin User Name and Admin Password fields, type the administrator user name and password for the managed device.
  5. Select the Auto Update Framework check box to direct the BIG-IQ system to perform any required REST framework updates on the BIG-IP device. For the BIG-IQ system to properly manage a BIG-IP device, the BIG-IP device must be running the most recent REST framework. If you do not select the Auto Update Framework check box before you click the Add button, a message displays prompting you do update the framework or cancel the task.
  6. Click the Add button.
BIG-IQ System populates the properties of the device that you added, and displays the device in the Devices panel.
You can now associate this device with an OpenStack cloud connector and allocate resources to tenants.

Associating an OpenStack connector with devices

BIG-IQ Cloud must be able to collect statistics to provide server diagnostics to tenants. By default, most OpenStack deployments are configured to disallow diagnostics collection. For successful deployment, you must change this option by editing the Nova policy.json file (typically located in the /etc/nova/ directory) and changing the following line: compute_extension:server_diagnostics": "rule:admin_api to compute_extension:server_diagnostics": "rule:admin_or_owner".
To enable integration between a third-party cloud provider and the BIG-IQ device, you must configure a cloud connector. A cloud connector is a resource that identifies the local or virtual environment in which a tenant deploys applications and, when necessary, adds parameters required by third-party cloud providers.
  1. Log in to BIG-IQ Cloud with your administrator user name and password.
  2. Hover over the Connectors header and click the + icon when it appears.
  3. In the Name and Description fields, type a name and description. You can use the name and description to help you organize network resources into logical groups based on certain criteria, such as the location or application.
  4. From the Cloud Provider list, select OpenStack.
  5. In the OpenStack Controller Node URI field, type the URI for the OpenStack controller node.
  6. In the OpenStack User Name field, type the user name for the OpenStack administrator. For example, https://<IP address>:<Port> or http://<IP address>:<Port>. Note that default port for http is 5000.
  7. In the OpenStack Tenant Name and OpenStack Password fields, type the tenant (also known as, project) name and password.
  8. Click the Save button.
BIG-IQ Cloud discovers all associated OpenStack servers, and populates them in the Servers panel.
To complete discovery of BIG-IP devices and populate the Devices panel, provide the administrator user name and password when requested. You can then associate tenants with the OpenStack connector.
Table of Contents | << Previous Chapter | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information