Manual Chapter : Deploying BIG-IP Virtual Edition

Applies To:

Show Versions Show Versions

BIG-IP AAM

  • 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP APM

  • 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP GTM

  • 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP Analytics

  • 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP LTM

  • 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP AFM

  • 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP PEM

  • 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1

BIG-IP ASM

  • 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1
Manual Chapter

Host machine requirements and recommendations

To successfully deploy and run the BIG-IP® VE system, the host system must satisfy minimum requirements.

The host system must include:

  • CentOS, Debian, Fedora, RHEL, or Ubuntu with the Xen Project package. The Virtual Edition and Supported Hypervisors Matrix, published on the AskF5™ web site, http://support.f5.com identifies the Linux versions that are supported for each release, as well as which operating systems provide support for SR-IOV and TSO.
  • Virtual Machine Manager®
  • Connection to a common NTP source (this is especially important for each host in a redundant system configuration)

If SR-IOV support is required, then additional drivers and configuration steps are required; consult your Linux Xen Project documentation for details.

The hypervisor CPU must meet the following requirements:
  • Use 64-bit architecture.
  • Have support for virtualization (AMD-V™ or Intel® VT-x) enabled.
  • Support a one-to-one thread-to-defined virtual CPU ratio, or (on single-threading architectures) support at least one core per defined virtual CPU.
  • If you use an Intel processor, it must be from the Core (or newer) workstation or server family of CPUs.

SSL encryption processing on your VE will be faster if your host CPU supports the Advanced Encryption Standard New Instruction (AES-NI). Contact your CPU vendor for details on which CPUs provide AES-NI support.

The hypervisor memory requirement depends on the number of licensed TMM cores. The table describes these requirements.

Number of Cores Memory Required
1 2 Gb
2 4 Gb
4 8 Gb
8 16 Gb

About BIG-IP VE Xen Project deployment

To deploy the BIG-IP® Virtual Edition (VE) system on Linux Xen Project, you need to perform these tasks:

  • Verify the host machine requirements.
  • Deploy an instance of the BIG-IP system as a virtual machine on a host system.
  • Power on the BIG-IP VE virtual machine.
  • Assign a management IP address to the BIG-IP VE virtual machine.

After you complete these tasks, you can log in to the BIG-IP VE system and run the Setup utility. Using the Setup utility, you can perform basic network configuration tasks, such as assigning VLANs to interfaces.

Deploying the BIG-IP VE virtual machine

The primary task in deploying BIG-IP® VE on the open source Xen Project environment is creating and executing a configuration file that sets up most of what you need to get up and running.

Important: Do not modify the configuration of the Xen Project guest environment with settings less powerful than the ones recommended in this document. This includes the settings for the CPU, RAM, and network adapters. Doing so might produce unexpected results.
  1. In a browser, open the F5 Downloads page (https://downloads.f5.com).
  2. Download the BIG-IP VE file package ending with qcow2.zip.
  3. Extract the file from the Zip archive and save it where your qcow2 files reside on theXen Project server.
  4. Use VNC to access the Xen Project server, and then convert the qcow2 image to the raw format necessary for Xen Project. You can use the following syntax to convert the image.
    # qemu-img convert <qcow_file_name>.qcow2 <raw_file_name>.raw
  5. Generate a MAC address for the network interface card associated with the management interface.
    Important: Be sure that the MAC address you create starts with the prefix 00:16:3e:.
    You can use a tool such as MAC Address Generator (http://www.miniwebtool.com/mac-address-generator/) to create this address.
  6. Use an editor to create a BIG-IP VM definition file that specifies the required parameters for your VM.
    Important: The sample configuration file provided here serves only as an example of the kinds of parameters you need to specify for your virtual machine. The actual file that you create will likely contain different parameters and settings.
    # vi /etc/xen/<config_file_name>
                        name = <config_file_name>
                        maxmem = 4096
                        memory = 4096
                        vcpus = 2
                        builder = "hvm"
                        boot = "c"
                        pae = 1
                        acpi = 1
                        apic = 1
                        hpet = 1
                        localtime = 0
                        on_poweroff = "destroy"
                        on_reboot = "restart"
                        on_crash = "restart"
                        sdl = 0
                        vnc = 1
                        vncunused = 1
                        keymap = "en-us"
                        disk = [ "file:/mnt/xen-bender/bigip/<raw_file_name.raw>,hda,w" ]
                        vif = [ "mac=00:16:<mgmt_interface_mac>,bridge=mgmtbr,script=vif-bridge",
                        "mac=00:16:3e:<external_interface_mac>,bridge=ext_bridge,script=vif-bridge",
                        "mac=00:16:3e:<internal_interface_mac>,bridge=int_bridge,script=vif-bridge",]
                        parallel = "none"
                        serial = "pty"
                        #pci = [ '05:10.0', '05:10.1' ]
                        
    Important: The last line of the example configuration file contains an optional entry that specifies the IDs for PCI external and internal network interface cards (NIC). This optional entry is required for SR-IOV support. Naturally, if you use this entry, you would omit the external and internal bridges specified in the vif section.
    Once you have perfected and saved your configuration file you are ready to create the BIG-IP VM,
  7. Run the configuration file using an open source tool such as xm.
    xm create /etc/xen/<config_file_name>
    The console should indicate a successful start up by displaying something similar to: Started domain <config_file_name>(id=444)
  8. Allow some time for the boot-up process; then, you should be able to connect to the BIG-IP console.
    # xm console <config_file_name>

Powering on the virtual machine

You power on the virtual machine so that you can begin assigning IP addresses.

    There are two default accounts used for initial configuration and setup:

    • The root account provides access locally, or using SSH, or using the F5 Configuration utility. The root account password is default.
    • The admin account provides access through the web interface. The admin account password is admin.

    You should change passwords for both accounts before bringing a system into production.

    Assigning a management IP address to a virtual machine

    The virtual machine needs an IP address assigned to its virtual management port.
    Tip: The default configuration for new deployments and installations is for DHCP to acquire the management port IP address.
    1. At the password prompt, type default.
    2. Type config and press Enter.
      The F5 Management Port Setup screen opens.
    3. Click OK.
    4. If you want DHCP to automatically assign an address for the management port, select Yes. Otherwise, select No and follow the instructions for manually assigning an IP address and netmask for the management port.
    When assigned, the management IP address appears in the Summary tab of the vSphere™ client. Alternatively, a hypervisor generic statement can be used, such as tmsh list sys management-ip
    Tip: F5 Networks highly recommends that you specify a default route for the virtual management port, but it is not required for operating the virtual machine.