/
inputs_openstack_dns_v1.3.1.yaml
209 lines (185 loc) · 12.5 KB
/
inputs_openstack_dns_v1.3.1.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
## NETWORKING CONFIG ##
mgmt_net: my_MGMT
mgmt_subnet: 10.0.0.0/24 # The subnet and netmask for the management network; for example, 10.146.130.0/23.
mgmt_default_gw: 10.0.0.254. # Default gateway used for management network.
mgmt_dns: 8.8.8.8 # DNS server address used for management network.
mgmt_ip_range: 10.0.0.128/26 # A list of IP address ranges of the host IP addresses you will use to assign to BIG-IP VEs; for example, 10.50.50.2-10.50.50.100, enabling you to assign 98 addresses. You can also create multiple, smaller IP address groups with that larger range; for example, 10.50.50.2-10.50.50.20 and 10.50.50.21-10.50.50.30, and so forth.
mgmt_net_sw_dist: true # The name of the pre-existing management network, connecting the BIG-IQ licensing utility, VNFM, and related blueprints that orchestrate BIG-IP VE service layers.
ctrl_net: changeme_CTRL # Name of the control network, where F5 NFV solutions connect to processes such as, your policy and control rules function engine, subscriber service-charging functions, signaling, and other similar processes.
ctrl_subnet_cidr: 10.1.0.0/24
ctrl_ip_range: 10.1.0.128/26 # A list of IP address ranges defined for the control network; for example, 10.30.0.2-10.30.0.100.
ha_net: changeme_HA # The name of the high availability network (for config. sync and network failover purposes).
ha_subnet_cidr: 10.2.0.0/24 # The subnet and netmask for the HA network; for example, 10.2.149.0/24.
ha_ip_range: 10.2.0.128/26 # A list of IP ranges defined for the high availability network; for example, 10.40.0.2-10.40.0.100.
pdn_net: my_PDN
pdn_subnet: 10.3.0.0/24 # The subnet and netmask for the provider network; for example, 10.3.149.0/24.
pdn_ip_range: 10.3.0.128/26 # A list of IP address ranges of the host IP addresses you will use to assign to BIG-IP VEs; for example, 10.0.0.2-10.0.0.100, enabling you to assign 98 addresses. You can also create multiple, smaller IP address groups with that larger range; for example, 10.0.0.2-10.0.0.20 and 10.0.0.21-10.0.0.30, and so forth.
pdn_net_sw_dist: true # The name of the pre-existing PDN network.
pgw_net: changeme_PGW # The name of the pre-existing PGW network.
pgw_subnet_cidr: 10.4.0.0/24 # The subnet and netmask for the provider network for the DAG group; for example, 10.4.149.0/24.
pgw_ip_range: 10.4.0.128/26 # A list of IP address ranges of host IP addresses you will use to assign to BIG-IP VEs; for example, 10.10.0.2-10.10.0.100, enabling you to assign 98 addresses. You can also create multiple, smaller IP address groups with that larger range; for example, 10.10.0.2-10.10.0.20 and 10.10.0.21-10.10.0.30, and so forth.
pgw_net_sw_dist: true # The vSphere switch distributed flag for PGW network. Set to true if your system uses a distributed switch on this network or false if not.
pdn_dag_net: changeme_PDN_DAG # The name of the pre-existing PDN-DAG (VNF egress) network.
pdn_dag_subnet: changeme_pdn_dag-subnet # The subnet and netmask for the provider network; for example, 10.5.149.0/24.
pdn_dag_ip_range: 10.5.0.128/26 # A list of ranges of the host IP addresses you will use to assign to BIG-IP VEs; for example, 10.15.0.2-10.15.0.100, enabling you to assign 98 addresses. You can also create multiple, smaller IP address groups with that larger range; for example, 10.15.0.2-10.15.0.20 and 10.15.0.21-10.15.0.30, and so forth.
pdn_dag_net_sw_dist: true # The vSphere switch distributed flag for PDN DAG network. Set to true if your system uses a distributed switch on this network or false if not.
pgw_dag_net: changeme_PGW_DAG
pgw_dag_subnet: pgw_dag-subnet # The subnet and netmask for the package gateway network for the DAG group; for example, 10.6.149.0/24.
pgw_dag_ip_range: 10.6.0.128/26 # A list of IP address ranges of the host IP addresses you will use to assign to BIG-IP VEs; for example, 10.20.0.2-10.20.0.100, enabling you to assign 98 addresses. You can also create multiple, smaller IP address groups with that larger range; for example, 10.20.0.2-10.20.0.20 and 10.20.0.21-10.20.0.30, and so forth.
pgw_dag_net_sw_dist: true # The vSphere switch distributed flag for PGW DAG network. Set to true if your system uses a distributed switch on this network or false if not.
bgp_dag_pgw_peer_ip: 10.4.0.1 # If your environment uses Border Gateway Protocol (BGP) on the client-side, then enter the neighbor address of the PGW to which the DAG BIG-IPs will advertise their default routes.
bgp_vnf_pgw_peer_ip: 10.6.0.1 # If using BGP on the client-side, then enter the neighbor address of the PGW, enabling the VNF to send traffic directly back to the client without passing it back through the DAG.
bgp_pgw_peer_as: '65001' # If using BGP on the client-side, then enter the autonomous system number (ASN) for the BGP neighbor.
bgp_dag_egw_peer_ip: 10.3.0.1 # If using BGP on the external-side, then enter the BGP neighbor address.
bgp_egw_peer_as: '65002' # If using BGP on the external-side, then enter the BGP ASN.
default_gateway: 10.5.0.1 #PDN_DAG Default Gateway
## ACCESS CONFIG ##
manager_mgmt_host: 10.0.0.106 # The internal IP address of the VNF Manager instance.
## DEVICE CONFIG ##
sw_ref_nagios: # The dictionary that defines the image/template name, flavor/configuration name, availability zone (OpenStack only), and revision number to use for the CentOS monitoring nodes.
data:
template: Centos7-GenericCloud # The flavor/configuration name
configuration: quadcpu # The image/template name
revision: 0
sw_ref_dag: # The dictionary that defines the image/template name, flavor/configuration name, availability zone (OpenStack only), and revision number to use for the BIG-IP VE disaggregation instances.
data:
template: BIGIP-13.1.0.5-0.0.5 # The flavor/configuration name
configuration: quadcpu # The image/template name
revision: 0
sw_ref_vnf: # The dictionary that defines the image/template name, flavor/configuration name, availability zone (OpenStack only), and revision number to use for the BIG-IP VE virtual network functions instances.
data:
template: BIGIP-13.1.0.5-0.0.5 # The image/template name
configuration: quadcpu # The flavor/configuration name
revision: 0
## BIGIP LICENSING ##
big_iq_host: 10.0.0.105 # The IP address of the BIG-IQ VE instance that will assign licenses to the BIG-IP VE instances.
big_iq_lic_pool: BIGIP_1 # Name of the BIG-IQ key or pool that will be used to assign licenses to the BIG-IP VE instances.
ctrl_sg_name: control_sg # The name of the pre-existing control security group. Required for versions 1.2.1 and earlier.
mgmt_sg_name: mgmt_sg # The name of the pre-existing management security group. Required for versions 1.2.1 and earlier.
pgw_sg_name: pgw_sg # The name of the pre-existing packet gateway (PGW) security group. Required for versions 1.2.1 and earlier.
pdn_sg_name: pdn_sg # The name of the pre-existing provider data network (PDN) security group. Required for versions 1.2.1 and earlier.
snmp_sg_name: snmp_sg # The name of the pre-existing SNMP security group. Required for versions 1.2.1 and earlier.
## VNF Resource Information Collector ##
ric_purchasing_model: subscription # The purchasing model for licensing (options include: subscription or perpetual).
ric_vnfm_serial: "12345" # The VNFM license key provided in your email from F5 (used for support purposes only).
auto_last_hop: "disabled" # Controls how the DAG receives return traffic from the internet. Enable this input, if you are using an F5 device to NAT outbound connections; otherwise, disable.
## GiLAN SETTINGS (MAY IMPACT VNFM PERFORMANCE)##
max_scale_dag_group: '10' # The maximum number of layers to which the DAG group will scale.
max_scale_vnf_group: '10' # The maximum number of layers to which the VNF group will scale.
max_heal_vnfd_dag_ve: '10' # Maximum number of times a DAG VE will heal before it stops trying and shows an error.
max_heal_vnf_layer: '10' # Maximum number of times a layer will heal before it stops trying and returns an error.
max_heal_vnf_slave_ve: '10' # Maximum number of times a slave VE will heal before it stops trying and returns an error.
# Nagios inputs
floating_network_id: fa541932-4156-4185-8344-a961cf4c8e41 # The OpenStack ID or name of the external network where you assigned a floating Gi-LAN/F IP addresses (for example, external_net). This value is optional and DNS for VNFM version 1.3 and later and the default value is empty. This input is required for VNFM versions 1.2.1 and earlier.
vnf_layer_cpu_threshold: '85' # Maximum number of times a slave VE will heal before it stops trying and returns an error.
vnf_layer_cpu_threshold_check_interval: '1' # Interval between checks, in minutes.
vnf_group_throughput: '20' # The desired aggregate throughput (Gigabits In Out) for every layer in the group. Example values: 5 for 5 gig, 0 for 10 gig, 0.5 for 500mb.
vnf_group_throughput_threshold: '75' # New layer is added to group when the percentage of average aggregate layer throughput exceeds this value (for example, 75).
vnf_group_throughput_check_interval: '1' # Interval between checks, in minutes.
dag_group_cpu_threshold: '89' # New instance is added to group when the percentage of average aggregate Global TMM CPU usage of all DAG group instances exceeds this value (for example, 75).
dag_group_cpu_threshold_check_interval: '1' # Interval between checks, in minutes.
## Common inputs ##
bigip_ssh_key: mykey # Name of the VIM SSH key that you will import into the BIG-IP VE instances.
ntp_server: 'string' # The IP address or DNS name of the NTP server. If not specified, the default 132.163.96.1 value is used (for example, pool.ntp.org)
timezone: America/Los_Angeles # Enter the local timezone using the TZ database name for the location of your application server; for example, Pacific/Pago_Pago. Default value is UTC.
vnf_as3_nsd_payload:
class: ADC
updateMode: selective
schemaVersion: 3.16.0
id: DNS
DNS_Test:
class: Tenant
Shared:
class: Application
template: shared
lbSelectedRule:
class: iRule
iRule: when DNS_REQUEST {log local0. "DNS REQUEST"}
remark: Log load balanced server
serviceAddress:
class: Service_Address
arpEnabled: False
spanningEnabled: True
virtualAddress: 0.0.0.0
dnsProfile:
class: DNS_Profile
label: profileDns
remark: DNS Profile test
parentProfile:
bigip: "/Common/dns"
dnsExpressEnabled: true
localBindServerEnabled: false
zoneTransferEnabled: true
localBindServerEnabled: false
cacheEnabled: true
cache:
use: /DNS_Test/Shared/dnsCache
dnsCache:
class: DNS_Cache
type: transparent
localZones:
testing.lablocal:
type: transparent
records:
- s1.testing.lablocal 300 IN A 10.9.0.1
- s2.testing.lablocal 300 IN A 10.9.0.2
- s3.testing.lablocal 300 IN A 10.9.0.3
- s4.testing.lablocal 300 IN A 10.9.0.4
TEST_DNS_Zone:
class: Application
template: generic
test.lab:
class: DNS_Zone
label: dnsZone
remark: DNS Zone test
dnsExpress:
enabled: true
nameserver:
use: master_dns
notifyAction: consume
allowNotifyFrom:
- 10.7.0.50
verifyNotifyTsig: false
responsePolicyEnabled: true
transferClients:
- use: slave_dns
master_dns:
class: DNS_Nameserver
address: 10.7.0.50
port: 53
routeDomain:
bigip: "/Common/0"
slave_dns:
class: DNS_Nameserver
address: 10.7.0.51
port: 53
routeDomain:
bigip: "/Common/0"
dns_resolver:
class: Application
template: udp
serviceMain:
allowVlans:
- bigip: /Common/pgw_dag
class: Service_UDP
layer4: udp
profileUDP:
bigip: /Common/udp
profileDNS:
use: /DNS_Test/Shared/dnsProfile
iRules:
- /DNS_Test/Shared/lbSelectedRule
snat: auto
lastHop: disable
translateServerAddress: true
translateServerPort: true
virtualAddresses:
- use: /DNS_Test/Shared/serviceAddress
virtualPort: 0
pool: dns_pool
dns_pool:
class: Pool
members:
- servicePort: 53
serverAddresses:
- 10.7.0.100