/
inputs_vsphere_cgnat_offering_4.0.0.yaml
231 lines (220 loc) · 5.9 KB
/
inputs_vsphere_cgnat_offering_4.0.0.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
datacenter: default
# VNF Resource Information Collector
ric_purchasing_model: subscription
ric_vnfm_serial: "12345"
# VNF inputs
manager_mgmt_host: 10.100.0.230
mgmt_net: mgmt
mgmt_subnet_cidr: 10.100.0.0/24
mgmt_default_gw: 10.100.0.1
mgmt_dns: 8.8.8.8
mgmt_ip_range:
- '10.100.0.128-10.100.0.240'
mgmt_net_sw_dist: true
ctrl_net: control
ctrl_subnet_cidr: 10.100.1.0/24
ctrl_ip_range:
- '10.100.1.128-10.100.1.240'
ctrl_net_sw_dist: true
pdn_net: pdn
pdn_subnet_cidr: 10.100.3.0/24
pdn_ip_range:
- '10.100.3.128-10.100.3.240'
pdn_net_sw_dist: true
pgw_net: pgw
pgw_subnet_cidr: 10.100.4.0/24
pgw_ip_range:
- '10.100.4.128-10.100.4.240'
pgw_net_sw_dist: true
bgp_dag_egw_peer_ip: 10.100.3.1
bgp_dag_pgw_peer_ip: 10.100.4.1
bgp_egw_peer_as: 65000
bgp_pgw_peer_as: 65001
bgp_vnf_egw_peer_ip: 10.100.3.1 # egw pdn_net
bgp_vnf_pgw_peer_ip: 10.100.4.1 # pgw pgw_net
default_gateway: 10.100.3.1
## BIGIP LICENSING ##
big_iq_lic_pool: BIGIP_1
big_iq_host: 10.100.0.202
# Common inputs
bigip_ssh_key: key_name
ntp_server: pool.ntp.org
timezone: UTC
# The number of CGNAT instances that will be created during the first deployment
cgnat_ve_default_instances: 1
# CGNAT VNF layer scaling inputs
vnf_layer_throughput: 5
vnf_layer_throughput_check_interval: 1
vnf_layer_throughput_threshold: 1
vnf_layer_cpu_threshold: 85
vnf_layer_cpu_threshold_check_interval: 1
# Max number of 'instances' that can be created during heal
max_heal_vnf_slave_ve: 10
# Images for instances: CGNAT VE and Nagios
sw_ref_nagios:
data:
template: Centos7-GenericCloud
configuration: dualcpu
revision: 0
sw_ref_vnf:
data:
template: BIGIP-15.1.0.5-0.0.8.ALL_1SLOT-vmware
configuration: quadcpu
revision: 0
# CGNAT Inputs
cgnat_ip_ranges:
- '10.10.201.10-10.10.201.200'
cgnat_resource_id: '/f5vnf/Shared/natSourceTranslation/addresses'
starting_ip_number: 5
increment_ip_number: 2
# External Database
db_host: localhost
db_name: f5_db
db_user: postgres
db_password: postgres
db_port: 5432
db_sslmode: disable
sw_ref_external_db: {}
mgmt_external_db_ip: ''
# CGNAT instance configuration
vnf_as3_nsd_payload:
class: ADC
remark: VNF
schemaVersion: 3.0.0
id: cfy_vnf_01
label: vnf
f5vnf:
class: Tenant
Shared:
class: Application
template: shared
lbSelectedRule:
class: iRule
iRule: when LB_SELECTED {log local0. "Selected server [LB::server]"}
ServiceMain_TCP:
remark: VS TCP
layer4: tcp
translateServerAddress: False
translateServerPort: False
class: Service_L4
profileL4:
bigip: "/Common/fastL4"
virtualAddresses:
- use: /f5vnf/Shared/serviceAddress
virtualPort: 0
persistenceMethods:
- use: /f5vnf/Shared/persistenceSourceCarp
iRules:
- /f5vnf/Shared/lbSelectedRule
snat: none
lastHop: disable
arpEnabled: True
icmpEcho: disable
spanningEnabled: True
allowVlans:
- use: "/Common/pgw"
policyNAT:
use: "/f5vnf/Shared/natPolicy"
ServiceMain_UDP:
remark: VS UDP
layer4: udp
translateServerAddress: False
translateServerPort: False
class: Service_L4
profileL4:
bigip: "/Common/fastL4"
virtualAddresses:
- use: /f5vnf/Shared/serviceAddress
virtualPort: 0
persistenceMethods:
- use: /f5vnf/Shared/persistenceSourceCarp
iRules:
- /f5vnf/Shared/lbSelectedRule
snat: none
lastHop: disable
arpEnabled: False
icmpEcho: disable
spanningEnabled: True
allowVlans:
- use: "/Common/pgw"
policyNAT:
use: "/f5vnf/Shared/natPolicy"
serviceAddress:
class: Service_Address
arpEnabled: False
icmpEcho: disable
spanningEnabled: True
routeAdvertisement: "enable"
virtualAddress: 0.0.0.0
trafficGroup: /Common/traffic-group-local-only
profileL4:
clientTimeout: 30
idleTimeout: 300
looseClose: false
looseInitialization: false
maxSegmentSize: 0
resetOnTimeout: true
tcpCloseTimeout: 5
tcpHandshakeTimeout: 5
class: L4_Profile
profileL4Loose:
clientTimeout: 30
idleTimeout: 300
looseClose: true
looseInitialization: true
maxSegmentSize: 0
resetOnTimeout: true
tcpCloseTimeout: 5
tcpHandshakeTimeout: 5
class: L4_Profile
remark: Log load balanced server
persistenceDestinationCarp:
class: Persist
persistenceMethod: destination-address
hashAlgorithm: carp
persistenceSourceCarp:
class: Persist
persistenceMethod: source-address
hashAlgorithm: carp
natDestinationAddressList:
addresses:
- 0.0.0.0/0
class: Firewall_Address_List
natSourceAddressList:
addresses:
- 10.10.11.0/24
class: Firewall_Address_List
natDestinationPortList:
ports:
- 1-65535
class: Firewall_Port_List
natSourcePortList:
ports:
- 1-65535
class: Firewall_Port_List
natPolicy:
class: NAT_Policy
rules:
- destination:
addressLists:
- use: /f5vnf/Shared/natDestinationAddressList
portLists:
- use: /f5vnf/Shared/natDestinationPortList
name: nat_tcp
protocol: tcp
source:
addressLists:
- use: /f5vnf/Shared/natSourceAddressList
portLists:
- use: /f5vnf/Shared/natSourcePortList
sourceTranslation:
use: /f5vnf/Shared/natSourceTranslation
natSourceTranslation:
addresses:
- 10.10.200.101/32
patMode: pba
ports:
- 1-65535
routeAdvertisement: true
type: dynamic-pat
class: NAT_Source_Translation