diff --git a/docs/initial_setup_of_velos_system_controllers.rst b/docs/initial_setup_of_velos_system_controllers.rst index 74f10b0..c839e38 100644 --- a/docs/initial_setup_of_velos_system_controllers.rst +++ b/docs/initial_setup_of_velos_system_controllers.rst @@ -211,11 +211,11 @@ Once logged in, you will configure the static IP addresses (unless DHCP is prefe .. code-block:: bash - syscon-2-active(config)# system mgmt-ip config ipv4 controller-1 address 10.255.0.212 - syscon-2-active(config)# system mgmt-ip config ipv4 controller-2 address 10.255.0.213 - syscon-2-active(config)# system mgmt-ip config ipv4 floating address 10.255.0.214 + syscon-2-active(config)# system mgmt-ip config ipv4 controller-1 address 10.10.10.212 + syscon-2-active(config)# system mgmt-ip config ipv4 controller-2 address 10.10.10.213 + syscon-2-active(config)# system mgmt-ip config ipv4 floating address 10.10.10.214 syscon-2-active(config)# system mgmt-ip config ipv4 prefix-length 24 - syscon-2-active(config)# system mgmt-ip config ipv4 gateway 10.255.0.1 + syscon-2-active(config)# system mgmt-ip config ipv4 gateway 10.10.10.1 To make these changes active, you must commit the changes. No configuration changes are executed until the commit command is issued. @@ -328,7 +328,7 @@ Note that the hash key can be used to check and compare the status of the primar .. code-block:: bash syscon-1-active# show system aaa primary-key state - system aaa primary-key state hash aNSWX6Xl8+dFx94JMRbySD/d/AJ8RarqJ+fedD#57bDxRF0cTgGFcZvMY415eDeAJjZlXp1qGuKI7CDmxNrnhw== + system aaa primary-key state hash xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx== system aaa primary-key state status "COMPLETE Initiated: Tue Apr 9 19:46:14 2024" syscon-1-active# @@ -353,7 +353,7 @@ The response will look similar to the output below. { "f5-primary-key:primary-key": { "state": { - "hash": "sj2GslitH9XYbmW/cpY0TJhMWkU+CpvAU9vqoiL4aZcfE6qnSUDU3PWx+lCZO5KrqVzlWu/3mRugCNniNyQhSA==", + "hash": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==", "status": "NONE" } } @@ -394,7 +394,7 @@ You can then run the API GET command again to see status: { "f5-primary-key:primary-key": { "state": { - "hash": "sUwBWJYT/VCne4xBVIdSfmjylG7QjMUskI1gtAKIfHifeahm/3/Ywq8zSdV2wn+RsiHdG+3EM/Ilih9GXQoyMA==", + "hash": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==", "status": "COMPLETE Initiated: Thu May 30 19:22:13 2024" } } @@ -421,8 +421,8 @@ In the system controller F5OS CLI, enter config mode. DNS, logging, and NTP can syscon-2-active(config)# system ntp config enabled syscon-2-active(config)# system ntp servers server time.f5net.com config address time.f5net.com syscon-2-active(config-server-time.f5net.com)# exit - syscon-2-active(config)# system logging remote-servers remote-server 10.255.0.142 selectors selector LOCAL0 WARNING - syscon-2-active(config-remote-server-10.255.0.142)# exit + syscon-2-active(config)# system logging remote-servers remote-server 10.10.10.142 selectors selector LOCAL0 WARNING + syscon-2-active(config-remote-server-10.10.10.142)# exit syscon-2-active(config)# commit Configure System Settings (DNS, NTP, Logging) From the WebUI @@ -588,9 +588,9 @@ In the body of the API call add the desired NTP & Timezone configuration. "servers": { "server": [ { - "address": "time.f5net.com", + "address": "pool.ntp.org", "config": { - "address": "time.f5net.com" + "address": "pool.ntp.org" } } ] @@ -619,9 +619,9 @@ In the body of the API call add the desired SYSLOG configuration. "remote-servers": { "remote-server": [ { - "host": "10.255.0.142", + "host": "10.10.10.1", "config": { - "host": "10.255.0.142", + "host": "10.10.10.1", "remote-port": "514" }, "selectors": { @@ -679,7 +679,7 @@ To license the VELOS chassis manually, you’ll need to get the dossier first: .. code-block:: bash syscon-2-active(config)# system licensing get-dossier - b9a9936886bada077d93843a281ce4c34bf78db0d6c32c40adea3a5329db15edd413fe7d7f8143fd128ebe2d97642b4ed9192b530788fe3965593e3b42131c66220401b16843476159414ceeba8af5fb67a39fe2a2f408b9… + xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx… You can then access F5’s licensing server (license.f5.com) via another host that has internet access, and paste in the dossier when prompted: @@ -740,7 +740,7 @@ The CLI command **show system licensing** will display the chassis level licensi syscon-2-active# show system licensing system licensing license Licensed version 1.2.0 - Registration Key V0453-12345-12345-12345-1234567 + Registration Key XXXXX-12345-12345-12345-1234567 Licensed date 2020/12/08 License start 2020/12/07 License end 2021/01/08 @@ -749,7 +749,7 @@ The CLI command **show system licensing** will display the chassis level licensi Appliance SN chs600148s Active Modules - Local Traffic Manager, CX410 (E428722-4444383) + Local Traffic Manager, CX410 (XXXXXXX-XXXXXXX) Best Bundle, CX410 APM-Lite Carrier Grade NAT (AFM ONLY) @@ -821,7 +821,7 @@ If the API call is successful, then the output will give you a system-dossier as { "f5-system-licensing-install:output": { - "system-dossier": "42bd1c9c5c1e9081522beea5ceab5c3e7726f9b5a90dd9d5a8d73d9dba80094317c6aeab2b75219226d9a2f8b335651d395ade0384debe1086ee0f46d0d7043c90b03f08a7fcdc28db75984892f1e28f394d07d569b45a1868ceeb264a272243e4c842c41fbd043fd4bcx19c6f1e3a274589d4f06253c49d31f1ed48731ddda10a5a68eb78d8473c06c38c3ea2cb6db0ae2902c5a9323dccf5e00212a9f541a58cd85fe191b12daa4a6975cee14fe33242cb8183fea43xa21c2a8c1944f14583895eb920306b4f9e0fd7834561026b0c669f736081e9da80bf536874d9a3737bacff59e6240381ddc2b821c380c81d963c95beedc6a940a4db97a527922383096c54d8028f3f3f6dccfe213fdad4a1316b772317cae0d45911469972bd3f761636f3f397467cf8a2e7ae1d22e1ea30d6b21d47ff4d8ab112ebc5d7eaab3819f0ed18b0830bc4250069a80de428ef28a9c4dba725a3623887019b7c31dc210997104140a58b8f172e8c4d0c4ea819b6743df711d0b65eb2c235e79313b1e9ff2dcd1768770e7f23dc626d2e44d0a394916a8b8debaf73971b91cbf3d96f7be6e1afcf18b42f84fd1b2ba7fe021e95417bbe2cf1bdb42077b8aefb350d865ae7db13073781212c8534d204a0e4023023de8b5380463b67b935fce2e4474f8f607130ee01c961cf978ccdb6211d9bc6f8axx4aab784f50c7e71a5bc1297f3453c9d0feb62e809315b7421f598275a2e8435aee8b2658f6a355706259820fde8702cb8940bf324494c4511d62964be657cc570a0947731e8ef025d6d7ea4038d91fe0084f11dda9a4713ae056bb21733958f4963a6051259a78d3336b368c345cc24da99a9ebf10e5f5b7c376484d60fd8d80ed2f6fbc9ef3bdf7b737af9780e7f4f72ea6a79b32a24da84fae44fdc0fd30761b3dd62d6660x462d90c843f1916eb2c01fd5efd25f05c196e6a6eb0ba93db3e549ee4fb2f79b08ed1edaae9aaf01d83fe87b473852b97fa89573ff85247e1c5be23a599b3f8c65d1d7f6d2c4f56d13217bb2ba07d383d038b29ab407e4cf40986a83d0b18933d53078e80b7cd7550" + "system-dossier": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" } } @@ -1081,15 +1081,16 @@ In the body of the API call enter the edited license in the proper area. Below i Registration Key : XXXXX-XXXXX-XXXXX-XXXXX-XXXXXXX Licensed version : 1.6.1 Platform ID : F101 - Appliance SN : chs600032s + Appliance SN : chs123456s # # Outbound License Dossier Validation # - Dossier : 01ac66f1c5a13fad15f3a0eca6428220df12b8e94506a852dae2c13fbbb67556e48f1x73b849d7cd3962e270e73y23218e85871670e84e9485e774357250f8f7299a176f + Dossier : + xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx # # Outbound License Authorization Signature # - Authorization : 185b003ad1b2b9c9e4365ef7315e17cee59c96d958354ba4931bd5c934600acbdf2ecc0f7093db5ded3a5e800038051960d9ab95a45a171d1c0d9f9c0480e2a2e43939c79cecb216bd6bc592b630b9a8787e3847d2bb731915258ef96c921bc6b1e7bd08c0e86bc6476e5ax3bb942e9964d61de662b3e370994335c84193cc03b7adb7f4ef9d1df7d5eb74f53bb1d801604e3d0d4eab875585c88ba708e5832bf5b666aaad894a2218c627666ce6a97f12cf7c9de65c72b6187756008fd8c23cf6475e4c1bd082423ce90f4f0b83455d3c5b1d3ac76b5d5932c9cf506f059d3802a2ba954d4d2ma86d16db40ceeccc59106051fe7d69ab8df5es713914e81f91 + Authorization : xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx # #----------------------------------------- # Copyright 1996-2023, F5 Networks, Inc. @@ -1159,11 +1160,11 @@ To get the current licensing status via API use the following API call. Issue a "registration-key": { "base": "XXXXX-XXXXX-XXXXX-XXXXX-XXXXXXX" }, - "dossier": "01ac66f1c5a13fad15f3a0eca6528220df04f42baa4c48f1c35682c6691dde0e306406407cec3f6b9c3cfa93751421360bfcf7085585d79b4feb7170a314637e8f99f22b09fcd4a4c54b27def300a8f9c83420b9cc0a6bd097a8f7e958fc2b8c4e93d685f6b70bc415e7999b869eba07d5976183ee31e612b8e94506a852dae2c13fbbb67556e48f1475b849d7xd396be270e73123258e85871670e81e9485e774a57250f8f7299a876f17106158c62efb579aad689ebfc629b31e2175c4485b59a4bed33bd3e2dd31e7fb83", - "license": "#\nAuth vers : 5b\n#\n#\n# BIG-IP System License Key File\n# DO NOT EDIT THIS FILE!!\n#\n# Install this file as \"/config/bigip.license\".\n#\n# Contact information in file /CONTACTS\n#\n#\n# Warning: Changing the system time while this system is running\n# with a time-limited license may make the system unusable.\n#\nUsage : F5 Internal Product Development\n#\n#\n# Only the specific use referenced above is allowed. Any other uses are prohibited.\n#\nVendor : F5 Networks, Inc.\n#\n# Module List \n#\nactive module : Local Traffic Manager, r10900|XXXXXX-XXXXXX|Rate Shaping|Anti-Virus Checks|Base Endpoint Security Checks|Firewall Checks|Machine Certificate Checks|Network Access|Protected Workspace|Secure Virtual Keyboard|APM, Web Application|App Tunnel|Remote Desktop|APM, Limited|Max SSL, r10900|Max Compression, r10900\noptional module : Access Policy Manager, Base, r109XX\noptional module : Access Policy Manager, Max, r109XX\noptional module : Advanced Firewall Manager, r10XXX\noptional module : Advanced Protocols\noptional module : Advanced Web Application Firewall, r10XXX\noptional module : App Mode (TMSH Only, No Root/Bash)\noptional module : Basic Policy Enforcement Manager, i10XXX\noptional module : BIG-IP, Multicast Routing\noptional module : BIG-IP, Privileged User Access, 100 Endpoints\noptional module : BIG-IP, Privileged User Access, 1000 Endpoints\noptional module : BIG-IP, Privileged User Access, 250 Endpoints\noptional module : BIG-IP, Privileged User Access, 50 Endpoints\noptional module : BIG-IP, Privileged User Access, 500 Endpoints\noptional module : Carrier-Grade NAT, r10XXX\noptional module : DataSafe, r10XXX\noptional module : DDOS, r10XXX\noptional module : DNS 1K, rSeries\noptional module : DNS Max, rSeries\noptional module : Dynamic Policy Provisioning, r10XXX\noptional module : External Interface and Network HSM\noptional module : FIPS 140-2\noptional module : FIX Low Latency\noptional module : Intrusion Prevention System, r10XXX\noptional module : IP Intelligence, 1Yr\noptional module : IP Intelligence, 3Yr\noptional module : IPS, 1Yr\noptional module : IPS, 3Yr\noptional module : Link Controller\noptional module : LTM to Best Upgrade, r109XX\noptional module : LTM to Better Upgrade, r109XX\noptional module : Policy Enforcement Manager, r10XXX\noptional module : Routing Bundle\noptional module : SM2_SM3_SM4\noptional module : SSL Orchestrator, r10XXX\noptional module : Subscriber Discovery, r10XXX\noptional module : Threat Campaigns, 1Yr\noptional module : Threat Campaigns, 3Yr\noptional module : Traffic Classification, r10XXX\noptional module : URL Filtering, 1Yr\noptional module : URL Filtering, 1Yr, Max\noptional module : URL Filtering, 3Yr\noptional module : URL Filtering, 3Yr, Max\noptional module : VPN Users\n#\n# Accumulated Tokens for Module\n# Max SSL, r10900 perf_SSL_Mbps 1 key XXXXXX-XXXXXX\n#\nperf_SSL_Mbps : 1\n#\n# Accumulated Tokens for Module\n# APM, Limited apm_urlf_limited_sessions 10 key XXXXXX-XXXXXX\n#\n# Accumulated Tokens for Module\n# APM, Limited apml_sessions 10 key XXXXXX-XXXXXX\n#\napm_urlf_limited_sessions : 10\napml_sessions : 10\n#\n# License Tokens for Module Local Traffic Manager, r10900 key XXXXXX-XXXXXX\n#\nthrottle_level : 900\nperf_vcmp_max_guests : UNLIMITED\nperf_PVA_dram_limit : enabled\nperf_CPU_cores : UNLIMITED\nnw_vlan_groups : enabled\nmod_ltm : enabled\nmod_lbl : enabled\nmod_ilx : enabled\nltm_network_virtualization : enabled\nfpga_performance : enabled\n#\n# License Tokens for Module Max SSL, r10900 key XXXXXX-XXXXXX\n#\nperf_SSL_total_TPS : UNLIMITED\nperf_SSL_per_core : enabled\nperf_SSL_cmp : enabled\n#\n# License Tokens for Module Max Compression, r10900 key XXXXXX-XXXXXX\n#\nperf_http_compression_Mbps : UNLIMITED\nperf_http_compression_hw : enabled\n#\n# License Tokens for Module APM, Limited key XXXXXX-XXXXXX\n#\nmod_apml : enabled\n#\n# License Tokens for Module Rate Shaping key XXXXXX-XXXXXX\n#\nltm_bandw_rate_tosque : enabled\nltm_bandw_rate_fairque : enabled\nltm_bandw_rate_classl7 : enabled\nltm_bandw_rate_classl4 : enabled\nltm_bandw_rate_classes : enabled\n#\n# License Tokens for Module APM, Web Application key XXXXXX-XXXXXX\n#\napm_web_applications : enabled\n#\n# License Tokens for Module Remote Desktop key XXXXXX-XXXXXX\n#\napm_remote_desktop : enabled\n#\n# License Tokens for Module Network Access key XXXXXX-XXXXXX\n#\napm_na : enabled\n#\n# License Tokens for Module Secure Virtual Keyboard key XXXXXX-XXXXXX\n#\napm_ep_svk : enabled\n#\n# License Tokens for Module Protected Workspace key XXXXXX-XXXXXX\n#\napm_ep_pws : enabled\n#\n# License Tokens for Module Machine Certificate Checks key XXXXXX-XXXXXX\n#\napm_ep_machinecert : enabled\n#\n# License Tokens for Module Firewall Checks key XXXXXX-XXXXXX\n#\napm_ep_fwcheck : enabled\n#\n# License Tokens for Module Anti-Virus Checks key XXXXXX-XXXXXX\n#\napm_ep_avcheck : enabled\n#\n# License Tokens for Module Base Endpoint Security Checks key XXXXXX-XXXXXX\n#\napm_ep : enabled\n#\n# License Tokens for Module App Tunnel key XXXXXX-XXXXXX\n#\napm_app_tunnel : enabled\n#\n# Debug Msg - Is sol18346625 affected; Usage, \"2021-09-28 00.00.00\", started after requirement date \"2016-04-15 00.00.00\"\n#\n# LC disabled in accordance with https://support.f5.com/kb/en-us/solutions/public/k/18/sol18346625.html\n#\ngtm_lc : disabled\n#\n# Licensing Information \n#\nLicensed date : 20211129\nLicense start : 20210927\nLicense end : 20220121\nService check date : 20211222\n#\n# Platform Information \n#\nRegistration Key : B1249-45920-70635-24344-7350724\nLicensed version : 1.0.0\nPlatform ID : C128\nAppliance SN : f5-xpdn-ngmu\n#\n# Outbound License Dossier Validation\n#\nDossier : 01ac66f1c5a13fad15f3a0eca6528220df12b8e94506a852dae2c13fbbb67556e48f1473b849d7cd396be270e73123218e85871670e84e9485e774a57250f8f7299a876f\n#\n# Outbound License Authorization Signature\n#\nAuthorization : 9f41c2f3f96ed6fc9c8112934fab434ba63bce96f73cd24d61b49fa7c9dc8e5d662e27f837ba734c6c8a3c52577b8b9e1a63aefc46aed07441eff37a52575d7341d701597b2ef59d27230cf1b3d41524978f522f23386bc2ab7c1b34756d9be36d433f34d0339227e8ec5f37af432614141f3c749df1e26d3d069ad9a043c2ebedd4bc6xf81ff155ade7b172714075786a7916f32b06830787c3da3ee1281e1965042df766ac31c5690b802257685b87d1ff980a83a5ac9e14cc7e5b73045b4a7c34fea60e4a8dd3b7c460cca83d3805006afc4a82071b3cc502e3dc7c2c40958046bfc835eb0386017352b90175b1cb37a4e3e1bc51467d08cd360a957998a4\n#\n#-----------------------------------------\n# Copyright 1996-2021, F5 Networks, Inc.\n# All rights reserved. \n#-----------------------------------------\n" + "dossier": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", + "license": "#\nAuth vers : 5b\n#\n#\n# BIG-IP System License Key File\n# DO NOT EDIT THIS FILE!!\n#\n# Install this file as \"/config/bigip.license\".\n#\n# Contact information in file /CONTACTS\n#\n#\n# Warning: Changing the system time while this system is running\n# with a time-limited license may make the system unusable.\n#\nUsage : F5 Internal Product Development\n#\n#\n# Only the specific use referenced above is allowed. Any other uses are prohibited.\n#\nVendor : F5 Networks, Inc.\n#\n# Module List \n#\nactive module : Local Traffic Manager, r10900|XXXXXX-XXXXXX|Rate Shaping|Anti-Virus Checks|Base Endpoint Security Checks|Firewall Checks|Machine Certificate Checks|Network Access|Protected Workspace|Secure Virtual Keyboard|APM, Web Application|App Tunnel|Remote Desktop|APM, Limited|Max SSL, r10900|Max Compression, r10900\noptional module : Access Policy Manager, Base, r109XX\noptional module : Access Policy Manager, Max, r109XX\noptional module : Advanced Firewall Manager, r10XXX\noptional module : Advanced Protocols\noptional module : Advanced Web Application Firewall, r10XXX\noptional module : App Mode (TMSH Only, No Root/Bash)\noptional module : Basic Policy Enforcement Manager, i10XXX\noptional module : BIG-IP, Multicast Routing\noptional module : BIG-IP, Privileged User Access, 100 Endpoints\noptional module : BIG-IP, Privileged User Access, 1000 Endpoints\noptional module : BIG-IP, Privileged User Access, 250 Endpoints\noptional module : BIG-IP, Privileged User Access, 50 Endpoints\noptional module : BIG-IP, Privileged User Access, 500 Endpoints\noptional module : Carrier-Grade NAT, r10XXX\noptional module : DataSafe, r10XXX\noptional module : DDOS, r10XXX\noptional module : DNS 1K, rSeries\noptional module : DNS Max, rSeries\noptional module : Dynamic Policy Provisioning, r10XXX\noptional module : External Interface and Network HSM\noptional module : FIPS 140-2\noptional module : FIX Low Latency\noptional module : Intrusion Prevention System, r10XXX\noptional module : IP Intelligence, 1Yr\noptional module : IP Intelligence, 3Yr\noptional module : IPS, 1Yr\noptional module : IPS, 3Yr\noptional module : Link Controller\noptional module : LTM to Best Upgrade, r109XX\noptional module : LTM to Better Upgrade, r109XX\noptional module : Policy Enforcement Manager, r10XXX\noptional module : Routing Bundle\noptional module : SM2_SM3_SM4\noptional module : SSL Orchestrator, r10XXX\noptional module : Subscriber Discovery, r10XXX\noptional module : Threat Campaigns, 1Yr\noptional module : Threat Campaigns, 3Yr\noptional module : Traffic Classification, r10XXX\noptional module : URL Filtering, 1Yr\noptional module : URL Filtering, 1Yr, Max\noptional module : URL Filtering, 3Yr\noptional module : URL Filtering, 3Yr, Max\noptional module : VPN Users\n#\n# Accumulated Tokens for Module\n# Max SSL, r10900 perf_SSL_Mbps 1 key XXXXXX-XXXXXX\n#\nperf_SSL_Mbps : 1\n#\n# Accumulated Tokens for Module\n# APM, Limited apm_urlf_limited_sessions 10 key XXXXXX-XXXXXX\n#\n# Accumulated Tokens for Module\n# APM, Limited apml_sessions 10 key XXXXXX-XXXXXX\n#\napm_urlf_limited_sessions : 10\napml_sessions : 10\n#\n# License Tokens for Module Local Traffic Manager, r10900 key XXXXXX-XXXXXX\n#\nthrottle_level : 900\nperf_vcmp_max_guests : UNLIMITED\nperf_PVA_dram_limit : enabled\nperf_CPU_cores : UNLIMITED\nnw_vlan_groups : enabled\nmod_ltm : enabled\nmod_lbl : enabled\nmod_ilx : enabled\nltm_network_virtualization : enabled\nfpga_performance : enabled\n#\n# License Tokens for Module Max SSL, r10900 key XXXXXX-XXXXXX\n#\nperf_SSL_total_TPS : UNLIMITED\nperf_SSL_per_core : enabled\nperf_SSL_cmp : enabled\n#\n# License Tokens for Module Max Compression, r10900 key XXXXXX-XXXXXX\n#\nperf_http_compression_Mbps : UNLIMITED\nperf_http_compression_hw : enabled\n#\n# License Tokens for Module APM, Limited key XXXXXX-XXXXXX\n#\nmod_apml : enabled\n#\n# License Tokens for Module Rate Shaping key XXXXXX-XXXXXX\n#\nltm_bandw_rate_tosque : enabled\nltm_bandw_rate_fairque : enabled\nltm_bandw_rate_classl7 : enabled\nltm_bandw_rate_classl4 : enabled\nltm_bandw_rate_classes : enabled\n#\n# License Tokens for Module APM, Web Application key XXXXXX-XXXXXX\n#\napm_web_applications : enabled\n#\n# License Tokens for Module Remote Desktop key XXXXXX-XXXXXX\n#\napm_remote_desktop : enabled\n#\n# License Tokens for Module Network Access key XXXXXX-XXXXXX\n#\napm_na : enabled\n#\n# License Tokens for Module Secure Virtual Keyboard key XXXXXX-XXXXXX\n#\napm_ep_svk : enabled\n#\n# License Tokens for Module Protected Workspace key XXXXXX-XXXXXX\n#\napm_ep_pws : enabled\n#\n# License Tokens for Module Machine Certificate Checks key XXXXXX-XXXXXX\n#\napm_ep_machinecert : enabled\n#\n# License Tokens for Module Firewall Checks key XXXXXX-XXXXXX\n#\napm_ep_fwcheck : enabled\n#\n# License Tokens for Module Anti-Virus Checks key XXXXXX-XXXXXX\n#\napm_ep_avcheck : enabled\n#\n# License Tokens for Module Base Endpoint Security Checks key XXXXXX-XXXXXX\n#\napm_ep : enabled\n#\n# License Tokens for Module App Tunnel key XXXXXX-XXXXXX\n#\napm_app_tunnel : enabled\n#\n# Debug Msg - Is sol18346625 affected; Usage, \"2021-09-28 00.00.00\", started after requirement date \"2016-04-15 00.00.00\"\n#\n# LC disabled in accordance with https://support.f5.com/kb/en-us/solutions/public/k/18/sol18346625.html\n#\ngtm_lc : disabled\n#\n# Licensing Information \n#\nLicensed date : 20211129\nLicense start : 20210927\nLicense end : 20220121\nService check date : 20211222\n#\n# Platform Information \n#\nRegistration Key : B1249-45920-70635-24344-7350724\nLicensed version : 1.0.0\nPlatform ID : C128\nAppliance SN : f5-xpdn-ngmu\n#\n# Outbound License Dossier Validation\n#\nDossier : xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n#\n# Outbound License Authorization Signature\n#\nAuthorization : xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n#\n#-----------------------------------------\n# Copyright 1996-2021, F5 Networks, Inc.\n# All rights reserved. \n#-----------------------------------------\n" }, "state": { - "license": "\nLicensed version 1.0.0\nRegistration Key B1249-45920-70635-24344-7350724\nLicensed date 2021/11/29\nLicense start 2021/09/27\nLicense end 2022/01/21\nService check date 2021/12/22\nPlatform ID C128\nAppliance SN f5-xpdn-ngmu\n\nActive Modules\n Local Traffic Manager, r10900 (XXXXXX-XXXXXX)\n Rate Shaping\n Anti-Virus Checks\n Base Endpoint Security Checks\n Firewall Checks\n Machine Certificate Checks\n Network Access\n Protected Workspace\n Secure Virtual Keyboard\n APM, Web Application\n App Tunnel\n Remote Desktop\n APM, Limited\n Max SSL, r10900\n Max Compression, r10900\n" + "license": "\nLicensed version 1.0.0\nRegistration Key xxxxx-xxxxx-xxxxx-xxxxx-xxxxx\nLicensed date 2021/11/29\nLicense start 2021/09/27\nLicense end 2022/01/21\nService check date 2021/12/22\nPlatform ID C128\nAppliance SN f5-xxxx-xxxx\n\nActive Modules\n Local Traffic Manager, r10900 (XXXXXX-XXXXXX)\n Rate Shaping\n Anti-Virus Checks\n Base Endpoint Security Checks\n Firewall Checks\n Machine Certificate Checks\n Network Access\n Protected Workspace\n Secure Virtual Keyboard\n APM, Web Application\n App Tunnel\n Remote Desktop\n APM, Limited\n Max SSL, r10900\n Max Compression, r10900\n" } } } @@ -1248,12 +1249,12 @@ Below is an example of the CLI prompting for a new password. You'll then be disc .. code-block:: bash - FLD-ML-00054045:~ jmccarron$ ssh -l admin 10.255.0.148 - The authenticity of host '10.255.0.148 (10.255.0.148)' can't be established. - RSA key fingerprint is SHA256:BhkFg220oTVsXfwU0aDM69Tp3KXfn8TOk/ysnCSb61g. + FLD-ML-00054045:~ jmccarron$ ssh -l admin 10.10.10.148 + The authenticity of host '10.10.10.148 (10.10.10.148)' can't be established. + RSA key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxx. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes - Warning: Permanently added '10.255.0.148' (RSA) to the list of known hosts. - admin@10.255.0.148's password: + Warning: Permanently added '10.10.10.148' (RSA) to the list of known hosts. + admin@10.10.10.148's password: You are required to change your password immediately (root enforced) WARNING: Your password has expired. You must change your password now and login again! @@ -1263,7 +1264,7 @@ Below is an example of the CLI prompting for a new password. You'll then be disc New password: Retype new password: passwd: all authentication tokens updated successfully. - Connection to 10.255.0.148 closed. + Connection to 10.10.10.148 closed. Creating a Chassis Partition via the CLI ---------------------------------------- @@ -1324,7 +1325,7 @@ Now these slots are available to be assigned to a new partition. Enter config mo syscon-2-active# config Entering configuration mode terminal - syscon-2-active(config)# partitions partition Production config mgmt-ip ipv4 address 10.255.0.148 prefix-length 24 gateway 10.255.0.1 + syscon-2-active(config)# partitions partition Production config mgmt-ip ipv4 address 10.19.10.148 prefix-length 24 gateway 10.10.10.1 syscon-2-active(config-partition-Production)# commit Commit complete. syscon-2-active(config-partition-Production)# set-version iso-version 1.4.0-3915 proceed @@ -1348,7 +1349,7 @@ Next create a chassis partition for slot3 called **Development**. .. code-block:: bash - syscon-2-active(config)# partitions partition Development config mgmt-ip ipv4 address 10.255.0.141 prefix-length 24 gateway 10.255.0.1 + syscon-2-active(config)# partitions partition Development config mgmt-ip ipv4 address 10.10.10.141 prefix-length 24 gateway 10.10.10.1 syscon-2-active(config-partition-Development)# commit Commit complete. syscon-2-active(config-partition-Development)# set-version iso-version 1.4.0-3915 @@ -1372,16 +1373,16 @@ You can use the command **show running-config partitions** to see how each parti partitions partition Development config enabled config iso-version 1.4.0-3915 - config mgmt-ip ipv4 address 10.255.0.141 + config mgmt-ip ipv4 address 10.10.10.141 config mgmt-ip ipv4 prefix-length 24 - config mgmt-ip ipv4 gateway 10.255.0.1 + config mgmt-ip ipv4 gateway 10.10.10.1 ! partitions partition Production config enabled config iso-version 1.4.0-3915 - config mgmt-ip ipv4 address 10.255.0.148 + config mgmt-ip ipv4 address 10.10.10.148 config mgmt-ip ipv4 prefix-length 24 - config mgmt-ip ipv4 gateway 10.255.0.1 + config mgmt-ip ipv4 gateway 10.10.10.1 ! partitions partition default config disabled @@ -1422,12 +1423,12 @@ Once the partitions are started and operational, you can log into each one and c .. code-block:: bash - FLD-ML-00054045:~ jmccarron$ ssh -l admin 10.255.0.148 - The authenticity of host '10.255.0.148 (10.255.0.148)' can't be established. - RSA key fingerprint is SHA256:BhkFg220oTVsXfwU0aDM69Tp3KXfn8TOk/ysnCSb61g. + FLD-ML-00054045:~ jmccarron$ ssh -l admin 10.10.10.148 + The authenticity of host '10.10.10.148 (10.10.10.148)' can't be established. + RSA key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxx. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes - Warning: Permanently added '10.255.0.148' (RSA) to the list of known hosts. - admin@10.255.0.148's password: + Warning: Permanently added '10.10.10.148' (RSA) to the list of known hosts. + admin@10.10.10.148's password: You are required to change your password immediately (root enforced) WARNING: Your password has expired. You must change your password now and login again! @@ -1437,7 +1438,7 @@ Once the partitions are started and operational, you can log into each one and c New password: Retype new password: passwd: all authentication tokens updated successfully. - Connection to 10.255.0.148 closed. + Connection to 10.10.10.148 closed. Creating a Chassis Partition via the API ---------------------------------------- @@ -1654,7 +1655,7 @@ Next import the desired image into the system controller floating IP address usi { "input": [ { - "remote-host": "10.255.0.142", + "remote-host": "10.10.10.142", "remote-file": "/upload/{{Partition_ISO_Image_Full}}", "local-file": "images/staging/", "insecure": "", @@ -1687,7 +1688,7 @@ You will see a response similar like the output below showing status: { "f5-utils-file-transfer:output": { - "result": "\nS.No.|Operation |Protocol|Local File Path |Remote Host |Remote File Path |Status \n1 |Import file|HTTPS |/var/import/staging/F5OS-C-1.1.0-2391.PARTITION.CANDIDATE.iso|10.255.0.142 |F5OS-C-1.1.0-2391.PARTITION.CANDIDATE.iso |Peer certificate cannot be authenticated with given CA certificates\n" + "result": "\nS.No.|Operation |Protocol|Local File Path |Remote Host |Remote File Path |Status \n1 |Import file|HTTPS |/var/import/staging/F5OS-C-1.1.0-2391.PARTITION.CANDIDATE.iso|10.10.10.142 |F5OS-C-1.1.0-2391.PARTITION.CANDIDATE.iso |Peer certificate cannot be authenticated with given CA certificates\n" } } @@ -1961,9 +1962,9 @@ Once the chassis partitions have been created you can query their status using t "iso-version": "1.4.0-3915", "mgmt-ip": { "ipv4": { - "address": "10.255.0.141", + "address": "10.10.10.141", "prefix-length": 24, - "gateway": "10.255.0.1" + "gateway": "10.10.10.1" } } }, @@ -2003,9 +2004,9 @@ Once the chassis partitions have been created you can query their status using t "iso-version": "1.4.0-3915", "mgmt-ip": { "ipv4": { - "address": "10.255.0.148", + "address": "10.10.10.148", "prefix-length": 24, - "gateway": "10.255.0.1" + "gateway": "10.10.10.1" } } }, diff --git a/docs/velos_deploying_a_tenant.rst b/docs/velos_deploying_a_tenant.rst index 2ff1aec..233a3c4 100644 --- a/docs/velos_deploying_a_tenant.rst +++ b/docs/velos_deploying_a_tenant.rst @@ -80,13 +80,13 @@ Before deploying any tenant, you must ensure you have a proper tenant software r .. code-block:: bash - scp BIGIP-15.1.5-0.0.8.ALL-F5OS.qcow2.zip.bundle admin@10.255.0.132:IMAGES + scp BIGIP-15.1.5-0.0.8.ALL-F5OS.qcow2.zip.bundle admin@10..10.10.132:IMAGES You may also import the tenant image file from the F5OS CLI. Use the **file import** command to get the tenant image file from a remote HTTPS server or from a remote server over SCP or SFTP. Below is an example of importing from a remote HTTPS server. Note the target directory should be **images/tenant**: .. code-block:: bash - Production1# file import remote-host 10.255.0.142 remote-file /upload/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle local-file images/tenant/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle username corpuser insecure + Production1# file import remote-host 10..10.10.142 remote-file /upload/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle local-file images/tenant/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle username corpuser insecure Value for 'password' (): ******** result File transfer is initiated.(images/tenant/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle) @@ -94,7 +94,7 @@ If a remote HTTPS server is not available, you may also import the file from the .. code-block:: bash - Production1# file import remote-host 10.255.0.142 remote-file /var/www/server/1/upload/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle local-file images/tenant/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle username root insecure protocol scp + Production1# file import remote-host 10..10.10.142 remote-file /var/www/server/1/upload/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle local-file images/tenant/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle username root insecure protocol scp Value for 'password' (): ******** result File transfer is initiated.(images/tenant/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle) @@ -103,7 +103,7 @@ The command **file transfer-status** will provide details of the transfer progre .. code-block:: bash - Production1# file import remote-host 10.255.0.142 remote-file /var/www/server/1/upload/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle local-file images/tenant/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle username root insecure protocol scp + Production1# file import remote-host 10..10.10.142 remote-file /var/www/server/1/upload/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle local-file images/tenant/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle username root insecure protocol scp Value for 'password' (): ******** result File transfer is initiated.(images/tenant/BIGIP-15.1.4-0.0.47.ALL-VELOS.qcow2.zip.bundle) @@ -178,9 +178,9 @@ Tenant lifecycle can be fully managed via the CLI using the **tenants** command Production-1(config)# tenants tenant tenant2 Value for 'config image' (): BIGIP-14.1.4-0.0.619.ALL-VELOS.qcow2.zip.bundle - Value for 'config mgmt-ip' (): 10.255.0.205 + Value for 'config mgmt-ip' (): 10..10.10.205 Value for 'config prefix-length' (): 24 - Value for 'config gateway' (): 10.255.0.1 + Value for 'config gateway' (): 10..10.10.1 When you are inside the tenant mode you can enter each configuration item one line at a time using tab completion and question mark for help. @@ -240,9 +240,9 @@ After the tenant is created you can run the command **show running-config tenant config type BIG-IP config image BIGIP-14.1.4-0.0.619.ALL-VELOS.qcow2.zip.bundle config nodes [ 1 2 ] - config mgmt-ip 10.255.0.149 + config mgmt-ip 10..10.10.149 config prefix-length 24 - config gateway 10.255.0.1 + config gateway 10..10.10.1 config vlans [ 444 500 555 ] config cryptos enabled config vcpu-cores-per-node 6 @@ -264,9 +264,9 @@ After the tenant is created you can run the command **show running-config tenant config type BIG-IP config image BIGIP-14.1.4-0.0.619.ALL-VELOS.qcow2.zip.bundle config nodes [ 1 2 ] - config mgmt-ip 10.255.0.149 + config mgmt-ip 10..10.10.149 config prefix-length 24 - config gateway 10.255.0.1 + config gateway 10..10.10.1 config vlans [ 444 500 555 ] config cryptos enabled config vcpu-cores-per-node 6 @@ -283,9 +283,9 @@ To see the actual status of the tenants, issue the CLI command **show tenants** tenants tenant bigtenant state name bigtenant state type BIG-IP - state mgmt-ip 10.255.0.149 + state mgmt-ip 10..10.10.149 state prefix-length 24 - state gateway 10.255.0.1 + state gateway 10..10.10.1 state vlans [ 444 500 555 ] state cryptos enabled state vcpu-cores-per-node 6 @@ -310,9 +310,9 @@ To see the actual status of the tenants, issue the CLI command **show tenants** tenants tenant tenant2 state name tenant2 state type BIG-IP - state mgmt-ip 10.255.0.205 + state mgmt-ip 10..10.10.205 state prefix-length 24 - state gateway 10.255.0.1 + state gateway 10..10.10.1 state vlans [ 444 500 555 ] state cryptos enabled state vcpu-cores-per-node 4 @@ -413,7 +413,7 @@ To copy a tenant image into the chassis partition over the API, use the followin { "input": [ { - "remote-host": "10.255.0.142", + "remote-host": "10..10.10.142", "remote-file": "upload/{{Tenant_Image}}", "local-file": "images/{{Tenant_Image}}", "insecure": "", @@ -572,9 +572,9 @@ Below is an example output from a VELOS system: "nodes": [ 1 ], - "mgmt-ip": "10.255.0.149", + "mgmt-ip": "10..10.10.149", "prefix-length": 24, - "gateway": "10.255.0.1", + "gateway": "10..10.10.1", "vlans": [ 501, 3010, @@ -600,9 +600,9 @@ Below is an example output from a VELOS system: "nodes": [ 1 ], - "mgmt-ip": "10.255.0.149", + "mgmt-ip": "10..10.10.149", "prefix-length": 24, - "gateway": "10.255.0.1", + "gateway": "10..10.10.1", "mac-ndi-set": [ { "ndi": "default", @@ -641,9 +641,9 @@ Below is an example output from a VELOS system: "nodes": [ 1 ], - "mgmt-ip": "10.255.0.205", + "mgmt-ip": "10..10.10.205", "prefix-length": 24, - "gateway": "10.255.0.1", + "gateway": "10..10.10.1", "vlans": [ 502, 3010, @@ -669,9 +669,9 @@ Below is an example output from a VELOS system: "nodes": [ 1 ], - "mgmt-ip": "10.255.0.205", + "mgmt-ip": "10..10.10.205", "prefix-length": 24, - "gateway": "10.255.0.1", + "gateway": "10..10.10.1", "mac-ndi-set": [ { "ndi": "default", @@ -791,9 +791,9 @@ Expanding a tenant on the same blade via the CLI follows the same workflows as t config type BIG-IP config image BIGIP-14.1.4-0.0.654.ALL-VELOS.qcow2.zip.bundle config nodes [ 1 ] - config mgmt-ip 10.255.0.207 + config mgmt-ip 10..10.10.207 config prefix-length 24 - config gateway 10.255.0.1 + config gateway 10..10.10.1 config vlans [ 444 500 555 ] config cryptos enabled config vcpu-cores-per-node 2 @@ -810,9 +810,9 @@ You can also view the tenant running status by issuing the CLI command **show te Production-1# show tenants tenants tenant tenant1 state type BIG-IP - state mgmt-ip 10.255.0.207 + state mgmt-ip 10..10.10.207 state prefix-length 24 - state gateway 10.255.0.1 + state gateway 10..10.10.1 state vlans [ 444 500 555 ] state cryptos enabled state vcpu-cores-per-node 2 @@ -907,9 +907,9 @@ The API output: "nodes": [ 1 ], - "mgmt-ip": "10.255.0.207", + "mgmt-ip": "10..10.10.207", "prefix-length": 24, - "gateway": "10.255.0.1", + "gateway": "10..10.10.1", "vlans": [ 444, 500, @@ -1050,9 +1050,9 @@ The same workflow can be done in the CLI. A tenant that currently exists on a si Production-1# show tenants tenant tenant2 tenants tenant tenant2 state type BIG-IP - state mgmt-ip 10.255.0.208 + state mgmt-ip 10..10.10.208 state prefix-length 24 - state gateway 10.255.0.1 + state gateway 10..10.10.1 state vlans [ 444 500 555 ] state cryptos enabled state vcpu-cores-per-node 6 @@ -1081,9 +1081,9 @@ The same workflow can be done in the CLI. A tenant that currently exists on a si config type BIG-IP config image BIGIP-14.1.4-0.0.654.ALL-VELOS.qcow2.zip.bundle config nodes [ 1 ] - config mgmt-ip 10.255.0.208 + config mgmt-ip 10..10.10.208 config prefix-length 24 - config gateway 10.255.0.1 + config gateway 10..10.10.1 config vlans [ 444 500 555 ] config cryptos enabled config vcpu-cores-per-node 6 @@ -1118,9 +1118,9 @@ You can verify the tenant status using the **show tenants** command. Note that N Production-1# show tenants tenant tenant2 tenants tenant tenant2 state type BIG-IP - state mgmt-ip 10.255.0.208 + state mgmt-ip 10..10.10.208 state prefix-length 24 - state gateway 10.255.0.1 + state gateway 10..10.10.1 state vlans [ 444 500 555 ] state cryptos enabled state vcpu-cores-per-node 6 @@ -1199,9 +1199,9 @@ The response should be similar to the output below, which will show the tenant's "nodes": [ 1 ], - "mgmt-ip": "10.255.0.208", + "mgmt-ip": "10..10.10.208", "prefix-length": 24, - "gateway": "10.255.0.1", + "gateway": "10..10.10.1", "vlans": [ 444, 500, @@ -1239,9 +1239,9 @@ Below is an example output from a VELOS system: "nodes": [ 1 ], - "mgmt-ip": "10.255.0.149", + "mgmt-ip": "10..10.10.149", "prefix-length": 24, - "gateway": "10.255.0.1", + "gateway": "10..10.10.1", "vlans": [ 501, 3010, @@ -1267,9 +1267,9 @@ Below is an example output from a VELOS system: "nodes": [ 1 ], - "mgmt-ip": "10.255.0.149", + "mgmt-ip": "10..10.10.149", "prefix-length": 24, - "gateway": "10.255.0.1", + "gateway": "10..10.10.1", "mac-ndi-set": [ { "ndi": "default", @@ -1308,9 +1308,9 @@ Below is an example output from a VELOS system: "nodes": [ 1 ], - "mgmt-ip": "10.255.0.205", + "mgmt-ip": "10..10.10.205", "prefix-length": 24, - "gateway": "10.255.0.1", + "gateway": "10..10.10.1", "vlans": [ 502, 3010, @@ -1336,9 +1336,9 @@ Below is an example output from a VELOS system: "nodes": [ 1 ], - "mgmt-ip": "10.255.0.205", + "mgmt-ip": "10..10.10.205", "prefix-length": 24, - "gateway": "10.255.0.1", + "gateway": "10..10.10.1", "mac-ndi-set": [ { "ndi": "default", diff --git a/docs/velos_networking.rst b/docs/velos_networking.rst index a24f933..0cbe880 100644 --- a/docs/velos_networking.rst +++ b/docs/velos_networking.rst @@ -158,12 +158,12 @@ Below is an example of BX110 port numbering when all interfaces are unbundled. :align: center -For the BX520 blades interface numbering is different because the BX520 takes up two slots. The slot reference for the blade will always be the first of the two slots which will always be an odd number. If the ports are bundled then ports will be **1/1.0** and **1/2.0** for a blade that occupies slot 1 and slot 2, and **3/1.0** and **3/2.0** for a blade that occupies slots 3 and 4. Below is an example of four BX520 blades within the CX410 chassis and their interface numbering when all ports are bundled. +For the BX520 blades interface numbering is different because the BX520 blade takes up two slots. The slot reference for the blade will always be the first of the two slots where the blade is inserted, which will always be an odd number. If the ports are bundled, then ports will be **1/1.0** and **1/2.0** for a blade that occupies slot 1 and slot 2, and **3/1.0** and **3/2.0** for a blade that occupies slots 3 and 4. Below is an example of four BX520 blades within the CX410 chassis and their interface numbering when all ports are bundled. .. image:: images/velos_networking/bx520-interfaces.png :align: center -Below is an example of BX520 port numbering when all interfaces are unbundled. +Below is an example of BX520 port numbering when all interfaces are unbundled into 4 x 100gb interfaces. .. image:: images/velos_networking/bx520-interfaces-unbundled.png :align: center @@ -171,8 +171,7 @@ Below is an example of BX520 port numbering when all interfaces are unbundled. Supported Optics ================ -Only F5 branded optics are officially supported on VELOS. The BX110 blade supports speeds of 10Gb, 25Gb, 40Gb, and 100Gb depending on the type of optics used, and the port group configuration. VELOS interfaces will accept F5 approved QSFP+ or QSFP28 optics. 3rd party optics are not officially supported per F5’s support policies: - +Only F5 branded optics are officially supported on VELOS per F5's third part hardware components policy. The BX110 blade supports speeds of 40Gb and 100Gb as well as 4 x 10Gb and 4 x 25Gb though the use of breakout cables. You must have the proper optics type inserted (and optional breakout cables) as well as the proper port group configuration for links to be established. The BX520 blades supports speeds are 400Gb or 4 x 100Gb (with proper breakout cable). VELOS interfaces will accept F5 approved QSFP+, QSFP28, or QSFP-DD optics depending on the blade type. 3rd party optics are not officially supported per F5’s support policies: `K8153: F5 support of third-party hardware components `_ @@ -183,7 +182,7 @@ More details on each optic can be found in the F5 Platforms Accessories guide & `K6097: Specifications of the Fiber Gigabit Ethernet SFP, XFP, SFP+, QSFP+, and QSFP28 module ports on BIG-IP system platforms `_ -**40Gb QSFP+ options:** +**BX110 40Gb QSFP+ options:** +------------------------+------------+------------------------------------------------------------------------------+ @@ -194,7 +193,7 @@ More details on each optic can be found in the F5 Platforms Accessories guide & | 40G-PSM4 (QSFP+) | OPT-0045 | TRANSCEIVER, QSFP+, 40GIG-PSM4, 1310NM, 10KM, MPO, SMF, DDM, F5 BRANDED | +------------------------+------------+------------------------------------------------------------------------------+ -**Dual Rate 40Gb/100Gb BiDi QSFP28 (Backward compatible with QSFP+):** +**BX110 Dual Rate 40Gb/100Gb BiDi QSFP28 (Backward compatible with QSFP+):** The transceiver below can be used in QSFP28 or QSFP+ slots, or as 40G QSFP+ in QSFP28 slot. @@ -204,7 +203,7 @@ The transceiver below can be used in QSFP28 or QSFP+ slots, or as 40G QSFP+ in | Dual Rate 40G/100G BIDI (QSFP28 backward compatible with QSFP+) | OPT-0060 | VELOS Field Upgrade Transceiver QSFP28/QSFP+, dual rate 40G/100G SR BIDI, 100M, LC, MMF | +------------------------------------------------------------------+------------+-----------------------------------------------------------------------------------------+ -**100Gb QSFP28 options:** +**BX110 100Gb QSFP28 options:** +------------------------+------------+----------------------------------------------------------------------------------+ | 100GBASE-SR4 (QSFP28) | OPT-0031 | TRANSCEIVER, QSFP28, 100G-SR4, 850NM, MMF, MPO, DDM, BRANDED | @@ -219,7 +218,7 @@ The transceiver below can be used in QSFP28 or QSFP+ slots, or as 40G QSFP+ in **Note: OPT-0039 QSFP28 LR4 used in VIPRION/iSeries are compatible with VELOS, but default optics for 100G LR4 VELOS is OPT-0052 (as shown above)**. -**400Gb QSFP-DD options:** +**BX520 400Gb QSFP-DD options:** The optics below are only supported on the BX520 blade. 400Gb optics are not supported on the BX110 blade. @@ -281,7 +280,7 @@ The QSFP+ and QSFP28 optics when configured for unbundled mode, will break out i | F5-UPGVELSR4XSR10M | VELOS Field Upgrade: QSFP28-QSFP+ Breakout Cable for SR4 ONLY MPO to 4LC (10 Meter 2 Pack) | +---------------------+--------------------------------------------------------------------------------------------+ -Below are the breakout cables for the BX520 QSFP-DD (400Gb) ports to go to 4 x 100Gb. +Below are the breakout cables for the BX520 QSFP-DD (400Gb) ports to go to 4 x 100Gb. The QSFP-DD optics when configured for unbundled mode, will break out into or 4 x 100Gb (with a 400Gb QSFP-DD optic). You will need to utilize a breakout cable to allow the single physical port to break out into 4 lower speed ports. The following breakout cable SKUs can be ordered and utilized for either 4 x 25Gb, or 4 x 10GB depending on the optic installed. Note, they come in different lengths (1 meter, 3 meters, or 10 meters) and each of the SKUs is a 2 Pack. +----------------------+--------------------------------------------------------------------------------------------+ | F5-UPG-VEL-QDD-4X-3M | VELOS Field Upgrade: QSFP-DD Breakout Cable 400G to 4x100G, MPO-12 to 4LC (3 Meter) |