Create a Custom NFV Appliance for a VNET

Download PDF

A virtual network (VNET) in Cloudistics enables application instances to migrate seamlessly among compute nodes without changing networking configurations.

When you create a VNET, the Cloudistics Ignite management console manages all DHCP, Routing, and DNS services via an auto-deployed application instance called the network function virtualization (NFV) instance. There is one NFV instance per VNET. This NFV instance acts like any application instance in your cloud infrastructure. It resides in a virtual datacenter and consumes migration zone and storage pool resources, and it uses the gateway IP address for your VNET.

When requirements demand different functionality than the auto-deployed NFV appliance provides, it is possible to create a custom appliance. At a minimum the custom NFV must be able to route traffic from the VNET (Inside) to the Outside VLAN or VNET to which the NFV is connected. 

Before You Begin

This technical brief provides a walk through of an example of a custom NFV appliance that provides routing using a general Linux appliance. This example is a single, simple solution to illustrate the process; more advanced features could be created as needed.

Example Topology

Details for this example include:

  • VNET Name: VNET-01
  • VNET Subnet: 100.127.4.0/24
  • VNET Gateway (NFV Inside): 100.127.4.254
  • NFV Outside Interface: DHCP in Default (4091). (This is the hypervisor network for the example.) 

Prerequisites

Prerequisites for completing the steps described below include:

  • General familiarity with managing Cloudistics
  • Familiarity with Linux CLI
  • Login access to the Interconnect(s)
  • Environment prerequisites:
    • Southbound route that already exists on the customer network for the VNET subnet
    • A virtual datacenter already created and provisioned for use
    • Centos 7.4 (64-bit) template that has already been downloaded from the Cloudistics Marketplace
    • A working application that can be assigned to the VNET with a static IP for testing

c06b83c3e79c4ecefc91b127a04664cf

Example network settings for NFV appliance

Example Process

To illustrate the example process for creating a custom NFV appliance that provides routing via a general Linux appliance, the following sections outline the steps for creating a VNET and creating a Linux application instance from a template that will act as the NFV.

Create a VNET

You need to complete the following steps to create a VNET before configuring a custom NFV instance.

  1. In the left navigation menu of the Cloudistics Ignite management portal, click Networks.
  2. On the Networks page, click New VNET. The New VNET page opens, as shown below.
  3. 7ef95528945f14d3348a6deca7ac08e6

    New VNET page

  4. Enter the following values, as shown in the preceding figure.
    • VNET Name – VNET-01
    • Network Address – 100.127.4.0
    • Netmask – 255.255.255.0
    • Default Gateway – 100.127.4.254
  5. For Network Services, select Manual.
  6. Click Create VNET.
  7. On the Networks page, click the newly created VNET, VNET-01.
  8. Click the Assigned Virtual Datacenters tab.
  9. Click Assign Virtual Datacenters. The Assign Virtual Datacenters dialog box opens.
  10. Assign Virtual Datacenters

  11. Select a virtual datacenter and click Assign. ("Test" is used for this example.) 

Deploy the Linux Application Instance

Follow these steps to create an application instance from a template that will be used as the NFV.

  1. In the left navigation menu of the Cloudistics Ignite management portal, click Organization Templates.
  2. Select the "Centos 7.4 (64-bit)" template, and click New Instance.
  3. Enter a name for the new application instance as "VNET-01-NFV".
  4. Select the virtual datacenter where the application instance will run. The virtual datacenter selection determines the migration zone and storage pool resources available for the application instance. This should be the same virtual datacenter as assigned to the "VNET-01" created earlier.
  5. Configure the network as follows:
    1. Assign the VNIC to the Hypervisor VLAN.
    2. Add the second vNIC by clicking Add vNIC.
    3. Assign vNIC 1 to VNET-01.
  6. Modify Network Settings

  7. Select the storage pool for this application instance.
  8. Select the migration zone for this application instance.
  9. Click Create Instance.

    Once the instance starts you will be taken back to the Application Instances page.

  10. In the list of instances, click the application just created, VNET-01-NFV.
  11. Click the Profile tab, and, on the menu next to each vNIC, click Edit Name as shown in the following figure.
    1. Rename vNIC 0 → outside.
    2. Rename vNIC 1 → inside.

    f7ab579d9fe7fe56498d639b5898b386

    Edit name

  12. Record the MAC addresses for both for later use, as well as the IP address that was allocated to the outside interface.

5b7925ac4a9691ff3f5298e196f17228

IP Address and MAC Addresses

Configure the NFV Appliance

Follow these steps to configure the NFV appliance.

  1. On the Actions menu for the application instance, click Connect to console. This will open the VNC console for the new appliance.
  2. Log in with the following credentials.
    • User: root
    • Password: cloudistics
  3. Set the base config as follows:
  4. #Set Hostname
    hostnamectl set-hostname VNET-01-NFV
    #Disable unused network services
    systemctl stop firewalld
    systemctl disable firewalld
    systemctl stop NetworkManager
    systemctl disable NetworkManager
    # Enable IP forwarding
    echo net.ipv4.ip_forward = 1 >> /etc/sysctl.conf
    sysctl -p /etc/sysctl.conf
    #Remove default network interface
    rm -r /etc/sysconfig/network-scripts/ifcfg-eth0
  5. Configure the Outside Interface as follows:
  6. vi /etc/sysconfig/network-scripts/ifcfg-outside
    TYPE="Ethernet"
    BOOTPROTO="dhcp"
    ONBOOT="yes"
    HWADDR="b4:d1:35:00:23:57"
    DEVICE="outside"
    NAME="outside"
    USERCTL="no"
  7. Configure the Inside Interface as follows.
  8. vi /etc/sysconfig/network-scripts/ifcfg-inside
    TYPE="Ethernet"
    BOOTPROTO="none"
    ONBOOT="yes"
    HWADDR="b4:d1:35:00:23:58"
    DEVICE="inside"
    NAME="inside"
    USERCTL="no"
    IPADDR="100.127.4.254"
    NETMASK="255.255.255.0"
  9. Reboot by entering the following command: shutdown -r now

Link NFV Appliance to the VNET

Follow these steps to link the NFV appliance to the VNET.

  1. In the left navigation menu of the Cloudistics Ignite management portal, click Networks.
  2. Click the VNET, VNET-01.
  3. Click Link NFV Instance. The Link NFV Instance dialog box opens.
  4. Link NFV Instance

  5. Select the appropriate virtual datacenter.
  6. Select VNET-01-NFV as the NFV instance, and click Save.

Create Routes for the VNET

For the Interconnect to route the newly created subnet for the VNET, the route on the Interconnect must be created. 

NOTE
If you have a Dual-Interconnect configuration, the command needs to be run on both Interconnects. 
  1. SSH to the Interconnect(s).
  1. Run the following command:
  2. sudo /usr/share/cloudistics/export_bgp_route.sh add 100.127.4.0 24 100.65.0.29
    Command: export_bgp_route.sh {add|del} {VNET Network} {VNET CIDR} {Outside NFV IP}
    [email protected]:~$ sudo /usr/share/cloudistics/export_bgp_route.sh add 100.127.4.0 24 100.65.0.29
    Synchronizing configuration...OK.
    Pica8 PicOS Version 2.11.5.cloudistics.1
    Welcome to PicOS on Interconnect-Primary
    [email protected]>Execute command: configure.
    Entering configuration mode.
    There are no other users in configuration mode.
    Execute command: set protocols static route 100.127.4.0/24 next-hop 100.65.0.29.
    Execute command: commit
    .
    Commit OK.
    Save done.
    Synchronizing configuration...OK.
    Pica8 PicOS Version 2.11.5.cloudistics.1
    Execute command: configure.
    Entering configuration mode.
    There are no other users in configuration mode.
    Execute command: set protocols bgp network4 100.127.4.0/24.
    Execute command: commit
    .
    Commit OK.
    Save done.
  3. Exit.

Validate

At this point you should have a fully working VNET with a custom NFV appliance providing routing. 

Verification from application assigned to VNET-01:

#Guest has static IP in VNET subnet
[[email protected] ~]# ip addr show dev eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
   link/ether b4:d1:35:00:23:4e brd ff:ff:ff:ff:ff:ff
    inet 100.127.4.1/24 brd 100.127.4.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::b6d1:35ff:fe00:234e/64 scope link
       valid_lft forever preferred_lft forever
#Default route is pointed at Inside interface of NFV
[[email protected] ~]# ip route
default via 100.127.4.254 dev eth0
100.127.4.0/24 dev eth0 proto kernel scope link src 100.127.4.1
169.254.0.0/16 dev eth0 scope link metric 1002
#NFV is routing traffic for guest traffic
[[email protected] ~]# ping www.google.com
PING www.google.com (172.217.10.100) 56(84) bytes of data.
64 bytes from lga34s15-in-f4.1e100.net (172.217.10.100): icmp_seq=1 ttl=53 time=12.6 ms
64 bytes from lga34s15-in-f4.1e100.net (172.217.10.100): icmp_seq=2 ttl=53 time=9.49 ms
--- www.google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 9.498/11.090/12.683/1.595 ms

Previous

Next

Still need help?

Submit a request