F5 Lab: Difference between revisions
m (Protected "F5 Lab": Excessive vandalism ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite) [Delete=Allow only administrators] (indefinite))) |
|||
(No difference)
|
Revision as of 21:56, 11 October 2023
F5 Complete Lab Setup
Topology
[Client]---------------------------[F5]-------------------------[Server] 192.168.50.41 192.168.50.19(Self)|192.168.40.15(Self) 192.168.40.152 192.168.50.100(VS) | | 192.168.122.185(Mgmt) | [Host VM] 10.157.137.138
KVM Installation
Network Configuration
- Configure br0 for Management access:
vim virbr0.xml
<network>
<name>virbr0</name>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr0' stp='on' delay='0'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.50' end='192.168.122.200'/>
</dhcp>
</ip>
</network>
Apply the config:
sudo virsh net-define virbr0.xml sudo virsh net-start virbr0 sudo virsh net-autostart virbr0
Verify:
sudo virsh net-list --all ip addr show dev virbr0
- Configure br1 for Backend Server access:
vim virbr1.xml
<network>
<name>virbr1</name>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr1' stp='on' delay='0'/>
<ip address='192.168.40.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.40.50' end='192.168.40.200'/>
</dhcp>
</ip>
</network>
Apply the config:
sudo virsh net-define virbr1.xml sudo virsh net-start virbr1 sudo virsh net-autostart virbr1
Verify:
sudo virsh net-list --all ip addr show dev virbr1
- Configure br2 for Client access:
vim virbr2.xml
<network>
<name>virbr2</name>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr2' stp='on' delay='0'/>
<ip address='192.168.50.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.50.50' end='192.168.50.200'/>
</dhcp>
</ip>
</network>
Apply the config:
sudo virsh net-define virbr2.xml sudo virsh net-start virbr2 sudo virsh net-autostart virbr2
Verify:
sudo virsh net-list --all ip addr show dev virbr2
Install F5 VM
sudo virt-install \
--name=bigip \
--description="BIG-IP Local Traffic Manager (LTM) Virtual Edition (VE)" \
--disk path=/var/lib/libvirt/images/BIGIP-16.1.3-0.0.12.qcow2,bus=virtio,format=qcow2 \
--disk path=/var/lib/libvirt/images/BIGIP-16.1.3-0.0.12.DATASTOR.ALL.qcow2,size=8,bus=virtio,format=qcow2 \
--network=bridge=virbr0,model=virtio \
--network=bridge=virbr1,model=virtio \
--network=bridge=virbr2,model=virtio \
--graphics vnc,password=admin123,listen=0.0.0.0,port=5902 \
--console pty,target_type=serial \
--vcpus=2 --cpu host --ram=8096 \
--os-type=linux --os-variant=rhel6 \
--import --autostart --noautoconsole
- Perform Natting in IPTables for Management Access:
sudo iptables -t nat -I PREROUTING -p tcp -d 10.157.137.138 --dport 8443 -j DNAT --to-destination 192.168.122.185:443 sudo iptables -I FORWARD -m state -d 192.168.122.0/24 --state NEW,RELATED,ESTABLISHED -j ACCEPT
Install Backend Server VM
sudo virt-install \
--name=server \
--description="CentOS WebServer" \
--disk path=/var/lib/libvirt/images/CentOS-7-x86_64-GenericCloud.server.qcow2,bus=virtio,format=qcow2 \
--network=bridge=virbr1,model=virtio \
--graphics none \
--console pty,target_type=serial \
--vcpus=1 --cpu host --ram=2048 \
--os-type=linux \
--os-variant=rhel6 \
--import --autostart --noautoconsole
Install Client VM
sudo virt-install \
--name=client \
--description="CentOS WebServer" \
--disk path=/var/lib/libvirt/images/CentOS-7-x86_64-GenericCloud.client.qcow2,bus=virtio,format=qcow2 \
--network=bridge=virbr2,model=virtio \
--graphics none \
--console pty,target_type=serial \
--vcpus=1 --cpu host --ram=2048 \
--os-type=linux \
--os-variant=rhel6 \
--import --autostart --noautoconsole
- References
{{#widget:DISQUS
|id=networkm
|uniqid=F5 Lab
|url=https://aman.awiki.org/wiki/F5_Lab
}}