===========================================
A10 Networks LBaaS Driver for Thunder, vThunder and AX Series Appliances
Supported releases:
- OpenStack: Liberty through current release.
- LBaaS versions: v2
- ACOS versions: ACOS 2/AxAPI 2.1 (ACOS 2.7.2+), ACOS 4/AxAPI 3.0 (ACOS 4.0.1-GA +)
Working but not available for support:
- OpenStack: git/master
Unsupported, but may work with minor tweaking:
- OpenStack: v1 on any release, v2 Havana through Kilo
- a10-neutron-lbaas - Main A10 LBaaS driver repo. Middleware sitting between the openstack driver and our API client, mapping openstack constructs to A10's AxAPI.
- acos-client - AxAPI client used by A10's OpenStack driver
- a10-openstack-lbaas - OpenStack LBaaS driver, identical to the files that are currently merged into neutron-lbaas. Pypi package 'a10-openstack-lbaas'.
- a10-openstack-lbaas, havana branch - OpenStack LBaaS driver, for the Havana release. Pypi package 'a10-openstack-lbaas-havana'.
- a10networks-ci/project-config - A10 Networks OpenStack third-party CI setup scripts
Make sure you have neutron installed, and neutron-lbaas if applicable. This driver will need to be installed on all of your neutron controller nodes (anywhere that neutron-server is running.)
The latest supported version of a10-neutron-lbaas is available via standard pypi repositories and the current development version is available on github.
sudo pip install a10-neutron-lbaas
Download the driver from: https://github.com/a10networks/a10-neutron-lbaas
sudo pip install git+https://github.com/a10networks/a10-neutron-lbaas.git
git clone https://github.com/a10networks/a10-neutron-lbaas.git
cd a10-neutron-lbaas
sudo pip install -e .
Post-installation configuration requires modification of your neutron.conf or neutron_lbaas.conf (neutron_lbaas.conf is only present in LBaaSv2) typically located in /etc/neutron
.
Open /etc/neutron/neutron.conf
in your preferred text editor.
Under the service_plugins
setting, ensure lbaas
or lbaasv2
is listed depending on your configuration.
In the list of service_provider
settings, add a service provider for A10
Networks:
service_provider = LOADBALANCER:A10Networks:neutron_lbaas.services.loadbalancer.drivers.a10networks.driver_v1.ThunderDriver:default
Save and close neutron.conf
Open /etc/neutron/neutron.conf
in your preferred text editor.
Under the service_plugins
setting, ensure lbaasv2
is listed.
Save and close neutron.conf.
Open /etc/neutron/neutron_lbaas.conf
in your preferred text editor.
In the list of service_provider
settings, add a service provider for A10
Networks:
service_provider = LOADBALANCERV2:A10Networks:neutron_lbaas.drivers.a10networks.driver_v2.ThunderDriver:default
Open /etc/neutron/neutron.conf
in your preferred text editor.
Under the service_plugins
setting, ensure a10_neutron_lbaas.neutron_ext.services.a10_device_instance.plugin.A10DeviceInstancePlugin
is listed. The service_plugins
are separated by ,
s.
Under the api_extensions_path
setting, ensure the path to a10_neutron_lbaas.neutron_ext.extensions
is listed. The api_extensions_path
s are separated by :
s. You can find the path of the installed extension by running python -c "import os; import a10_neutron_lbaas.neutron_ext.extensions as m; print(os.path.dirname(os.path.abspath(m.__file__)))"
.
After installation, you will need to provide configuration for the driver so the driver is aware of the appliances you have configured. The configuration is a python file stored in /etc/a10/config.py
. Below is a sample to show options and formatting, though any legal python can be used to calculate values or define classes:
devices = {
"ax1": {
"name": "ax1",
"host": "10.10.100.20",
"port": 443,
"username": "admin",
"password": "a10",
"autosnat": True,
"api_version": "3.0",
}
}
A10's LBaaS driver supports a default scheduling strategy of "one appliance per tenant". Below is a sample configuration (stored in /etc/a10/config.py
):
vthunder = {
'username': 'admin',
'password': 'a10',
'api_version': '3.0',
'nova_flavor': 'acos.min',
'glance_image': 'c2722746-0c06-48b1-93c3-a9dbc2f6e628',
'vthunder_tenant_name': 'admina',
'vthunder_tenant_username': 'admina',
'vthunder_tenant_password': 'password',
'vthunder_management_network': 'private',
'vthunder_data_networks': ['vipnet', 'membernet']
}
The administrator username on your vThunder appliance image.
The administrator password on your vThunder appliance image.
The AXAPI version utilized to access vThunder appliances. This is dependent on your vThunder appliance image version:
- 2.7.x -
"2.1"
- 4.x.x -
"3.0"
The name of the nova flavor used to construct vThunder device instances. The minimum requirements are dependent on your vThunder appliance image version:
- CPU: 1 VCPU
- RAM: 2GB
- Storage: 12GB
- CPU: 1 VCPU
- RAM: 4GB
- Storage: 12GB
The Glance or Nova image ID of your vThunder appliance image. This can be obtained through Horizon or the Openstack CLI.
The name of the service tenant where vThunder appliance instances will be created.
The Openstack user login name which has access to the above-named service tenant.
The Openstack password of the above-mentioned login.
The Openstack network name or ID that the vThunder management interface will be connected to.
A list of Openstack network names or IDs that the vThunder data interfaces will be connected to. A minimum of one is required.
For complete documentation of the a10 config.py file, please refer to the sample config file.
The ip address or host name of the A10 appliance. For a virtual chassis configuration, this should be the floating host or ip address of the master.
Port that the AXAPI is exposed on
Authentication credentials to control the A10 appliance via the AXAPI.
Version of the A10 appliance's AXAPI. "2.1"
for 2.X series ACOS versions,
"3.0"
for 4.X versions.
The A10 vThunder virtual load balancing appliance has a flexible system for licensing. Below is a sample configuration for license management (stored in /etc/a10/config.py
):
license_manager = {
"hosts": [
{"ip": "pdx.a10cloud.com", "port": 443},
{"ip": "sfo.a10cloud.com", "port": 443},
{"ip": "iad.a10cloud.com", "port": 443}
],
"serial": "SN0123456789ABCDEF",
"instance-name": "SCALING_INSTANCE",
"bandwidth-base": 100,
"interval": 3,
"use-mgmt-port": True
}
A list of host entries specifying the IP address or hostname and TCP port of licensing servers.
The serial number used for your vThunder appliances
The instance name attached to the license.
The feature's bandwidth base measured in megabytes.
The feature's bandwidth allowance interval.
- 1 - Monthly
- 2 - Daily
- 3 - Hourly
The appliance will use the management port for communicating with the licensing server if set to True. By default, the appliance will use the use the first available interface for license server operations.
More details about A10 Licensing can be found at TODO(Add licensing info url)
.
If 'use_database' is enabled, after installing the package and after any upgrades, run:
a10-manage upgrade
Restart neutron after configuration updates (exact command may vary depending on OpenStack packaging.)
service neutron-server restart
You must configure the network elements of the Thunder appliance for OpenStack.
Login to the OpenStack dashboard.
Under the “Network” menu, go to the “Load Balancers” tab and select “Add Pool”:
Once you have added a pool, a success message should appear.
Login to the GUI on your Thunder or AX device, and validate which configuration was applied if the ADPs are set. The ADP name is the first 13 characters of the tenant ID.
Repeat this for all configuration steps, then delete all resources if ADPs are configured. They should be deleted when the tenant has no more resources configured.
See name-based config example for details.
See CHANGELOG for changes made. NOTE: We didn't have a changelog until 1.6.5
Feel free to fork, submit pull requests, or join us on freenode IRC, channel #a10-openstack. Serious support escalations and formal feature requests must still go through standard A10 processes.
- Fork it
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create new Pull Request