This VNF onboarding lab uses pre-configured applications to demonstrate Cloudify functionality, to provide a rapid way to test drive the Cloudify platform with a typical NFV environment and experience first-hand how to apply automation to your different clouds and VNF services.
The solution package tells the story of an organization with a private Openstack cloud, Fortigate firewall with private and public networks, as well as internet connectivity that requires port forwarding functionality to provide controlled access an internal application (in this case an Apache webserver).
The full lab scenario will result in a deployment that looks like this:
The lab environment enables you to test drive Cloudify at your own pace, with two different modules:
Beginner Scenario ~10 minutes to complete
Intermediate Scenario ~15 minutes to complete
Below you will find a detailed explanation for how to launch the lab, how long each phase takes and documentation for how to use it, and ultimately how you can then leverage the lab environment to demo Cloudify functionality in the remaining time (approximately 1.5 hours).
VNF onboarding and management has proven to be quite a challenge in dynamic environments like the cloud.
This lab scenario will enable you to create a preconfigured stack with all of the blueprints and plugins to first deploy a VNF to OpenStack and see it running with all of its networking configurations, next uninstall the VNF, and then create a deployment with multiple networks, port forwarding, and update the deployment configurations during runtime.
The example can also be done in parts to incrementally learn how to work with Cloudify, and is divided into two separate parts for beginner and intermediate users.
The story in this lab covers these Cloudify features:
Multiple management networks
VNF onboarding & configuration
- Service chaining (Coming Soon)
Lab Creation (~10 Minutes)
Click the link “Launch Lab” button on the VNF Management page.
Fill out the form, click the link “Create Lab & Get Unique URL”.
Go to your email and open the email, “Your Cloudify Lab Environment Has Been Created”.
Click the URL linked after “Your lab is available at the following URL:…”.
Scroll down and click on the “press start” button
This will initialize the lab launching process. You will need to wait several minutes for the lab to finish deploying. The progress meter should read 100% for you to be able to begin.
When the lab is finally ready, you can get started with the beginner scenario by clicking on the Cloudify Manager Link IP you will find under “LAB OUTPUTS” in left menu bar.
- This lab requires VPN connectivity to complete some of the scenarios. You can find the VPN Configuration Guide here for Windows, Mac, and Linux.
- Once you click on the URL you received by email, do not close the Cloudify Lab launch page browser window, as you will need some of the inputs provided on this page to continue.
Once this is completed you will have the following available in your environment:
A preconfigured running OpenStack private cloud
A running Cloudify manager with preconfigured blueprints and plugins required to launch the entire advanced scenario
Beginner Scenario (~10 Minutes):
In the left menu navigate to Deployments.
Find the “sample-openstack-vnf-infra” blueprint and click on it.
Here you can view the deployment details and inputs, where there currently are no inputs under image_url or vnf_name.
- You can now navigate to your OpenStack dashboard. You can find the OpenStack Dashboard Credentials on the “LAB OUTPUTS” section in the left bar under Lab OpenStack IaaS.
- In the OpenStack dashboard, you will be able to see that there are currently no VNF deployments running. You will be able to see the private and public networks preconfigured by the Cloudify Lab.
- Navigate back to the Deployments page in the Cloudify Console, and find the “sample-openstack-vnf-infra” blueprint again.
On the right side of the screen you will see a small hamburger menu associated with this deployment. Click on it and select Install from the menu. This will install the VNF service on OpenStack. Installation should take about 4 – 5 minutes.
- You can now navigate back to the OpenStack dashboard and view your running instance.
- If you navigate back to the Deployments menu in the Cloudify Console, and select the sample-openstack-vnf-infra, scroll down to Deployment Outputs
- Copy the vnf_mgmt_public_ip and paste it into a new browser window.
- Important Notes:
- You will need a running VPN connection to login to the management dashboard – see this guide to get one up and running.
- You may receive a safety error from Google. This is because the IPs are randomly assigned, and would require self-signed auto-generated certificates installed. You can continue safely by clicking on Advanced and continue to the IP address listed.
- You can login to the management dashboard by entering the credentials: admin with no password (i.e. keep the password field empty).
You now have an OpenStack private cloud running a public and private network, and Fortigate VNF running with a baseline configuration.
What you can do next:
- Play around with configuring your VNF.
Test drive Cloudify auto-scale, auto-heal features, resource isolation and more.
Try to upload your own blueprint to the Cloudify manager and see it running.
- Navigate to Deployments and click on the sample-openstack-vnf-infra deployment.
- At the top you will find a menu button called Execute workflow, select the Uninstall workflow and then in the dialog box that will open click on the Execute button. Please note that this step is REQUIRED
Your VNF deployment will uninstall and you will be ready to continue to the next lab scenario.
Intermediate Scenario ~ 10 Minutes
This exercise will instantiate and configure the VNF so it’s ready to use. Please note: if you started with the “Beginner Scenario” you must make sure that the sample-openstack-vnf-infra deployment has been uninstalled in order to proceed to the intermediate scenario.
In the left menu navigate to Deployments.
Find the “fortigate-vnf” blueprint and click on it.
Again you can take a look at the deployment details and inputs, such as image_url or vnf_name, as well as inspect the blueprint hostname and VNF interface.
In the OpenStack dashboard you will again be able to see that there are currently no VNF deployments running.
- Navigate back to the Deployments page in the Cloudify Console, and click on the small hamburger menu on the right side of the fortigate-vnf deployment. Click on it and select Install from the menu. This will install the Fortigate VNF service on OpenStack. Installation should take about 4 – 5 minutes. Please note that Fortigate VNF installation can take many retries due to license validation.
This will launch the Fortigate VNF on OpenStack.
- Navigate to the fortigate_openstack-vnf-infra deployment, click on it and scroll down to the Deployment Outputs, where you will find the management public IP to login to the Fortinet UI.
- Login to the Fortigate UI, again with the username: admin, with no password, to see the network interfaces configuration and application hostname running.
Now we’re ready to configure port forwarding on the VNF.
This exercise will configure the port forwarding service on the VNF. The port forwarding service will expose the “private-webserver” on the public interface of the VNF on port 8888.
- Navigate to the “private-webserver” deployment, click on it, and scroll down to the Deployment Outputs.
- Find the service_ip and service port
- Run the Install workflow for the fortigate-portforward deployment.
- Navigate to the fortigate-openstack-infra deployment, click on it and scroll down to the Deployment Outputs, where you will find the management public IP to login to the Fortinet UI (in this deployment it’s called vnf_mgmt_public_ip).
- Login to the Fortigate UI, again with the username: admin, with no password, to see the IPv4 Policy configuration, and the virtual IP configuration.
- You can test the service to see it running live, by navigating to the Deployment Outputs under the fortigate_portforward deployment and find the test webpage’s port and public IP.
- Copy and paste the IP with a colon and the port number, and you will see the webpage served by the webserver.
You can now experience Cloudify’s day-2 operations by updating your deployment with a new service configuration. To do so:
Run the portforward_update workflow under the fortigate_portforward deployment.
- While it is updating you can view the page logs section to see the configurations being passed to the VNF.
- Once completed, you can navigate to the fortigate_portforward Deployment Outputs to see the new service_port.
- You can now once again paste the VNF Management Public IP (under fortigate-openstack-infra Deployment Outputs) in a new tab in your browser and and view the IP configuration change in your dashboard.
- Navigate to Deployments and click on the fortigate_portforward deployment.
- At the top you will find a menu button called Execute workflow, select the Uninstall workflow and then in the dialog box that will open click on the Execute button.
Your service will uninstall and you will be able to find the service unreachable by trying to reload the webpage. You can also see that on the Fortigate UI the entry is removed, and no longer accessible.
Feel free to reach out to our user group if you have any questions or need help getting started, and we’d be happy to hear feedback about your experience with running this lab.