Add to collection(s) Add to saved
  1. No category
Uploaded by Renz Quiaoit

A10 Bare Metal

advertisement 
A10 Thunder Bare Metal - Installation Guide
11 October 2019
© 2019 A10 NETWORKS, INC. CONFIDENTIAL AND PROPRIETARY- ALL RIGHTS RESERVED
Information in this document is subject to change without notice.
PATENT PROTECTION
A10 Networks products are protected by patents in the U.S. and elsewhere. The following website is provided to satisfy the virtual patent marking provisions of various jurisdictions including the virtual patent marking provisions of the America Invents Act. A10 Networks' products, including all Thunder Series products, are protected by one or more of U.S. patents and patents pending listed at:
https://www.a10networks.com/company/legal-notices/a10-virtual-patent-marking
TRADEMARKS
A10 Networks trademarks are listed at:
https://www.a10networks.com/company/legal-notices/a10-trademarks
CONFIDENTIALITY
This document contains confidential materials proprietary to A10 Networks, Inc. This document and information and ideas herein may
not be disclosed, copied, reproduced or distributed to anyone outside A10 Networks, Inc. without prior written consent of A10 Networks, Inc.
A10 NETWORKS INC. SOFTWARE LICENSE AND END USER AGREEMENT
Software for all A10 Networks products contains trade secrets of A10 Networks and its subsidiaries and Customer agrees to treat Software as confidential information.
Anyone who uses the Software does so only in compliance with the terms of the End User License Agreement (EULA), provided later in
this document or available separately. Customer shall not:
1. Reverse engineer, reverse compile, reverse de-assemble or otherwise translate the Software by any
means
2. Sublicense, rent or lease the Software.
DISCLAIMER
This document does not create any express or implied warranty about A10 Networks or about its products or services, including but not
limited to fitness for a particular use and non-infringement. A10 Networks has made reasonable efforts to verify that the information
contained herein is accurate, but A10 Networks assumes no responsibility for its use. All information is provided "as-is." The product
specifications and features described in this publication are based on the latest information available; however, specifications are subject to change without notice, and certain features may not be available upon initial product release. Contact A10 Networks for current
information regarding its products or services. A10 Networks’ products and services are subject to A10 Networks’ standard terms and
conditions.
ENVIRONMENTAL CONSIDERATIONS
Some electronic components may possibly contain dangerous substances. For information on specific component types, please contact the manufacturer of that component. Always consult local authorities for regulations regarding proper disposal of electronic components in your area.
FURTHER INFORMATION
For additional information about A10 products, terms and conditions of delivery, and pricing, contact your nearest A10 Networks location, which can be found by visiting www.a10networks.com.
Table of Contents
Overview of Thunder Bare Metal ...........................................................................................5
System Requirements ............................................................................................................7
Thunder Bare Metal Supported Ethernet Chipsets
and Drivers ..............................................................................................................................8
Thunder Bare Metal Supports Nitrox V Security Processor .................................................................9
Thunder Bare Metal Supports for Mellanox NICs ..................................................................................9
Prerequisite for Installing Mellanox NICs on Bare Metal box: .......................................................9
Essential Setup Information ................................................................................................11
Prerequisites.........................................................................................................................11
Licensing...............................................................................................................................12
Documentation Updates ......................................................................................................13
Manually Installing ACOS on Thunder Bare Metal .............................................................15
Step 1. Boot the System into BIOS Mode ............................................................................................. 15
Step 2. Reboot from your Installable Media Device ............................................................................ 15
Step 3. Set the Management Port .......................................................................................................... 16
Step 4. Complete the Installation ........................................................................................................... 19
Step 5. Reboot into ACOS ........................................................................................................................ 19
Step 6. Inserting the License-USB Key (Optional) ............................................................................... 19
Auto-Installing ACOS on Thunder Bare Metal.....................................................................21
Overview of Auto-Installation .................................................................................................................. 21
PXE-based Auto-installation .................................................................................................................... 21
PXE Environment ................................................................................................................................ 22
Considerations for Auto-Installation ...................................................................................................... 25
Overview of Port and Core Management ............................................................................27
Port Management Commands.............................................................................................27
Config Commands: Global ....................................................................................................................... 27
system mgmt-port ....................................................................................................................... 28
system add-port ........................................................................................................................... 28
system modify-port ..................................................................................................................... 28
system del-port ............................................................................................................................. 29
Show Commands ...................................................................................................................................... 29
show system port-list .................................................................................................................. 29
show system inuse-port-list ....................................................................................................... 31
show system port-info ................................................................................................................ 31
show environment ....................................................................................................................... 31
CPU Core Management Commands....................................................................................33
Config Commands: Global ....................................................................................................................... 33
system io-cpu max-cores ........................................................................................................... 33
page 3
ACOS 4.1.4-P2 Configuring VRRP-A High Availability for A10 Thunder Series
Contents
system cpu-hyper-thread ........................................................................................................... 34
system add-cpu-core ................................................................................................................... 34
system delete-cpu-core .............................................................................................................. 34
Show Commands ...................................................................................................................................... 35
show system cpu-list .................................................................................................................. 35
show system inuse-cpu-list ....................................................................................................... 35
Considerations for Port and Core Management .................................................................36
page 4
A10 Thunder Bare Metal - Installation Guide
Feedback
Thunder Bare Metal
This chapter covers the following topics:
• Overview of Thunder Bare Metal
• System Requirements
• Essential Setup Information
• Prerequisites
• Licensing
• Documentation Updates
Overview of Thunder Bare Metal
This guide describes how to install the Thunder Bare Metal software on qualified third-party servers.
Thunder Bare Metal is a fully operational, software-only version of the ACOS Application Delivery Controller (ADC) or IPv6 migration device (CGN).
The term “bare metal” refers to a computer system with the virtual machine (VM) installed directly onto
the system's hard disk, rather than installing the software on top of a host operating system.
In contrast with A10’s vThunder software, which is installed on top of a hypervisor layer, such as
VMware ESXi or Microsoft Hyper-V, the Thunder Bare Metal solution does not have a hypervisor layer.
Without the need for an intervening hypervisor, device throughput is optimized and capable of offering
up to 40 Gbps of Layer 7 traffic processing.
Thunder Bare Metal is a good fit for customers with standardized data center hardware who seek:
• A lower total cost of ownership than traditional proprietary hardware platforms
• Licensing that is decoupled from the hardware, which facilitates license portability and longevity
• The flexibility to install software on-demand, versus the complicated logistics associated with
hardware appliances
For example, large enterprises, service providers, and web hosting operations are ideal environments
for Thunder Bare Metal because they can leverage the flexibility afforded by Bare Metal.
Feedback
page 5
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Overview of Thunder Bare Metal
Installing the Bare Metal ISO is easy. Thunder Bare Metal is distributed as a raw image file with the .iso
extension. Simply obtain the ISO image from your A10 Networks sales representative and install the
software on a commodity server that meets the minimum requirements. (See “System Requirements”
on page 7.)
page 6
A10 Thunder Bare Metal - Installation Guide
Feedback
System Requirements
Figure 1 shows Thunder Bare Metal running on third-party commodity servers.
FIGURE 1 Thunder Bare Metal topology
System Requirements
Thunder Bare Metal can be installed on servers that are supported by A10, and these servers should be
qualified by A10. Minimum requirement to install Thunder Bare Metal are as follows:
• Intel x86-based CPUs with minimum of 4 cores1
• 32 GB, 64 GB and 128 GB memory.
• 80 GB of free disk space (or more).
1.
If you have a 8-core system, it is recommended that you should purchase an 8-core license that matches your hardware. Otherwise, if
you have an 8-core system with a 4-core license, the additional cores will not be supported.
page 7
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Thunder Bare Metal Supported Ethernet Chipsets and Drivers
• Minimum of 2 Ethernet Interface cards (3 or more are recommended).
• For a list of supported Ethernet chipsets, see Thunder Bare Metal Supported Ethernet Chipsets
and Drivers.
• Operating System: ACOS version 4.1.1 or later.
• NITROXR V Security Adapters Family (Optional).
Thunder Bare Metal Supported Ethernet Chipsets
and Drivers
ACOS supports a wide range of Intel Ethernet chipset and drivers. The following is a a list of Intel supported NIC drivers with model numbers supported.
TABLE 1 Detail about the SR-IOV adapters
Devices
82576, 1210,
1211, 1350,1354
82598, 82599,
X520, X540, X550
X710
XL710
NITROX® V
Security
NOTE:
PF Driver
igb
VF Driver
igbvf
Max VFs per port
7
ixgbe
ixgbevf
63
i40e
i40e
n/a
i40evf
i40evf
nitrox_drv
32
64
128
For additional information about the Bare Metal requirements, throughput, licensing and warranty information, refer to:
• “Thunder ADC for Bare Metal Specifications Table” in the Thunder ADC Datasheet at
the following location:
https://www.a10networks.com/sites/default/files/A10-DS-15100-EN.pdf
• “Thunder CGN for Bare Metal Specifications Table” in the Thunder CGN Datasheet at
the following location:
https://www.a10networks.com/sites/default/files/A10-DS-15102-EN.pdf
page 8
A10 Thunder Bare Metal - Installation Guide
Feedback
Thunder Bare Metal Supported Ethernet Chipsets and Drivers
Thunder Bare Metal Supports Nitrox V Security Processor
The NITROX V security processor integrates up to 288 purpose-built security cores with high performance compression engines and virtualization hardware with PCI-Express Gen 3 and Interlace interfaces.
NOTE:
In case of two domain system, attach and install the Nitrox V card to PCI
- Express slots on both domains. For balancing configuration user need
to have “N” N5 card in D0, and similar number of N5 card in D1 slot. The
PCI express slot dimension for Nitrox 5 SSL card is of standard of
Gen3x8 (2.54”x6.6”) dimension. For more information, refer to “Cavium
PN: CNN5560-750--C35-NHB-G”.
Thunder Bare Metal Supports for Mellanox NICs
The Mellanox PMD directly accesses hardware for fast data-path processing while control-path still
goes through kernel modules. The control-path is built on top of “libibverbs” using the Raw Ethernet
Accelerated Verbs API. Thus, the PCIe device is not required to be unbound from kernel network stack
and standard Linux commands (for example: ethtool/ifconfig). It runs on the kernel device to query/
update MTU and flow control parameters or to monitor statistics. This allows the PMD to coexist with
kernel driver interface and remain functional.
Prerequisite for Installing Mellanox NICs on Bare Metal box:
• Firmware: A firmware has to be installed in Mellanox NICs, prior to installing NIC on Bare metal
Box.
NOTE:
ACOS doesn't support firmware installation as of now so an user must
install firmware using any other platform, and then install NICs on Bare
Metal.To install firmware follow steps given in any of the site below:
• http://www.mellanox.com/page/firm ware_HCA_FW_update
• https://github.com/Mellanox/mlxsw/wiki/Updating-Firmware
• ACOS: ACOS installation on Bare metal box.
• License: 100G license is needed to support Bare Metal.
• Kernel upgrade: ACOS is upgraded to kernel 4.14.51 (LTS) in order to support Mellanox kernel
drivers and RDMA functionality.
• RDMA-Core: ACOS is now leveraging RDMA-core libraries available in centos7.
• Network Interface Cards (NIC): They are detected and corresponding kernel modules are
loaded during compile time.
page 9
A10 Thunder Bare Metal - Installation Guide
Thunder Bare Metal Supported Ethernet Chipsets and Drivers
FeedbackFF
FFee
e
• Drivers: Mellanox NICs doesn't have to be unbind-ed from kernel modules for Poll mode drivers.
• Control Panels: Mellanox NICs are handled by kernel modules, hence link control is tweaked in
PMD to start and stop as per ACOS.
page 10
A10 Thunder Bare Metal - Installation Guide
Feedback
Essential Setup Information
Essential Setup Information
Use the following login credentials during initial installation time.
• Default login and password: install /password
NOTE:
These credentials are only used for the initial setup. After setup is complete, the credentials will change to the ACOS default administrative login
credentials: admin / a10
• For information about licensing: See “Licensing” on page 12.
Prerequisites
This guide assumes that you have already done the following tasks:
1.
Downloaded the ACOS software from the software download library:
https://www.a10networks.com/support/axseries/software-downloads
(You will need to enter your customer support login and password.)
2.
Download the ISO file to create an installable media, such as a bootable CD/DVD or bootable USB. Choices include:
• ISO to a CD/DVD/USB – There are many utilities for creating a bootable media with an ISO
file. Some of the more popular ones include the following:
• Windows:
http://www.isotousb.com
http://unetbootin.github.io
• Linux:
http://unetbootin.github.io
• IPMI: virtual media – This offers a convenient way to remotely manage servers.
• The physical server where the software will be installed requires IPMI management support.
• The web-based utility emulates the CD/DVD/USB devices but requires no physical access.
• PXE Boot – This may also be referred to as “net boot.” This approach uses a client/server
model to download the software over the internet.
• Requires a PXE server running on another machine in the same network.
For information about installing and configuring a PXE Server, see:
https://help.ubuntu.com/community/PXEInstallMultiDistro
• BIOS uses the network interface port to get the image from the PXE server and boots the
image.
• To use PXE boot, the BIOS net boot option should be enabled.
page 11
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Licensing
Licensing
Licensing for Thunder Bare Metal is based on product, core, and bandwidth.
The product options include the following:
• ADC
• CGN
The license types include the following:
• 4 cores, 10Gbps
• 8 cores, 20Gbps
• 14 cores, 40Gbps
NOTE:
Bandwidth is tied to the number of cores.
By default with no license, functionality is similar to the 14-core license, but bandwidth is restricted to
1Mbps until you activate a license.
It is recommended that you purchase and install a BYOL license. This approach will allow you to avoid
having to delete a trial license, as well as having to activate and install a new license, and reload the
system. You can purchase a license through the Global License Manager (GLM).
The GLM is the master licensing and billing system for A10 Networks’ appliances. The GLM is managed by A10 Networks and is the primary portal for customers to begin activation of recently purchased appliances. You can also use the GLM to create trial licenses, manage existing assets, track
license status, request Return Merchandise Authorizations (RMA), and access installation resources.
For information about using the GLM to get a license, see the Global Licensing Manager User Guide. You
can request a PDF of this document after you have created a GLM account by clicking this URL: https:/
/glm.a10networks.com/.
NOTE:
When a Bare Metal license has expired, it’s functionality will continue but
at a reduced bandwidth.
page 12
A10 Thunder Bare Metal - Installation Guide
Feedback
Documentation Updates
Documentation Updates
For further documentation about ACOS version 4.1.x, please see the A10 Networks support site. Documentation updates are published periodically to the Technical Library and the archive is posted as a zip
file.
To access the latest version:
1. Log onto your A10 Networks support account at the following page:
https://www.a10networks.com/support-axseries/techlibrary.php
2. Enter your customer support login and password.
3. Navigate as follows:
Support > A10 Thunder Series > Software Updates > A10 Thunder & AX Series ADC Software &
Documentation.
4. Scroll to the release (e.g., 4.1.1) for which you would like to download the documentation.
5. Click to expand the menu, and then download the documentation file.
NOTE:
The documentation file is named something similar to: “Documentation
for A10 Thunder Series and AX Series Version 4.1.1-P2.”
page 13
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Documentation Updates
page 14
A10 Thunder Bare Metal - Installation Guide
Feedback
Manual Installation Process
Manually Installing ACOS on Thunder Bare Metal
This section covers the installation steps for manually installing ACOS on Thunder Bare Metal:
• Step 1. Boot the System into BIOS Mode
• Step 2. Reboot from your Installable Media Device
• Step 3. Set the Management Port
• Step 4. Complete the Installation
• Step 5. Reboot into ACOS
• Step 6. Inserting the License-USB Key (Optional)
Step 1. Boot the System into BIOS Mode
This step covers installation via BIOS mode. If you are installing via your system’s IPMI Management
Utility or via PXE boot, then you can skip this step. To begin the process of installing the Thunder Bare
Metal software image:
1. Make sure you meet the hardware requirements outlined in “System Requirements” on page 7.
2. Boot the system into BIOS mode per your system’s method during the boot up memory test. This
varies based on the system, so see your system’s admin guide for details.
3. Enter the BIOS setup.
NOTE:
We also support UEFI booting on Bare Metal from 5.0.0-P1 release
onward.
4. Verify that the media device you created for “Prerequisites” on page 11 is selected and enabled.
5. Save and exit the BIOS setup.
6. Restart the system.
Feedback
page 15
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Manually Installing ACOS on Thunder Bare Metal
Step 2. Reboot from your Installable Media Device
After booting from the installable media device:
1. Enter the login and password at the prompts.
• login: install
• password: password
Answer YesS at the installation checks to start the installation. The double “s” and caps are mandatory.
This will delete all partitions in your hard drive - type YesS to continue
Caution::Installing netXTM application - continue [No/YesS]: YesS
2. If multiple boot disks are detected in the system, a disk selection prompt will allow you to select a
disk.
All information on the selected disk will be wiped out.
CAUTION:
Starting Disk install .....
IDX
NAME
SIZE
MODEL
------------------------------------------------1
sda
223.6G
SAMSUNG MZ7GE240
Select Hard Drive IDX to Install: 1
HDD selected = /dev/sda
Creating partitions on the HD ...Partition
Done
...
Step 3. Set the Management Port
The hardware discovery tool runs automatically during the installation process. It detects the number
of CPU cores and NIC ports present on the system. This maps to the ACOS CLI for managing ports
post-installation. The tool provides the following user interface for configuration:
(1)
CPU
------
CPU Menu
(2)
Ports
------
Ports Menu
(3)
Save
------
Save configuration
(4)
Save & Exit
------
Save configuration & Exit
(5)
Exit
------
Exit Menu
1. Select 2 (the Ports menu) to manage ports.
Enter Choice: 2
The ports menu provides the following options to manage the discovered ports:
page 16
A10 Thunder Bare Metal - Installation Guide
Feedback
Manually Installing ACOS on Thunder Bare Metal
(1)
List Ports
------
Show Ports list
(2)
Blink Led
------
Blinks LED (10sec)
(3)
Change port number
------
Change existing port number
(4)
Delete port
------
Delete port from selection list
(5)
Add port
------
Add port to selection list
(6)
Set Mgmt port
------
Set Mgmt port in the ports list
(7)
Clear Mgmt port
------
Clear Mgmt port in the ports list
(8)
Set Mgmt port (MAC)
------
Set port with MAC-Addr as mgmt port
(9)
Set Mgmt port (PCI)
------
Set port with PCI-Addr as mgmt port
(10)
Info port
------
(11)
Save
------
(12)
Back
------
Show port pci info
Save configuration
Goto previous menu
2. Select 1 (the List Ports option) to show the port index, port number, status, MAC address, speed,
node, and PCI:
Enter Choice: 1
Port-IDX
Port-Num
Status
MAC-Addr
Speed
Node PCI-Addr
------------------------------------------------------------------------------0
1
+
58:97:bd:e5:a9:70
1000
0
01:00.0
1
2
+
58:97:bd:e5:a9:71
1000
0
01:00.1
2
3
+
90:e2:ba:a8:5c:fc
10000
0
06:00.0
3
4
+
90:e2:ba:a8:5c:fd
10000
0
06:00.1
------------------------------------------------------------------------------<Press 'enter' key>
3. Press enter to return to the ports menu.
4. Select 6 (the Set Mgmt port option) to set the management port.
Enter Choice: 6
NOTE:
It is recommended that you take note of the management port selection,
as you will need this information later in the procedure.
5. Enter the port index number that is associated with the port you want to use for system management. You can use any strategy to select the port, such as using the slowest port, the port with a
static IP address, or a port that you do not want to use for data. In this example, we will select the
port with index 0 to set the management port to MAC address 58:97:bd:e5:a9:70.
Enter port index: 0
page 17
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Manually Installing ACOS on Thunder Bare Metal
6. Select 1 (the List Ports option) again, and notice that port index “0” is now listed as “M” for management. Also note that the port numbers have automatically renumbered themselves:
Enter Choice: 1
Port-IDX
Port-Num
Status
MAC-Addr
Speed
Node PCI-Addr
------------------------------------------------------------------------------0
M
+
58:97:bd:e5:a9:70
1000
0
01:00.0
1
1
+
58:97:bd:e5:a9:71
1000
0
01:00.1
2
2
+
90:e2:ba:a8:5c:fc
10000
0
06:00.0
3
3
+
90:e2:ba:a8:5c:fd
10000
0
06:00.1
------------------------------------------------------------------------------<Press 'enter' key>
7. Press enter to return to the ports menu.
8. Optionally select 3 (the Change port number option) if you want to re-number the ports. You do not
have to accept the default values. For example, you could change the values to ensure the index
numbers match the physical port numbers, or you could assign port numbers that are more meaningful to you.
In the example below, we replace the port index number “1” with “5”, “2” with “6”, and “3” with “7”:
Enter Choice: 3
Enter port index: 1
Enter new port number: 5
Enter Choice: 3
Enter port index: 2
Enter new port number: 6
Enter Choice: 3
Enter port index: 3
Enter new port number: 7
9. Select 1 (the List Ports option) again and note that the port numbers have been changed to your
specifications:
Enter Choice: 1
Port-IDX
Port-Num
Status
MAC-Addr
Speed
Node PCI-Addr
------------------------------------------------------------------------------0
M
+
58:97:bd:e5:a9:70
1000
0
01:00.0
1
5
+
58:97:bd:e5:a9:71
1000
0
01:00.1
page 18
A10 Thunder Bare Metal - Installation Guide
Feedback
Manually Installing ACOS on Thunder Bare Metal
2
6
+
90:e2:ba:a8:5c:fc
10000
0
06:00.0
3
7
+
90:e2:ba:a8:5c:fd
10000
0
06:00.1
------------------------------------------------------------------------------<Press 'enter' key>
10.Press enter to return to the ports menu.
11.Select 11 (the Save option) to save the configuration.
Enter Choice: 11
12.Select 12 (the Goto previous menu option) to go back to the previous menu.
Enter Choice: 12
13.Select 4 (the Save & Exit option) to exit.
Enter Choice: 4
Configs saved & exiting ...
WARNING!! WARNING!!
ACOS is being installed. Please wait for the installation process to complete.
After installation, system will be automatically rebooted.
Step 4. Complete the Installation
Wait for the installation to complete. This will take approximately two minutes.
1. When the system reboots, enter the BIOS setup.
2. Select the Hard Disk Drive (HDD) where Thunder Bare Metal was installed.
3. Save and exit the setup.
Step 5. Reboot into ACOS
When the system boots up, it will boot into ACOS. Please see the “Documentation Updates” on page 13
for information about the documentation.
Step 6. Inserting the License-USB Key (Optional)
By default, the license key is tied to the MAC address of the hardware where it is installed, such as the physical server. However, installing the license key on a physical server may limit your choices going forward. If you want the flexibility to be able
to migrate the license key to other physical servers, it may be desirable to use a License-USB key.
page 19
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Manually Installing ACOS on Thunder Bare Metal
CAUTION:
This capability of installing a license on a Thunder device by using a USB
key is specific to Thunder Bare Metal and is not supported on other platforms!
NOTE:
The USB key is not shipped with the box by default. Therefore, as a prerequisite you must order the USB key when purchasing Thunder Bare
Metal. This will require a separate SKU and form to be filled out.
To install a license via USB key:
1. Insert the USB key into the USB port of the Thunder Bare Metal device. This will install the license
key.
2. Removing the USB key will remove the license and the features will no longer function on Thunder
Bare Metal.
NOTE:
Removing the key will cause Thunder Bare Metal to default to its the
basic license with which the minimal 14-cores and 1 Mbps bandwidth.
3. The USB key can have a perpetual license or one with a specific expiry date. If the license on the
USB key expires, it can be further extended through the GLM server or by contacting your A10 Networks Sales Representative.
To install a standard software license (without using a USB key), see https://glm.a10networks.com/ for
more information.
page 20
A10 Thunder Bare Metal - Installation Guide
Feedback
Auto-Installation Process
Auto-Installing ACOS on Thunder Bare Metal
This section covers the following topics for auto-installing ACOS on Thunder Bare Metal:
• Overview of Auto-Installation
• PXE-based Auto-installation
• Considerations for Auto-Installation
Overview of Auto-Installation
To simplify installation of ACOS for Thunder Bare Metal, you can perform a manual installation or use
auto-installation for other devices of similar hardware type. Auto-installation automates the process of
installing the ACOS for Thunder Bare Metal and can save time and effort, if there are many devices.
Auto-installation is based on a Pre-boot Execution Environment (PXE). A PXE boot is based on setup
information that is retrieved from the network, which includes the kickstart file. The kickstart file provides input parameters to an installation script for performing the auto-installation of ACOS for Thunder Bare Metal. The parameters for the kickstart file can be based on the configuration of the manuallyinstalled device.
Therefore, in an environment with multiple Thunder Bare Metal devices, it is recommended (but not
required) to perform a Manual Installation Process on the first Thunder Bare Metal device. This will
make it easier to perform an auto-installation if you are familiar with the process. In addition, the autoinstaller uses several of the configured values that you enter during the manual installation, so it may
be helpful to do a manual installation before using the auto-installation.
PXE-based Auto-installation
The PXE Environment can be handled via DHCP or TFTP Server. The following topics are covered:
• PXE Environment
• DHCP Server Configuration
• Kickstart Configuration File
Feedback
page 21
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Auto-Installing ACOS on Thunder Bare Metal
PXE Environment
PXE Environment requirements include the following:
• The PXE servers are set up to run in the network. The http://www.syslinux.org/wiki/
index.php?title=PXELINUX provides steps to install and setup the PXE server.
• The PXE booting client must be enabled from the BIOS of your machine where ACOS will be
installed.
• The PXE Client/Server environment is integrated with the DHCP and TFTP servers already in
place.
• The DHCP server provides an IP address, IP mask, etc. to all booting DHCP clients.
• The DHCP server provides the IP address of the TFTP server and the name of the Network Boot
Image to the PXE-identified booting clients.
DHCP Server Configuration
DHCP server configuration requirements include the following:
• The auto-installation feature uses custom DHCP options to force the DHCP server to send ACOS
specific auto-installation options to the PXE booting client.
• These ACOS specific installation options are used to enable auto-installation and to provide a
rootpath to the TFTP server address, which is necessary for downloading the kickstart file.
• DHCP options 194-195 are used as ACOS DHCP options, rather than site local ones.
page 22
A10 Thunder Bare Metal - Installation Guide
Feedback
Auto-Installing ACOS on Thunder Bare Metal
• Kickstart configuration filename has to be based on the mac address “XX-XX-XX-XX-XX-XX” or
based on the ip-address (fixed-address) of the PXE booting client machine. If the filename
doesn’t match the MAC or the IP, then the common configuration filename “default” is used. The
file will be downloaded from the PXE/TFTP server, and ACOS installation will be based on the
parameters in this file.
Sample dhcp configuration file (/etc/dhcp/dhcpd.conf):
#option definitions common to all supported networks...
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
option acos-baremetal-autoinstall code 194 = text;
option acos-baremetal-rootpath code 195 = text;
subnet 192.168.217.0 netmask 255.255.255.0 {
interface eth4;
option routers
192.168.217.1;
option subnet-mask
255.255.255.0;
option domain-name-servers
192.168.1.110,192.168.52.90;
filename "pxelinux.0";
default-lease-time 3600;
max-lease-time
43200;
host BM-01 {
hardware ethernet d8:d3:85:5c:f6:5c;
fixed-address 192.168.217.130;
option acos-baremetal-autoinstall "yes";
option acos-baremetal-rootpath "192.168.1.56:/tftpboot/a10-baremetal/
";
}
::
::
}}
page 23
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Auto-Installing ACOS on Thunder Bare Metal
Kickstart Configuration File
The kickstart configuration file includes parameters that you set to customize the ACOS installation.
These parameters will be based on the configuration parameters set during the manual installation of
your first device. Most parameters are optional if a default is listed below::
Parameter
Description
Default
ACOS_BM_HYPER_THREADING
Default HyperThread setting. The options are yes or no.
yes
ACOS_BM_INSTALL_DISK
Disk selection. This is the path to the disk where ACOS will
be installed.
sda
ACOS_BM_INSTALL_REBOOT
Reboot after installation. The choices are yes or no. When
set to no, the machine is not rebooted after installation of
ACOS. This is especially useful if the BIOS setting needs to
be changed in the boot order.
no
ACOS_BM_MGMT_PORT_MAC
Management port selection based on MAC address. For
example:
n/a
ACOS_BM_MGMT_PORT_MAC="d8:d3:85:5b:45:42"
If you select this parameter, then you will not need to use
ACOS_BM_MGMT_PORT_INDEX or ACOS_BM_MGMT_PORT_PCI.
ACOS_BM_MGMT_PORT_PCI
Management port selection based on PCI address of the
port, where the format is domain:bus:devid.func. For example:
n/a
ACOS_BM_MGMT_PORT_PCI="02:00.1"
If you select this parameter, then you will not need to use
ACOS_BM_MGMT_PORT_INDEX or ACOS_BM_MGMT_PORT_MAC.
ACOS_BM_MGMT_PORT_INDEX
You will most likely want to select the port index based on
the index configured in the manual installation. Otherwise,
ACOS automatically finds and orders the ports based on
their PCI address and their NIC type:
0
1. IGB or 1Gig ports
2. IXGBE or 10Gig ports
3. I40e or 10Gig ports
If you select this parameter, then you will not need to use
ACOS_BM_MGMT_PORT_MAC or ACOS_BM_MGMT_PORT_PCI.
ACOS_BM_PRESET_LIC_TYPE
Selection of license type. The choices are based on the number of cores: 4, 8, or 14. If you choose the number that
matches your device, then it will not require a reboot after
installation of ACOS. If you choose a number that does not
match the number of cores on the device, or if you install a
different license afterward, then it will require a reboot.
page 24
14
A10 Thunder Bare Metal - Installation Guide
Feedback
Auto-Installing ACOS on Thunder Bare Metal
Sample kickstart configuration file (/tftpboot/baremetal-ks/d8-d3-85-5b-45-42):
ACOS_BM_HYPER_THREADING
ACOS_BM_PRESET_LIC_TYPE
ACOS_BM_INSTALL_DISK
ACOS_BM_MGMT_PORT_MAC
ACOS_BM_XATTR_TAR_FILE
ACOS_BM_MGMT_PORT_INDEX
ACOS_BM_MGMT_PORT_PCI
NOTE:
If no kickstart file is available, then the auto-installation will be canceled.
Considerations for Auto-Installation
Listed below are some of the items that need to be considered for auto-installation:
• ISO images cannot be directly used for booting over PXE, use MEMDISK to assist booting the ISO
over PXE boot.
A sample PXE file entry looks similar to the following:
label iso_boot
KERNEL memdisk
APPEND iso initrd=/ACOS_Baremetal_4_1_1-P2_33.iso raw
• Auto-installation scripts run automatically when booted from any installation media. If either the
PXE environment or the acos-baremetal-autoinstall options are not set or are set to “no”, then it
will default to manual installation.
• When Auto-installation is in progress, the login prompt to the manual installation is disabled.
• Parameters set in the kickstart configuration file should be in quotes and only use lowercase let-
ters.
• For management port selection, if multiple options are present in the kickstart file, the priority will
be given from most-specific to least-specific in the following order:
a. MAC address
b. PCI address
c. Index
• If none of the management port options are present in the kickstart file, by default the first port [0]
will be selected by the auto-installation as the management port.
page 25
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Auto-Installing ACOS on Thunder Bare Metal
page 26
A10 Thunder Bare Metal - Installation Guide
Feedback
Port and Core Management Commands
Overview of Port and Core Management
This section describes the management commands supported from the ACOS CLI. Some options are also available in the
discovery tool that runs during theThunder Bare Metal installation. There are two main categories of commands, as well as
considerations for using those commands:
• Port Management Commands
• CPU Core Management Commands
• Considerations for Port and Core Management
Port Management Commands
You can select the management port, add ports, and delete ports during the installation. These and other management
options are also available in the ACOS CLI for any post-installation management of the ports.
Config Commands: Global
This section describes the commands for configuring global ACOS port management parameters.
To access this configuration level, use the enable and configure commands as follows:
Thunder Bare Metal>
Thunder Bare Metal>enable
Password:
Thunder Bare Metal#configure
The Global configuration mode level command prompt is shown in the following example:
Thunder Bare Metal(config)#
Feedback
page 27
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Port Management Commands
system mgmt-port
Description
Sets the management port indicated by index number. Refer to the Port-IDX field in the
output of the show system port-list command.
Syntax
system mgmt-port port-index <number range is system-dependent>
Mode
Config mode
Example
The following example sets the port with index 0 as the management port.
Thunder Bare Metal(config)#system mgmt-port port-index 0
WARNING: System port Configuration changed.
Please reboot system for changes to take effect.
system add-port
Description
Adds a port to the ACOS port-list. Refer to the Port-IDX field in the output of the show
system port-list command.
Syntax
system add-port port-index <number range is system-dependent
Mode
Config mode
Example
The following example adds the port with index 4 to the port list.
Thunder Bare Metal(config)#system add-port port-index 4
WARNING: System port Configuration changed.
Please reload system for changes to take effect.
system modify-port
Description
Modifies a port in the ACOS port-list. Refer to the Port-IDX and Port-Num fields in the
output of the show system port-list command.
Syntax
system modify-port port-index <number range is system-dependent>
port-number <number range is system-dependent>
Usage
Used to renumber the ports so that, the index numbers match the physical port numbers,
the port numbers match the Eth1/2/3 numbers in your configuration, or so the ports are
arranged in a way that’s more meaningful to you.
Mode
Config mode
Example
The following example modifies the port with index 1 to be port number 1.
Thunder Bare Metal(config)#system modify-port port-index 1 port-number 1
WARNING: System port Configuration changed.
page 28
A10 Thunder Bare Metal - Installation Guide
Feedback
Port Management Commands
Please reload system for changes to take effect.
system del-port
Description
Deletes a port from the ACOS port-list. Refer to the Port-IDX field in the output of the
show system port-list command.
Syntax
system del-port port-index <number range is system-dependent>
Mode
Config mode
Example
The following example deletes the port with index 4 from the port list.
Thunder Bare Metal(config)#system del-port port-index 4
WARNING: System port Configuration changed.
Please reboot system for changes to take effect.
Show Commands
The show commands display configuration and system information.
show system port-list
Description
Shows all ports and their properties (management, invalid, and/or blacklisted) in a system.
Syntax
show system port-list
Mode
Privileged EXEC and all configuration levels
Example
The following example shows the default output of the command.
Thunder Bare Metal#show system port-list
Port-IDX
Port-Num
Status
MAC-Addr
Speed
Node
PCI-Addr
-----------------------------------------------------------------------------------------0
M
+
e4:43:4b:08:8f:44
1000
0
18:00.0
1
X
+
e4:43:4b:08:8f:45
1000
0
18:00.1
2
X
+
e4:43:4b:08:8f:46
1000
0
18:00.2
3
X
+
e4:43:4b:08:8f:47
1000
0
18:00.3
page 29
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Port Management Commands
TABLE 2 Detail about the System Port - List Parameters
Fields
Description
Port-IDX
Port-NUM
It represents index of a port.
Displays port number assigned to a port. The available port number value
are:
• “M” represents the management port.
Status
• “X” represents an invalid port (number is -1).
Displays status of active and blacklist ports. The available status are:
• “+” represents an active port.
MAC - Addr
Speed
Node
NOTE:
• “-” represents a blacklisted port.
The MAC address of a port.
Displays the port speed.
Displays the CPU node to which the port is connected.
Blacklisted means that ports/cores are not available to ACOS load balancing (LB) application. LB will be agnostic of these blacklisted port/
cores in the system.
In the event of hardware changes like “NUMA node removal,” following options are suggested. Out of
the following options, Option 1 is recommended.
• Option 1: Re-install.
• Option 2: Change the Blacklisted ports to white-list the ports by adding the ports and port-num).
To recover the interface without re-installing follow the following steps:
a. From ACOS CLI prompt, move to configuration mode using "config" command.
b. Change the interfaces numbers using “system modify-port port-index <number> port-number
<number>” command.The interface numbers will be one more than the interface index. The
interface index starts from 0. For example, if there are 3 data interfaces as 0, 1 and 2 and corresponding interface numbers will be 1, 2 and 3.
c. Add the interfaces one by one using “system add-port port-index <index of port>" command.
d. Reboot the box using “reboot” command.
NOTE:
When user don't want to re-install the box, “Option 2” can be followed to
recover the box. However, if there is any functional issues observed, it is
recommended to go for “Option 1.”
page 30
A10 Thunder Bare Metal - Installation Guide
Feedback
Port Management Commands
show system inuse-port-list
Description
Shows only the ports that are currently in use by the ACOS.
Syntax
show system inuse-port-list
Mode
Privileged EXEC and all configuration levels
Example
The following example shows the default output of the command.
Thunder Bare Metal#show system inuse-port-list
Port-Num
Status
MAC Addr
Speed
Numa-Node
-------------------------------------------------------------------------1
+
62:38:3a:63:61:3a
1000
0
2
+
62:38:3a:63:61:3a
10000
0
3
+
62:38:3a:63:61:3a
10000
0
show system port-info
Description
Shows all the port information. This command is similar to the lspci bash command.
Syntax
show system port-info
Mode
Privileged EXEC and all configuration levels
Example
The following example shows the default output of the command.
Thunder Bare Metal#show system port-info
Port-Num PCI-Addr
Dev-Id
Info
---------------------------------------------------------------------M
01:00.0
8086:10fb
82599ES 10-Gigabit SFI/SFP+ Network Connection
3
01:00.1
8086:10fb
82599ES 10-Gigabit SFI/SFP+ Network Connection
2
07:00.0
8086:1521
I350 Gigabit Network Connection
1
07:00.1
8086:1521
I350 Gigabit Network Connection
4
44:00.0
8086:154d
Ethernet 10G 2P X520 Adapter
5
44:00.1
8086:154d
Ethernet 10G 2P X520 Adapter
show environment
Description
Show environment command displays dump message as “Not supported in Bare Metal !!!“.
Syntax
show environment
Mode
Privileged EXEC and all configuration levels
Example
The following example shows the default output of the command.
page 31
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Port Management Commands
ACOS-BareMetal(config)(NOLICENSE)#show environment
Not supported in BareMetal!!!
page 32
A10 Thunder Bare Metal - Installation Guide
Feedback
CPU Core Management Commands
CPU Core Management Commands
Core management commands are provided to manage and/or restrict ACOS threads run only on the selected list of CPU
cores.
This also depends on the license. Since the license integration is pending, currently the maximum number of cores selected/selectable is set to 14 cores. If the Hyper Threading (HT) is enabled, then there
would be twice the number of cores available to run ACOS.
For example: if you select 4 cores, then with HT enabled it would be 8 cores.
Config Commands: Global
This section describes the commands for configuring global ACOS core management parameters.
To access this configuration level, use the enable and configure commands as follows:
Thunder Bare Metal>
Thunder Bare Metal>enable
Password:
Thunder Bare Metal#configure
The Global configuration mode level command prompt is shown in the following example:
Thunder Bare Metal(config)#
system io-cpu max-cores
Description
Sets the maximum upper limit of cores dedicated to IO processing.
Syntax
system io-cpu max-cores <number range is system-dependent>
Mode
Config mode
Usage
ACOS allocates the available CPUs for performing Control, Packet Processing, and for Packet
IO. In some situations, such as for handling SSL traffic, it may make more sense to limit the
number of CPUs allocated to Packet IO. This is because SSL traffic tends to be more bound to
the Data CPUs and less bound for the IO CPUs. Therefore, with heavy SSL traffic, restricting
the number of IO cores will free up more Data CPUs, and this will achieve better throughput.
Note: The configuration will becomes active only after reloading or rebooting the device.
Example
The following example shows an attempt to set the max number of cores for IO processing
to 3 cores. However, the operation fails because DPDK mode has not been enabled!
Thunder Bare Metal(config)#system io-cpu max-cores 3
Backend Error: Platform is BAREMETAL but DPDK is not enabled
page 33
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
CPU Core Management Commands
system cpu-hyper-thread
Description
Enables or disables Hyper Thread CPU cores.
Syntax
system cpu-hyper-thread {enable | disable}
Mode
Config mode
Example
The following example shows how to disable the HT CPU cores.
Thunder Bare Metal(config)#system cpu-hyper-thread disable
WARNING: System Core HT Configuration changed.
Please reload system for changes to take effect.
system add-cpu-core
Description
Adds the CPU core to the list.
Syntax
system add-cpu-core core-index <number range is system-dependent>
Mode
Config mode
Example
The following example shows how to add CPU 16 to the core list.
Thunder Bare Metal(config)#system add-cpu-core core-index 16
WARNING: System Core HT Configuration changed.
Please reload system for changes to take effect.
system delete-cpu-core
Description
Deletes CPU Cores from the list.
Syntax
system delete-cpu-core core-index <number range is system-dependent>
Mode
Config mode
Example
The following example shows how to delete CPU 16 from the core list.
Thunder Bare Metal(config)#system delete-cpu-core core-index 16
WARNING: System Core HT Configuration changed.
Please reload system for changes to take effect.
NOTE:
A core cannot be deleted, unless you have more than 4. The control core
(core-index 0) cannot be blacklisted.
page 34
A10 Thunder Bare Metal - Installation Guide
Feedback
CPU Core Management Commands
Show Commands
The show commands display configuration and system information.
show system cpu-list
Description
Shows all the CPUs available on the system.
Syntax
show system cpu-list
Mode
Privileged EXEC and all configuration levels
Example
The following example output is shown with HT enabled.
Thunder Bare Metal#show system cpu-list
CPU-IDX
CPU#
NUMA-NODE
HT-CPUs
STATUS
----------------------------------------------------0
0
0
0, 8
+
1
1
1
1, 9
+
2
2
0
2, 10
+
3
3
1
3, 11
+
4
4
0
4, 12
-
5
5
1
5, 13
+
6
6
0
6, 14
+
7
7
1
7, 15
-
show system inuse-cpu-list
Description
Shows only the CPU cores that are currently in use by the ACOS.
Syntax
show system inuse-cpu-list
Mode
Privileged EXEC and all configuration levels
Example
The following example shows the default output of the command.
Thunder Bare Metal#show system inuse-cpu-list
CPU#
NUMA-NODE
CPU-ID
HT(CPU#)
STATUS
-------------------------------------------------0
0
0
0, 8
+
1
1
0
1, 9
+
2
0
1
2, 10
+
3
1
1
3, 11
+
5
1
2
5, 13
+
6
0
3
6, 14
+
page 35
A10 Thunder Bare Metal - Installation Guide
FeedbackFF
FFee
e
Considerations for Port and Core Management
Considerations for Port and Core Management
Listed below are some of the features that need to be considered for port or core management,
• Ports and CPU cores are automatically detected when there is a change in ports or CPU cores. If
there is no previous data about these cores/ports, then they will be blacklisted.
• NIC/ports are tied to the PCIe slot (or BUS number) to which they added. If the NIC is physically
moved to a different PCIe slot, it will be detected as a new port and blacklisted. You would then
have to enable it from the system add-port command.
• A NIC port’s change in MAC address will be automatically detected, and it should be shown cor-
rectly in the show system port-list command.
• HT enable/disable from BIOS should be automatically detected. If HT is enabled in BIOS, but the
CLI setting for HT is disabled, then it still disabled. On the other hand, if HT is disabled in BIOS, the
CLI command cannot enable it or disable it, and it is always disabled. The best-practice for
enabling HT is to enable it in both the BIOs and the CLI.
• Core changes in the BIOS are also automatically detected. If there are any new cores added, they
will be blacklisted. You would then have to enable them from the system add-cpu-core command.
• When the system has more than the allowed number of cores (as in licensed), then only the first
n-number (licensed) of selected cores will be considered.
page 36
A10 Thunder Bare Metal - Installation Guide
page 37
CONTACT US
3
a10networks.com/contact
A10 THUNDER BARE METAL - INSTALLATION GUIDE
11 OCTOBER 2019
Related documents
Example Abstract for the Density Lab
Example Abstract for the Density Lab
Homework H PHY3513 Due: 8 AM Nov. 24, 2009
Homework H PHY3513 Due: 8 AM Nov. 24, 2009
Pre-Calculus Spiral #2 Full Name___________________________
Pre-Calculus Spiral #2 Full Name___________________________
Specific Heat Practice Problems Directions: Answer the questions in
Specific Heat Practice Problems Directions: Answer the questions in
Foreign Material
Foreign Material
Download
advertisement