Open topic with navigation

Create Thunder Virtual Machines

The A10-vThunder-3NIC-2VM-PUBVIP template is used to create two Thunder virtual machines with three network interface cards each and configure the data-in network interface card with Public IP on VIP. This template is deployed using Azure CLI.

Before deploying this template, it is recommended to review the Prerequisites.

 

vThunder instances should have the same versions; otherwise, traffic flow will be disrupted.

 

To deploy the A10-vThunder-3NIC-2VM-PUBVIP template using Azure CLI commands, perform the following steps:

  1. Download A10-vThunder-3NIC-2VM-PUBVIP template.

    NOTE: This template contains pre-populated default values that can be modified as required and it does not create new virtual network, network security group, subnets, and Public IP.
  2. From Windows Explorer, navigate to the folder where you have downloaded the PowerShell template.
  3. Open the PS_TMPL_3NIC_2VM_PUBVIP_PARAM.json with a text editor.
    NOTE:Each parameter has a default value mentioned in the parameter file.

  4. Configure the following parameters as appropriate:

    Table 5 : JSON Parameters

    Resource Name

    Description

    vThunder instance credentials

    Enter the default admin credentials to provision the vThunder instance. Once the device is provisioned, vThunder auto-deletes all the users except the default user.

        "adminUsername":{
        "value":"vth-user"
     },
     "adminPassword":{
        "value":"vth-Password"
     },
    NOTE: This is a mandatory step during VM creation. Once the device is provisioned, vThunder auto-deletes all users except the default user.

    Virtual Network

    Specify an existing virtual network name for vThunder.

       "virtual_network": {
      "value": "<existing virtual network name>"
    },

    Virtual Machines

    Specify a virtual machine name for each of the two vThunder instances.

       "vmName_vthunder1": {
      "value": "vth-inst1"
    },
    "vmName_vthunder2": {
      "value": "vth-inst2"
    },

    Virtual Machine Zones

    Specify an availability zone in which to deploy your virtual machine. If you have an existing Public IP, then it should be available in the same availability zone as the virtual machine.

        "Virtual_Machine1_Zone": {
      "value": "1"
    },
        "Virtual_Machine2_Zone": {
      "value": "1"
    },

    Size

    Specify a suitable size for the vThunder instance that supports at least 3 NICs. For VM sizes, see Supported VM Sizes.

       "vmSize": {
      "value": "Standard_D8s_v3"
    },
    NOTE: Use a suitable VM size that supports at least 3 NICs. For VM sizes, see Supported VM Sizes.

    Image

    Specify the desired vThunder Image name and Product name from the Azure Marketplace.

       "vThunderImage": {
      "value":"a10-vthunder-adc-601-byol"
    },
       "publisherName": {
      "value": "a10networks"
    },
       "productName": {
      "value": "a10-vthunder-adc-521"
    },
    NOTE: Do NOT change the publisher name.

    Network Interface Cards

    Specify a unique network interface card for management, datain, and dataout traffic.

       "nic1Name_vm1": {
      "value": "vth-inst1-mgmt-nic1"
    },
       "nic1Name_vm2": {
      "value": "vth-inst2-mgmt-nic1"
    },
       "nic2Name_vm1": {
      "value": "vth-inst1-datain-nic"
    },
    "nic3Name_vm1": {
      "value": "vth-inst1-dataout-nic"
    },
       "nic2Name_vm2": {
      "value": "vth-inst2-datain-nic"
    },
    "nic3Name_vm2": {
      "value": "vth-inst2-dataout-nic"
    },

    Management Subnet

    Specify an existing subnet name that is available within the selected virtual network for inbound management traffic. 

       "subnet1Name": {
      "value": "<existing mgmt_subnet name>"
    },

    Data Subnet

    Specify an existing subnet name that is available within a selected virtual network for inbound and outbound data traffic.

       "subnet2Name": {
      "value": "<existing subnet datain name>"
    },
    "subnet3Name": {
      "value": "<existing subnet dataout name>"
    },

    Network Security Groups

    Specify an existing network security group name for all the NICs.

       "networkSecurityGroupName_vm1": {
      "value": "<existing vm1 network security group>"
    },
    "networkSecurityGroupName_vm2": {
      "value": "<existing vm2 network security group>"
    },

    Public IP address

    Specify the existing Public IP addresses for management traffic.

       "PublicIPName_vm1": {
      "value":"<existing vm1 publicipaddress name>"
    },
    "PublicIPName_vm2": {
      "value":"<existing vm2 publicipaddress name>"
    },
    "PublicIPName_vip": {
      "value":"<existing vip publicipaddress name>"
    },

    Enable Accelerated Networking

    Specify 'true' to enable low latency and high throughput on the NICs. For more information, see Accelerated Networking. 

       "enableAcceleratedNetworking": {
      "value": false
    },
    NOTE: By default, accelerated networking is disabled for all type of compute instances and it can be enabled for the selected compute instances. For the supported compute instances, see Supported VM Sizes.

    Enable IP Forwarding

    Specify 'true' to allow the virtual machine to forward the network traffic between networks in order to improve the network performance. This high-performance forwarded path bypasses the host from the usual data path, thus, reducing latency, jitter, and CPU utilization when using the most demanding network workloads on the supported VM types. For more information, see IP Forwarding. 

       "enableIPForwarding": {
    "value": false
    },
    NOTE: By default, IP forwarding is disabled.

    Resource Group

    Specify the name of an existing resource group under which the virtual network, network security group, and subnets are already created.

       "ResourceGroupName": {
      "value": "<existing vnet nsg publicIP resourcegroup>"
    }
  5. Verify if all the configurations in the PS_TMPL_3NIC_2VM_PUBVIP_PARAM.json file are correct and then save the changes.
  6. From the Start menu, open PowerShell and navigate to the folder where you have downloaded the PS template.
  7. Run the following command to create a deployment group in Azure.
    PS C:\Users\TestUser\Templates> .\PS_TMPL_3NIC_NVM_VMSS_1.ps1 -resourceGroup <resource_group_name> -location "<location_name>"

    Example:

    PS C:\Users\TestUser\Templates> .\PS_TMPL_3NIC_NVM_VMSS_1.ps1 -resourceGroup vth-rg1 -location "south central us"

    A resource group is created.
    Here, vth-rg1 resource group is created.

  8. Verify if all the above listed resources are created under Home > Azure services > Resource Groups > <resource_group_name>.

    Figure 46 : Resource listing under resource group

  9. Verify if the runbooks are created:
    1. From Home, navigate to Azure services > Automation Accounts ><automation_account_name>.

      The selected automation account - Overview window is displayed.

      Figure 47 : Selected automation account - Overview window

    2. Click Runbooks from the left Process Automation panel.
      The selected automation account - Jobs window is displayed.

      Figure 48 : Selected automation account - Runbooks window

  10. Verify the instance count:
    1. From Home, navigate to Azure services > Virtual machine scale set > <vmss_name>.

      The selected VMSS - Overview window is displayed. Here, the VMSS name is vth-vmss.

      Figure 49 : Virtual machine scale set - Overview window

    2. Click Scaling from the left Settings panel.
      The selected VMSS - Scaling window is displayed.

      Figure 50 : Virtual machine scale set - Scaling window - Configure tab

    3. Verify the configured instance count.
      If the instance gets deleted either manually or automatically, VMSS creates a new instance.
  11. Verify if the LB resources are created:
    1. From Home, navigate to Azure services > Load balancer > <lb_name>.
      The selected LB - Overview window is displayed. Here, the LB name is vth-lb.
    2. Click Frontend IP configuration from the left Settings panel to verify if the LB frontend IP is created.

      Figure 51 : Selected Frontend IP configuration window


    3. Click Backend pools from the left Settings panel to verify if the backend pools are created.

      Figure 52 : Selected Backendpools window


    4. Click Health probes from the left Settings panel to verify if the health probes are created.

      Figure 53 : Selected Health Probes window


    5. Click Load balancing rules from the left Settings panel to verify if the load balancing rules are created.

      Figure 54 : Selected load balancing rules window


  12. Verify if the storage account container is created:
    1. From Home, navigate to Azure services > Storage account > <storage_account_name>.
      The selected storage account - Overview window is displayed. Here, the storage account name is vthunderstorage.
    2. Click Containers from the left Data storage panel.
      The selected storage account - Containers window is displayed.

      Figure 55 : Selected storage account - Containers window

COMPANY INFORMATION: Copyright © 2023 A10 Networks, Inc. All Rights Reserved. Legal Notice