Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- auto_last_hop: disabled
- bgp_dag_egw_peer_ip: 192.168.11.104
- bgp_dag_pgw_peer_ip: 192.168.1.103
- bgp_egw_peer_as: '300'
- bgp_pgw_peer_as: '200'
- bgp_vnf_pgw_peer_ip: 192.168.21.11
- big_iq_host: 10.50.50.101
- big_iq_lic_pool: pool_vnfm
- bigip_os_ssh_key: karolRHOS
- centos_image_id: c32f9684-aed0-455f-ab25-76035a21be56
- cm_ip: 10.50.50.105
- manager_mgmt_host: 10.50.50.105
- ctrl_net: control
- ctrl_sg_name: control_sg
- ctrl_subnet: control_subnet
- dag_group_cpu_threshold: '89'
- dag_group_cpu_threshold_check_interval: '1'
- default_gateway: 10.50.50.1
- floating_network_id: fa541932-4156-4185-8344-a961cf4c8e41
- ha_net: ha_net
- ha_subnet: ha_net_subnet
- max_heal_vnf_layer: 10
- ntp_server: 216.239.35.0
- timezone: America/Los_Angeles
- max_heal_vnf_slave_ve: 10
- max_heal_vnfd_dag_ve: 10
- max_scale_dag_group: 10
- max_scale_vnf_group: 10
- # manager_rest_tenant: default_tenant
- # manager_rest_password: admin
- # manager_rest_username: admin
- # manager_rest_host: 127.0.0.1
- mgmt_net: mgmt
- mgmt_sg_name: mgmt_sg
- mgmt_subnet: mgmt-subnet
- nagios_flavor_id: e752819a-095c-450f-a3c7-87c10cd7ae25
- pdn_dag_net: pdn_dag_net
- pdn_dag_subnet: pdn_dag_net_subnet
- pdn_dag_subnet_cidr: 10.10.4.0/24
- pdn_net: pdn
- pdn_sg_name: pdn_sg
- pdn_subnet: pdn_subnet
- pgw_dag_net: pgw_dag_net
- pgw_dag_subnet: pgw_dag_net_subnet
- pgw_dag_subnet_cidr: 10.10.2.0/24
- pgw_dag_subnet_mask: /24
- pgw_net: pgw
- pgw_sg_name: pgw_sg
- pgw_subnet: pgw_subnet
- ric_purchasing_model: subscription
- ric_throughput: 5
- ric_vnfm_serial: '12345'
- snmp_sg_name: snmp_sg
- sw_ref_dag:
- data: {flavor: f5.cloudify, image: BIGIP-13.1.0.7-0.0.1.ALL_1SLOT}
- revision: 0
- sw_ref_vnf:
- data: {flavor: f5.cloudify, image: BIGIP-13.1.0.7-0.0.1.ALL_1SLOT}
- revision: 0
- # VNF Layer scaling inputs
- vnf_layer_cpu_threshold: '85'
- vnf_layer_cpu_threshold_check_interval: '1'
- # VNF Group scaling inputs
- vnf_group_throughput: '20'
- vnf_group_throughput_threshold: '75'
- vnf_group_throughput_check_interval: '1'
- # DAG Group scaling inputs
- dag_group_cpu_threshold: '89'
- dag_group_cpu_threshold_check_interval: '1'
- vnf_as3_nsd_payload:
- class: AS3
- action: deploy
- persist: True
- declaration:
- class: ADC
- schemaVersion: 3.0.0
- id: cfy_vnf_01
- label: vnf
- remark: VNF
- f5vnf:
- class: Tenant
- Shared:
- class: Application
- template: shared
- fwAllowedAddressList:
- addresses:
- - 10.0.0.0/8
- - 172.20.0.0/16
- - 192.168.0.0/16
- class: Firewall_Address_List
- fwAllowedPortList:
- class: Firewall_Port_List
- ports:
- - 8080-8081
- - 22
- - 443
- - 53
- - 80
- fwDefaultDenyAddressList:
- addresses:
- - 0.0.0.0/0
- class: Firewall_Address_List
- fwLogDestinationHsl:
- class: Log_Destination
- distribution: adaptive
- pool:
- use: poolHsl
- protocol: tcp
- type: remote-high-speed-log
- fwLogDestinationSyslog:
- class: Log_Destination
- format: rfc5424
- remoteHighSpeedLog:
- use: fwLogDestinationHsl
- type: remote-syslog
- fwLogPublisher:
- class: Log_Publisher
- destinations:
- - use: fwLogDestinationSyslog
- fwPolicy:
- class: Firewall_Policy
- rules:
- - use: fwRuleList
- fwRuleList:
- class: Firewall_Rule_List
- rules:
- - action: accept
- destination:
- portLists:
- - use: fwAllowedPortList
- loggingEnabled: True
- name: tcpAllow
- protocol: tcp
- source:
- addressLists:
- - use: fwAllowedAddressList
- - action: accept
- loggingEnabled: True
- name: udpAllow
- protocol: udp
- source:
- addressLists:
- - use: fwAllowedAddressList
- - action: drop
- loggingEnabled: True
- name: defaultDeny
- protocol: any
- source:
- addressLists:
- - use: fwDefaultDenyAddressList
- fwSecurityLogProfile:
- class: Security_Log_Profile
- network:
- logIpErrors: True
- logRuleMatchAccepts: True
- logRuleMatchDrops: True
- logRuleMatchRejects: True
- logTcpErrors: True
- logTcpEvents: True
- logTranslationFields: True
- publisher:
- use: fwLogPublisher
- storageFormat:
- fields:
- - action
- - bigip-hostname
- - context-name
- - context-type
- - date-time
- - dest-ip
- - dest-port
- - drop-reason
- - protocol
- - src-ip
- - src-port
- poolHsl:
- class: Pool
- members:
- - enable: true
- serverAddresses:
- - 255.255.255.254
- servicePort: 514
- monitors:
- - bigip: /Common/udp
- lbSelectedRule:
- class: iRule
- iRule: when LB_SELECTED {log local0. "Selected server [LB::server]"}
- remark: Log load balanced server
- profileL4:
- class: L4_Profile
- serviceAddress:
- class: Service_Address
- arpEnabled: False
- spanningEnabled: True
- virtualAddress: 0.0.0.0
- firewall_any:
- class: Application
- template: generic
- serviceMain:
- allowVlans:
- - bigip: /Common/pgw_dag_net
- class: Service_Generic
- iRules:
- - /f5vnf/Shared/lbSelectedRule
- layer4: any
- policyFirewallEnforced:
- use: /f5vnf/Shared/fwPolicy
- profileL4:
- use: /f5vnf/Shared/profileL4
- securityLogProfiles:
- - use: /f5vnf/Shared/fwSecurityLogProfile
- snat: none
- lastHop: disable
- translateServerAddress: False
- translateServerPort: False
- virtualAddresses:
- - use: /f5vnf/Shared/serviceAddress
- virtualPort: 0
- firewall_fastL4:
- class: Application
- template: l4
- serviceMain:
- class: Service_L4
- layer4: tcp
- allowVlans:
- - bigip: /Common/pgw_dag_net
- profileL4:
- use: /f5vnf/Shared/profileL4
- virtualAddresses:
- - use: /f5vnf/Shared/serviceAddress
- virtualPort: 0
- translateServerAddress: False
- translateServerPort: False
- snat: none
- lastHop: disable
- iRules:
- - /f5vnf/Shared/lbSelectedRule
- policyFirewallEnforced:
- use: /f5vnf/Shared/fwPolicy
- securityLogProfiles:
- - use: /f5vnf/Shared/fwSecurityLogProfile
- firewall_inbound:
- class: Application
- template: generic
- serviceMain:
- allowVlans:
- - bigip: /Common/pdn_dag_net
- class: Service_Generic
- iRules:
- - /f5vnf/Shared/lbSelectedRule
- layer4: any
- profileL4:
- use: /f5vnf/Shared/profileL4
- snat: none
- translateServerAddress: False
- translateServerPort: False
- virtualAddresses:
- - use: /f5vnf/Shared/serviceAddress
- virtualPort: 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement