IPAM Provider (Avi Vantage)
Overview
This article discusses Avi Vantage’s native IPAM configuration. This is supported on the following clouds:
- Containers (Mesos, OpenShift, Docker UCP, Rancher)
- Linux server cloud (bare metal)
- VMware
- No access
Note: Starting with Avi Vantage release 18.1.2, this feature is supported for IPv6 for the clouds mentioned at Ecosystem Integration.
IPAM Configuration
Avi Vantage allocates IP addresses from a pool of IP addresses within the subnet configured as listed below.
- Navigate to Infrastructure > Networks.
- For Select Cloud choose the cloud from the drop-down list and click on Create.
- Specify the name of the network.
- Under IP Address Management, click on the required option for DHCP Enabled and IPv6 Auto Configuration.
- Add IPv4 and/or IPv6 networks for IP address allocation.
- Click on Add Subnet.
- Specify the subnet address under IP Subnet.
- Enable Add Static IP Address Pool to specify the pool of IP addresses. Specify the range of the pool under IP Address Pool.
- Click on Save.
- Repeat steps from 1 to 4 for each network that is to be used for IP address allocation.
- Click on Save.
Notes:
-
Virtual service creation will fail if the static IP address pool is empty or exhausted.
-
For east-west IPAM (applicable to container-based clouds), create another network with the appropriate link-local subnet and a separate IPAM/DNS profile.
Starting with Avi Vantage release 20.1.1, the Avi Kubernetes/OpenShift clud is not supported. Refer to the OpenShift and Kubernetes Cloud - End of Support article for more information.
- Starting 18.2.8 addition/deletion of VIP or changing the vip_id (use-case being multiple VIP’s on a virtual service) is not supported on Avi IPAM.
Creating IPAM Networks using both IPv4 and IPv6 Subnets
The following is an instance of creating IPAM networks using both IPv4 and IPv6 subnets:
Navigate to Templates > IPAM/DNS Profiles and create a placeholder for IPAM. Create a separate placeholder for east-west wherever it is relevant.
You can assign one or more of the created networks to be the default usable network, if no specific network and/or subnet are provided in the virtual service configuration.
VRF-aware IPAM
You can enable the Allocate IP in VRF checkbox for Avi Vantage to allocate IPs from networks in the virtual service’s VRF. This option is applicable to only Avi Vantage IPAM.
Selecting Network for IP Allocation
The selection of network for given allocated IP request is based on the following:
-
If a network and subnet is specified during virtual service creation, the system will attempt to allocate from that specific network/subnet. If that subnet does not have free static IPs, then the API request will fail.
-
If no network/subnet is specified (only possible via CLI or API) during virtual service creation, the system will consider all networks in the Usable Networks of the IPAM/DNS profile and randomly select the one which has free IPs available.
a) for v4 request, the system will check for free IPs in networks with v4 subnets before considering networks with v4 and v6 subnets.
b) for v6 request, the system will check for free IPs in networks with v6 subnets before considering networks with v4 and v6 subnets.
Note: Any change in the VIP’s IPv4 or IPv6 address will result in disruption of the virtual service. This can occur if the VS’s auto allocate type is changed. For instance, if a virtual service’s IPv4 address was allocated using a network with both v4 and v6 subnets, and its auto_allocate_type
is changed from v4 to V4_V6
with a corresponding v6 subnet selected, the system will attempt to allocate an IPv6 address for that virtual service. If the allocation is successful, a virtual service disruption will occur.
IPAM Support for User Preferred IP Address
Starting with Avi Vantage 20.1.2, Avi IPAM supports virtual service creation with a user-preferred IP address and or IPv6 address with auto allocation.
To use this feature,
- set the
ip_address or ip6_address field(s)
of the VsVip object with - Ser the auto_allocate_ip field to True and the auto_allocate_ip_type filed set correspondingly.
The Avi Controller allocates that specific IP address for the virtual service. If the IP address is not available, the virtual service creation will fail. The specified IP address must exist in a static pool that is already configured on a network or the subnet.
This feature is supported for all three auto allocation types (V4, V6, and V4_V6). When creating a virtual service IP Address with V4_V6 allocation, both IPv4 and IPv6 addresses must be specified or both should be left empty.
Additionally, updating an existing auto allocated IP address to a different preferred IP address of the same type (V4 or V6) is not allowed. The following list consists of allowed operations:
- Creating a VIP with a preferred static IP
- Supported for V4, V6, and V4_V6
- Changing an existing VIP’s allocation type from V4 to V6, and specifying a preferred IPv6
- Changing an existing VIP’s allocation type from V4 to V4_V6, and specifying a preferred IPv6
- If the IPAM network and subnet are the same, the IPv4 address field must be either unset or kept the same (the existing IPv4 address will be preserved in both cases).
- If the IPAM network or subnet is different, the IPv4 address field must be unset.
- Changing an existing VIP’s allocation type from V6 to V4, and specifying a preferred IPv4
- Changing an existing VIP’s allocation type from V6 to V4_V6, and specifying a preferred IPv4
- If the IPAM network and subnet6 is the same, the IPv6 address field must be either unset or kept the same (the existing IPv6 address will be preserved in both cases).
- If the IPAM network or subnet6 is different, the IPv6 address field must be unset.
The IPv6 address field must be kept the same (in case of keeping the IPAM network the same) or left blank (in case of changing the IPAM network).
The following operations are not supported in Avi Vantage 20.1.2:
- Creating a VIP with V4_V6 allocation with only ip_address set or only ip6_address set
- Both IP addresses must be set (preferred), or unset
- Updating an existing auto allocated IP address to a different preferred IP address of the same type (V4 or V6)
- An existing VIP with IPv4-A cannot be updated to a different preferred IPv4-B
- If it is required to change the VIP’s allocation network or subnet, the ip_address/ip6_address fields must be left blank (Avi Controller will pick the IP address for the user)
- If a new preferred IP of the same type is needed, delete and recreate the VIP
Configuring Virtual Service with Auto Allocate IP Address
Login to Avi CLI and use the configure vsvip <name>
to set the auto allocate IP address.
[admin:10-79-108-162]: > show network network1
+----------------------------+----------------------------------------------+
| Field | Value |
+----------------------------+----------------------------------------------+
| uuid | network-eea5aaa2-2225-40bd-b27d-60d7fe046d01 |
| name | network1 |
| vcenter_dvs | True |
| dhcp_enabled | True |
| exclude_discovered_subnets | False |
| configured_subnets[1] | |
| prefix | 10.10.10.0/24 |
| static_ranges[1] | |
| begin | 10.10.10.100 |
| end | 10.10.10.150 |
| vrf_context_ref | global |
| synced_from_se | False |
| ip6_autocfg_enabled | True |
| tenant_ref | admin |
| cloud_ref | Default-Cloud |
+----------------------------+----------------------------------------------+
[admin:10-79-108-162]: > configure vsvip vsvip1
[admin:10-79-108-162]: vsvip> vip vip_id 1
New object being created
[admin:10-79-108-162]: vsvip:vip> auto_allocate_ip
[admin:10-79-108-162]: vsvip:vip> ip_address 10.10.10.120
[admin:10-79-108-162]: vsvip:vip> save
[admin:10-79-108-162]: vsvip> save
+-----------------------------+--------------------------------------------+
| Field | Value |
+-----------------------------+--------------------------------------------+
| uuid | vsvip-54aa9247-d807-458d-b9e3-a8956bcb266a |
| name | vsvip1 |
| vip[1] | |
| vip_id | 1 |
| ip_address | 10.10.10.120 |
| enabled | True |
| discovered_networks[1] | |
| network_ref | network1 |
| subnet[1] | 10.10.10.0/24 |
| auto_allocate_ip | True |
| auto_allocate_floating_ip | False |
| avi_allocated_vip | False |
| avi_allocated_fip | False |
| ipam_network_subnet | |
| network_ref | network1 |
| subnet | 10.10.10.0/24 |
| auto_allocate_ip_type | V4_ONLY |
| prefix_length | 32 |
| vrf_context_ref | global |
| east_west_placement | False |
| tenant_ref | admin |
| cloud_ref | Default-Cloud |
+-----------------------------+--------------------------------------------+
Allocating Different IPAM Ranges for SEs and Virtual IPs
Prior to Avi Vantage version 20.1.3, the Avi Controller used the same IP pools for both SE vNIC and VIP allocation. Static IP pools were defined within a network’s configured_subnets
via the fields static_ips
and static_ranges
.
Starting with Avi Vantage version 20.1.3, you can specify whether a set of static IPs is used for SE vNIC only, or for VIP only or for both.
For any given subnet, only the following configurations are supported:
-
IP range(s) for VIP and/or IP range(s) for SE
-
IP range(s) for both
An error will be thrown if a subnet contains an IP range for both and an IP range for either VIP or SE.
Via the UI
To allow separate IP range configurations for VIP and SE
-
From the Avi UI, navigate to Infrastructure > Networks.
-
Click on the edit icon.
-
In the Edit Network Settings screen, disable the option Use Static IP Address for VIPs and SE.
Note: On selecting this option, the IP ranges will be used for both VIPs and SE.
-
In the Networks overview page, click on an existing network to to show the various configured static IP ranges. The combined free/total IP counts of all the
ip_range_runtimes
in the subnet are shown next to the subnet prefix.
Via the CLI
The fields static_ips
and static_ranges
are now deprecated.
The field static_ip_ranges
is introduced instead, to specify a static IP address range using the begin
and end
fields.
Additionally, the field type
is introduced, to specify how the IP range will be allocated.
Notes:
- Within
ip_range_runtimes
, the allocated IPs are stored inside theallocated_ips field
(previously named asip_alloced
). - Inside an allocated IP, the mac field has been renamed to
obj_info
and these_ref
field has been renamed toobj_ref
. - By default, the option
STATIC_IPS_FOR_VIP_AND_SE
is configured as thetype
of allocation. When upgrading to Avi Vantage version 20.1.3, all existingstatic_ips
andstatic_ranges
will be converted tostatic_ip_ranges
with typeSTATIC_IPS_FOR_VIP_AND_SE
.
The static_ip_ranges
configuration is as shown below:
configure network vxw-dvs-34-virtualwire-33-sid-2140032-wdc-02-vc14-avi-dev026
[admin:1234]: network> configured_subnets prefix 100.64.34.0/24
[admin:1234]: network:configured_subnets> static_ip_ranges
New object being created
[admin:1234]: network:configured_subnets:static_ip_ranges> range begin 100.64.34.100
[admin:1234]: network:configured_subnets:static_ip_ranges:range> end 100.64.34.110
[admin:1234]: network:configured_subnets:static_ip_ranges:range> save
[admin:1234]: network:configured_subnets:static_ip_ranges> type static_ips_for_vip
[admin:1234]: network:configured_subnets:static_ip_ranges> save
[admin:1234]: network:configured_subnets> static_ip_ranges
[admin:1234]: network:configured_subnets:static_ip_ranges> range begin 100.64.34.140
[admin:1234]: network:configured_subnets:static_ip_ranges:range> end end 100.64.34.150
[admin:1234]: network:configured_subnets:static_ip_ranges:range> save
[admin:1234]: network:configured_subnets:static_ip_ranges> type static_ips_for_vip
[admin:1234]: network:configured_subnets:static_ip_ranges> save
[admin:1234]: network:configured_subnets:static_ip_ranges> save
[admin:1234]: network:configured_subnets> static_ip_ranges
[admin:1234]: network:configured_subnets:static_ip_ranges> range begin 100.64.34.240
[admin:1234]: network:configured_subnets:static_ip_ranges:range> end end 100.64.34.250
[admin:1234]: network:configured_subnets:static_ip_ranges:range> save
[admin:1234]: network:configured_subnets:static_ip_ranges> type static_ips_for_se
[admin:1234]: network:configured_subnets:static_ip_ranges> save
[admin:1234]: network:configured_subnets> static_ip_ranges
[admin:1234]: network:configured_subnets:static_ip_ranges> range begin 100.64.34.195
[admin:1234]: network:configured_subnets:static_ip_ranges:range> end end 100.64.34.195
[admin:1234]: network:configured_subnets:static_ip_ranges:range> save
[admin:1234]: network:configured_subnets:static_ip_ranges> type static_ips_for_se
[admin:1234]: network:configured_subnets:static_ip_ranges:range> save
[admin:1234]: network:configured_subnets:static_ip_ranges>save
[admin:1234]: network:configured_subnets>save
The configured network is as shown below:
+----------------------------+--------------------------------------------------------------+
| Field | Value |
+----------------------------+--------------------------------------------------------------+
| uuid | dvportgroup-233-cloud-4b5fd097-0a9a-444f-b328-1f016eb99987 |
| name | vxw-dvs-34-virtualwire-33-sid-2140032-wdc-02-vc14-avi-dev026 |
| vcenter_dvs | True |
| vimgrnw_ref | vxw-dvs-34-virtualwire-33-sid-2140032-wdc-02-vc14-avi-dev026 |
| dhcp_enabled | True |
| exclude_discovered_subnets | False |
| configured_subnets[1] | |
| prefix | 100.64.34.0/24 |
| static_ip_ranges[1] | |
| range | |
| begin | 100.64.34.100 |
| end | 100.64.34.110 |
| type | STATIC_IPS_FOR_VIP |
| static_ip_ranges[2] | |
| range | |
| begin | 100.64.34.200 |
| end | 100.64.34.210 |
| type | STATIC_IPS_FOR_VIP |
| static_ip_ranges[3] | |
| range | |
| begin | 100.64.34.140 |
| end | 100.64.34.150 |
| type | STATIC_IPS_FOR_SE |
| static_ip_ranges[4] | |
| range | |
| begin | 100.64.34.240 |
| end | 100.64.34.250 |
| type | STATIC_IPS_FOR_SE |
| static_ip_ranges[5] | |
| range | |
| begin | 100.64.34.195 |
| end | 100.64.34.195 |
| type | STATIC_IPS_FOR_SE |
| vrf_context_ref | global |
| synced_from_se | True |
| ip6_autocfg_enabled | False |
| tenant_ref | admin |
| cloud_ref | Default-Cloud |
+----------------------------+--------------------------------------------------------------+
Note: The subnet_runtime
field under Network runtime has also been modified. The IP allocation and IP count information will be stored inside a new field ip_range_runtimes
. The fields ip_alloced
, total_ip_count
, used_ip_count
, and free_ip_count
fields under subnet_runtime
are deprecated. Each ip_range_runtimes
entry will contain the combined IP allocation and count information for all static IP ranges of a particular type (SE, VIP, or both).
Internal IPAM for VIP Labels
Prior to Avi Vantage version 20.1.3, when using Avi IPAM, the network which is used for VIP allocation is either one of the following:
- Provided by the user in the VIP’s
ipam_network_subnet
field - Selected from the list of usable networks in the IPAM profile attached to the cloud
Starting with Avi Vantage version 20.1.3, you can use specific sets of networks from the IPAM profile for VIP allocation.
Labels are added to both the usable networks in the IPAM profile and the vsvip.
Note: This feature is currently supported only via the CLI/API.
The usable networks and vsvip are matched as shown below:
-
A vsvip with label X can only use networks in the IPAM profile with label X
-
A vsvip with no labels can use any network in the IPAM profile (with and without labels)
The labels for the networks in the IPAM profile is configured inside the profile’s usable_networks
field. The labels on the vsvip is configured inside the ipam_selector
field.
Log in to the Contoller and configure internal IPAM for VIP labels as shown below:
[admin:1234]: > configure vsvip vsvip1
[admin:1234]: vsvip> vip vip_id 1
New object being created
[admin:1234]: vsvip:vip> auto_allocate_ip
[admin:1234]: vsvip:vip> save
[admin:1234]: vsvip> ipam_selector
[admin:1234]: vsvip:ipam_selector> type selector_ipam
[admin:1234]: vsvip:ipam_selector> labels
New object being created
[admin:1234]: vsvip:ipam_selector:labels> key key2
[admin:1234]: vsvip:ipam_selector:labels> value value2
[admin:1234]: vsvip:ipam_selector:labels> save
[admin:1234]: vsvip:ipam_selector> save
[admin:1234]: vsvip> save
Note: Starting with Avi Vantage version 20.1.3, the usable_networks_refs
field under internal_profile
has been deprecated. To add networks, use the usable_networks
field.
Changing an existing usable network’s labels or vsvip’s labels is allowed, and does not affect existing allocations. The new labels will be applicable for new allocations.
Only one label will be supported per usable network and per vsvip.
Additional Reading
Service Discovery Using IPAM and DNS
Document Revision History
Date | Change Summary |
---|---|
December 22, 2020 | Updated the content for Allocating Different IPAM Ranges for SEs and Virtual IPs |
December 22, 2020 | Updated the content for AInternal IPAM for VIP Labels |