The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
You can deploy Cisco ICFPP in the service provider data center in the following configurations:
Standalone—Deployment on a single node.
Multiple-node cluster—Deployment on multiple nodes including a high-availability (HA) pair and additional service nodes.
Cluster deployments are most effective when they are configured behind a load balancer. After these configurations are deployed, a provider-supplied load balancer is expected to manage cookie-based sessions and direct requests and responses appropriately.
For more information, see the following topics:
In a standalone configuration, Cisco ICFPP is deployed as a single virtual appliance that provides services and acts independently of other Cisco ICFPP nodes. A standalone configuration is appropriate for environments in which redundancy is not a concern.
Cisco ICFPP is installed in OpenStack environments using the Standalone role only. After installation, you can configure the Cisco ICFPP virtual appliance as a primary node or service node as appropriate for your environment.
In a cluster configuration, Cisco ICFPP supports large-scale operations in provider environments by deploying multiple Cisco ICFPP nodes. A provider-supplied load balancer distributes the load across the service nodes.
In a cluster configuration, Cisco ICFPP is deployed on multiple virtual appliances using the Primary Node and Service Node roles, as shown in the following figure.
A multiple-node cluster contains the following components:
Two Cisco ICFPP virtual appliances with the Primary Node role that are deployed in an HA configuration.
Two or more Cisco ICFPP virtual appliances that are deployed as service nodes.
A load balancer that forwards incoming traffic to the service nodes only.
In an HA configuration, Cisco ICFPP is deployed on two virtual appliances, both using the Primary Node role. Each virtual appliance in an HA pair includes a database for replication purposes. After both Cisco ICFPP appliances are deployed, you specify which node is active and which is standby.
The following concepts apply when Cisco ICFPP is deployed in an HA configuration:
The Cisco ICFPP appliances in an HA pair have different management IP addresses.
A single virtual IP address (VIP) is assigned to the active node.
If the active node fails, the VIP is transferred to the standby node.
When the original active node recovers, the VIP remains with the original standby node until that node fails.
Database replication works as follows:
In a cluster configuration, Cisco ICFPP manages communications as follows:
Each service node establishes a connection with the database on the active node in the HA pair by using the virtual IP address for the HA pair.
The load balancer accepts requests from Cisco Intercloud Fabric Director.
The load balancer distributes the requests to the service nodes using a round-robin algorithm.
Each new user session is directed to a different service node.
Subsequent requests from the same session are sent to the same service node.
The service node responds via the load balancer.
Session persistence is managed by means of a PERSISTICFPP cookie that Cisco ICFPP issues. The cookie is generated when a user logs in and ensures that all requests from that user session are directed to the same node. If a service node fails, the load balancer forwards requests for that service node to a different service node. The new receiving node requires Cisco Intercloud Fabric Director to log in and then accepts new requests.
Note | The service provider load balancer must be configured to persist sessions based on the PERSISTICFPP cookie. |
The deployment workflow that you use depends on whether Cisco ICFPP is deployed on VMware or OpenStack.
The following table describes the high-level tasks required to deploy Cisco ICFPP in a multiple-node cluster in a VMware environment.
Step |
Task |
Related Information |
||
---|---|---|---|---|
1. |
Install two Cisco ICFPP virtual appliances using the Primary Node role. |
|||
2. |
Install two or more Cisco ICFPP virtual appliances using the Service Node role. |
|||
3. |
Configure HA on the appliances with the Primary Node role. |
|||
4. |
Configure a load balancer for all service nodes in the cluster.
|
Your load balancer documentation |
||
5. |
Configure communications for the cluster with Cisco Intercloud Fabric Director. |
Cisco Intercloud Fabric Getting Started Guide |
The following table describes the high-level tasks required to deploy Cisco ICFPP in a multiple-node cluster in an OpenStack environment.
Step |
Task |
Related Information |
||
---|---|---|---|---|
1. |
Install four or more Cisco ICFPP virtual appliances using the Standalone Node role. |
|||
2. |
Configure two appliances with the Primary Node role. |
|||
3. |
Configure the remaining appliances with the Service Node role. |
|||
4. |
Configure HA on the appliances with the Primary Node role. |
|||
5. |
Configure the HA nodes to permit network traffic via the VIP address. |
|||
6. |
Configure a load balancer for the service nodes in the cluster.
|
Your load balancer documentation |
||
7. |
Configure communications for the cluster with Cisco Intercloud Fabric Director. |
Cisco Intercloud Fabric Getting Started Guide |