System Requirements for GCP Deployment
Read this section to understand the system, resource, port, and licensing requirements for installing Juniper Cloud-Native Router on Google Cloud Platform (GCP).
Minimum Host System Requirements for GCP Deployment
Table 1 lists the host system requirements for installing Cloud-Native Router on GCP.
The settings below are pre-configured when you deploy Cloud-Native Router via the Google Cloud Marketplace.
Component | Value/Version | Notes |
---|---|---|
GCP Deployment | VM-based | |
Instance Type | n2-standard-16 | |
CPU | Intel x86 | The tested CPU is Intel Cascade Lake |
Host OS | Rocky Linux 8.8 (Green Obsidian) | |
Kernel Version |
Rocky Linux 4.18.X |
|
NIC | VirtIO NIC | |
Kubernetes (K8s) | 1.25.x | The tested K8s version is 1.25.5. The K8s version for Google Cloud Marketplace Cloud-Native Router subscription is v1.27.5. |
Calico | 3.25.1 | |
Multus | 4.0 | |
Helm | 3.9.x | |
Container-RT | containerd 1.7.x | Other container runtimes may work but have not been tested with JCNR. |
Note:
The component versions listed in this table are expected to work with JCNR, but not every version or combination is tested in every release. |
Resource Requirements for GCP Deployment
Table 2 lists the resource requirements for installing Cloud-Native Router on GCP.
Resource | Value | Usage Notes |
---|---|---|
Data plane forwarding cores | 1 core (1P + 1S) | |
Service/Control Cores | 0 | |
UIO Driver | VFIO-PCI | To enable, follow the steps below:cat /etc/modules-load.d/vfio.conf vfio vfio-pciEnable Unsafe IOMMU mode echo Y > /sys/module/vfio_iommu_type1/parameters/allow_unsafe_interrupts echo Y > /sys/module/vfio/parameters/enable_unsafe_noiommu_mode |
Hugepages (1G) | 6 Gi | See Configure the Number of Huge Pages Available on a Node. |
Cloud-Native Router Controller cores | .5 | |
Cloud-Native Router vRouter Agent cores | .5 |
Miscellaneous Requirements for GCP Deployment
Table 3 lists additional requirements for deploying Cloud-Native Router on GCP.
Requirement |
Example |
---|---|
Set IOMMU and IOMMU-PT in GRUB. |
Add the following line to
/etc/default/grub.GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0 default_hugepagesz=1G hugepagesz=1G hugepages=64 intel_iommu=on iommu=pt" Update grub and reboot. grub2-mkconfig -o /boot/grub2/grub.cfg reboot |
Additional kernel modules need to be loaded on the host before deploying
Cloud-Native Router in L3 mode. These modules are usually available in
Note:
Applicable for L3 deployments only. |
Create a /etc/modules-load.d/crpd.conf file and add the following kernel modules to it: tun fou fou6 ipip ip_tunnel ip6_tunnel mpls_gso mpls_router mpls_iptunnel vrf vxlan |
Enable kernel-based forwarding on the Linux host. |
ip fou add port 6635 ipproto 137 |
Enable IP Forwarding for VMs in GCP. |
Use one of these two methods to enable IP forwarding:
|
Enable Multi-IP subnet on Guest OS. |
gcloud compute images create debian-9-multi-ip-subnet \ --source-disk debian-9-disk \ --source-disk-zone us-west1-a \ --guest-os-features MULTI_IP_SUBNET |
Add firewall rules for loopback address for VPC. |
Configure the VPC firewall rule to allow ingress traffic with source filters set to the subnet range to which Cloud-Native Router is attached, along with the IP ranges or addresses for the loopback addresses. For example: Navigate to Firewall policies on the GCP console and create a firewall rule with the following attributes:
where 10.2.0.0/24 is the subnet to which Cloud-Native Router is attached and 10.51.2.0/24, 10.51.1.0/24, 10.12.2.2/32, and 10.13.3.3/32 are loopback IP ranges. |
Exclude Cloud-Native Router interfaces from NetworkManager control. |
NetworkManager is a tool in some operating systems to make the management of network interfaces easier. NetworkManager may make the operation and configuration of the default interfaces easier. However, it can interfere with Kubernetes management and create problems. To avoid NetworkManager from interfering with Cloud-Native Router interface configuration, exclude Cloud-Native Router interfaces from NetworkManager control. Here's an example on how to do this in some Linux distributions:
|
Verify the core_pattern value is set on the host before deploying JCNR. |
sysctl kernel.core_pattern kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e You can update the core_pattern in kernel.core_pattern=/var/crash/core_%e_%p_%i_%s_%h_%t.gz |
Note:
Here are additional restrictions:
|
Port Requirements
Juniper Cloud-Native Router listens on certain TCP and UDP ports. This section lists the port requirements for the cloud-native router.
Protocol | Port | Description |
---|---|---|
TCP | 8085 | vRouter introspect–Used to gain internal statistical information about vRouter |
TCP | 8070 | Telemetry Information- Used to see telemetry data from the Cloud-Native Router vRouter |
TCP | 8072 | Telemetry Information-Used to see telemetry data from Cloud-Native Router control plane |
TCP | 8075, 8076 | Telemetry Information- Used for gNMI requests |
TCP | 9091 | vRouter health check–cloud-native router checks to ensure the vRouter agent is running. |
TCP | 9092 | vRouter health check–cloud-native router checks to ensure the vRouter DPDK is running. |
TCP | 50052 | gRPC port–Cloud-Native Router listens on both IPv4 and IPv6 |
TCP | 8081 | Cloud-Native Router Deployer Port |
TCP | 24 | cRPD SSH |
TCP | 830 | cRPD NETCONF |
TCP | 666 | rpd |
TCP | 1883 | Mosquito mqtt–Publish/subscribe messaging utility |
TCP | 9500 | agentd on cRPD |
TCP | 21883 | na-mqttd |
TCP |
50053 |
Default gNMI port that listens to the client subscription request |
TCP | 51051 | jsd on cRPD |
UDP | 50055 | Syslog-NG |
Download Options
To deploy Cloud-Native Router on GCP, you can either download the Helm charts from the Juniper Networks software download site (see Cloud-Native Router Software Download Packages) or subscribe via the Google Cloud Marketplace.