As part of the Red Hat OpenShift Multi-Arch Compute effort, I’ve been working on Power and Intel Compute architecture pairs:
- Intel Control Plane with Power and Intel Compute
- Power Control Plane with Power and Intel Compute
This article helps setup an IBM Cloud VPC with IBM Power Virtual Server, you can follow this recipe:
- Install ibmcloud cli
curl -fsSL https://clis.cloud.ibm.com/install/linux | sh - Install the Power IAAS, Transit Gateway, Cloud Internet Services, and Infrastructure Service plugins
ibmcloud plugin install power-iaas tg-cli vpc-infrastructure cis - Login to ibmcloud cli
ibmcloud login --apikey API_KEY -r us-east - List the datacenters
ibmcloud pi datacentersin our case we want wdc06 - List the resource group id
❯ ibmcloud resource group dev-resource-group
❯ ibmcloud resource group dev-resource-group
Retrieving resource group dev-resource-group under account 555555555555555 as email@id.xyz...
OK
Name: dev-resource-group
Account ID: 555555555555555
ID: 44444444444444444
Default Resource Group: false
State: ACTIVE
- Create a Workspace on a Power Edge Router enabled PowerVS zone.
ibmcloud pi workspace-create rdr-mac-p2-wdc06 --datacenter wdc06 --group 44444444444444444 --plan public
❯ ibmcloud pi workspace-create rdr-mac-p2-wdc06 --datacenter wdc06 --group 44444444444444444 --plan public
Creating workspace rdr-mac-p2-wdc06...
Name rdr-mac-p2-wdc06
Plan ID f165dd34-3a40-423b-9d95-e90a23f724dd
- Get the ID (2nd in response)
❯ ibmcloud pi workspaces 2>&1 | grep rdr-mac-p2-wdc06
crn:v1:bluemix:public:power-iaas:wdc06:a/555555555555555:7777777-6666-5555-44444-1111111:: 7777777-6666-5555-44444-1111111 rdr-mac-p2-wdc06
- Get the workspace, and check if it’s
statusis active
❯ ibmcloud pi workspace 7777777-6666-5555-44444-1111111 --json
{
"capabilities": {
"cloud-connections": false,
"power-edge-router": true,
"power-vpn-connections": false,
"transit-gateway-connection": false
},
"details": {
"creationDate": "2024-01-24T20:52:59.178Z",
"crn": "crn:v1:bluemix:public:power-iaas:wdc06:a/555555555555555:7777777-6666-5555-44444-1111111::",
"powerEdgeRouter": {
"state": "active",
"type": "automated"
}
},
"id": "7777777-6666-5555-44444-1111111",
"location": {
"region": "wdc06",
"type": "data-center",
"url": "https://us-east.power-iaas.cloud.ibm.com"
},
"name": "rdr-mac-p2-wdc06",
"status": "active",
"type": "off-premises"
}
- Target the workspace
❯ ibmcloud pi service-target crn:v1:bluemix:public:power-iaas:wdc06:a/555555555555555:7777777-6666-5555-44444-1111111::
Targeting service crn:v1:bluemix:public:power-iaas:wdc06:a/555555555555555:7777777-6666-5555-44444-1111111::...
- Create a Power Network using the CRN so there is an IP Range for the Power workers.
❯ ibmcloud pi network-create-private ocp-net --dns-servers 9.9.9.9 --jumbo --cidr-block 192.168.200.0/24 --gateway 192.168.200.1 --ip-range 192.168.200.10-192.168.200.250
Creating network ocp-net under account Power Cloud - pcloudci as user email@id.xyz...
Network ocp-net created.
ID 3e1add7e-1a12-4a50-9325-87f957b0cd63
Name ocp-net
Type vlan
VLAN 797
CIDR Block 192.168.200.0/24
IP Range [192.168.200.10 192.168.200.250]
Gateway 192.168.200.1
DNS 9.9.9.9, 161.26.0.10, 161.26.0.11
- Import the Centos8 stock image
❯ ibmcloud pi image-create CentOS-Stream-8
Creating new image from CentOS-Stream-8 under account Power Cloud - pcloudci as user email@id.xyz...
Image created from CentOS-Stream-8.
Image 4904b3db-1dde-4f3c-a696-92f068816f6f
Name CentOS-Stream-8
Arch ppc64
Container Format bare
Disk Format raw
Hypervisor phyp
Type stock
OS rhel
Size 120
Created 2024-01-24T21:00:29.000Z
Last Updated 2024-01-24T21:00:29.000Z
Description
Storage Type
Storage Pool
- Find the closest location.
❯ ibmcloud tg locations
Listing Transit Service locations under account Power Cloud - pcloudci as user email@id.xyz...
OK
Location Location Type Billing Location
eu-es region eu
eu-de region eu
au-syd region ap
eu-gb region eu
br-sao region br
jp-osa region ap
jp-tok region ap
ca-tor region ca
us-south region us
us-east region us
- Create the Transit Gateway
# ibmcloud tg gateway-create --name rdr-mac-p2-wdc06-tg --location us-east --routing global \
--resource-group-id 44444444444444444 --output json
{
"created_at": "2024-01-24T21:09:23.184Z",
"crn": "crn:v1:bluemix:public:transit:us-east:a/555555555555555::gateway:3333333-22222-1111-0000-dad4b38f5063",
"global": true,
"id": "3333333-22222-1111-0000-dad4b38f5063",
"location": "us-east",
"name": "rdr-mac-p2-wdc06-tg",
"resource_group": {
"id": "44444444444444444"
},
"status": "pending"
}%
- Wait until the transit gateway is available.
❯ ibmcloud tg gw 3333333-22222-1111-0000-dad4b38f5063 --output json
{
"created_at": "2024-01-24T21:09:23.184Z",
"crn": "crn:v1:bluemix:public:transit:us-east:a/555555555555555::gateway:3333333-22222-1111-0000-dad4b38f5063",
"global": true,
"id": "3333333-22222-1111-0000-dad4b38f5063",
"location": "us-east",
"name": "rdr-mac-p2-wdc06-tg",
"resource_group": {
"id": "44444444444444444"
},
"status": "available"
}
- Create a VPC with at least one subnet with a Public Gateway
ibmcloud is vpc-create rdr-mac-p2-wdc06-vpc --resource-group-id 44444444444444444 --output JSON
{
"classic_access": false,
"created_at": "2024-01-24T21:12:46.000Z",
"crn": "crn:v1:bluemix:public:is:us-east:a/555555555555555::vpc:r001-372372bb-5f18-4e36-8b39-4444444333",
"cse_source_ips": [
{
"ip": {
"address": "10.12.98.66"
},
"zone": {
"href": "https://us-east.iaas.cloud.ibm.com/v1/regions/us-east/zones/us-east-1",
"name": "us-east-1"
}
},
{
"ip": {
"address": "10.12.108.205"
},
"zone": {
"href": "https://us-east.iaas.cloud.ibm.com/v1/regions/us-east/zones/us-east-2",
"name": "us-east-2"
}
},
{
"ip": {
"address": "10.22.56.222"
},
"zone": {
"href": "https://us-east.iaas.cloud.ibm.com/v1/regions/us-east/zones/us-east-3",
"name": "us-east-3"
}
}
],
"default_network_acl": {
"crn": "crn:v1:bluemix:public:is:us-east:a/555555555555555::network-acl:r001-0a0afc6c-0943-4a0f-b998-e5e87ec93668",
"href": "https://us-east.iaas.cloud.ibm.com/v1/network_acls/r001-0a0afc6c-0943-4a0f-b998-e5e87ec93668",
"id": "r001-0a0afc6c-0943-4a0f-b998-e5e87ec93668",
"name": "causation-browse-capture-behind"
},
"default_routing_table": {
"href": "https://us-east.iaas.cloud.ibm.com/v1/vpcs/r001-372372bb-5f18-4e36-8b39-4444444333/routing_tables/r001-216fb1f5-da8f-447e-8515-649bc76b83aa",
"id": "r001-216fb1f5-da8f-447e-8515-649bc76b83aa",
"name": "retaining-acquaint-retiring-curry",
"resource_type": "routing_table"
},
"default_security_group": {
"crn": "crn:v1:bluemix:public:is:us-east:a/555555555555555::security-group:r001-ffa5c27a-6073-4e2e-b679-64560cff8b5b",
"href": "https://us-east.iaas.cloud.ibm.com/v1/security_groups/r001-ffa5c27a-5f18-5f18-b679-4444444333",
"id": "r001-ffa5c27a-6073-4e2e-b679-64560cff8b5b",
"name": "jailer-lurch-treasure-glacial"
},
"dns": {
"enable_hub": false,
"resolution_binding_count": 0,
"resolver": {
"servers": [
{
"address": "161.26.0.10"
},
{
"address": "161.26.0.11"
}
],
"type": "system",
"configuration": "default"
}
},
"health_reasons": null,
"health_state": "inapplicable",
"href": "https://us-east.iaas.cloud.ibm.com/v1/vpcs/r001-372372bb-5f18-4e36-8b39-4444444333",
"id": "r001-372372bb-5f18-4e36-8b39-4444444333",
"name": "rdr-mac-p2-wdc06-vpc",
"resource_group": {
"href": "https://resource-controller.cloud.ibm.com/v2/resource_groups/44444444444444444",
"id": "44444444444444444",
"name": "dev-resource-group"
},
"resource_type": "vpc",
"status": "pending"
}
- Check the status is
available
❯ ibmcloud is vpc rdr-mac-p2-wdc06-vpc --output json | jq -r '.status'
available
- Add a subnet
❯ ibmcloud is subnet-create sn01 rdr-mac-p2-wdc06-vpc \
--resource-group-id 44444444444444444 \
--ipv4-address-count 256 --zone us-east-1
Creating subnet sn01 in resource group 44444444444444444 under account Power Cloud - pcloudci as user email@id.xyz...
ID 0757-46e9ca2e-4c63-4bce-8793-f04251d9bdb3
Name sn01
CRN crn:v1:bluemix:public:is:us-east-1:a/555555555555555::subnet:0757-46e9ca2e-4c63-4bce-8793-f04251d9bdb3
Status pending
IPv4 CIDR 10.241.0.0/24
Address available 251
Address total 256
Zone us-east-1
Created 2024-01-24T16:18:10-05:00
ACL ID Name
r001-0a0afc6c-0943-4a0f-b998-e5e87ec93668 causation-browse-capture-behind
Routing table ID Name
r001-216fb1f5-da8f-447e-8515-649bc76b83aa retaining-acquaint-retiring-curry
Public Gateway -
VPC ID Name
r001-372372bb-5f18-4e36-8b39-4444444333 rdr-mac-p2-wdc06-vpc
Resource group ID Name
44444444444444444 dev-resource-group
- Attach a public gateway to the subnet
❯ ibmcloud is public-gateway-create gw01 rdr-mac-p2-wdc06-vpc us-east-1 \
--resource-group-id 44444444444444444 \
--output JSON
{
"created_at": "2024-01-24T21:21:18.000Z",
"crn": "crn:v1:bluemix:public:is:us-east-1:a/555555555555555::public-gateway:r001-f5f27e42-aed6-4b1a-b121-f234e5149416",
"floating_ip": {
"address": "150.239.80.219",
"crn": "crn:v1:bluemix:public:is:us-east-1:a/555555555555555::floating-ip:r001-022b865a-4674-4791-94f7-ee4fac646287",
"href": "https://us-east.iaas.cloud.ibm.com/v1/floating_ips/r001-022b865a-4674-4791-94f7-ee4fac646287",
"id": "r001-022b865a-4674-4791-94f7-ee4fac646287",
"name": "gw01"
},
"href": "https://us-east.iaas.cloud.ibm.com/v1/public_gateways/r001-f5f27e42-aed6-4b1a-b121-f234e5149416",
"id": "r001-f5f27e42-aed6-4b1a-b121-f234e5149416",
"name": "gw01",
"resource_group": {
"href": "https://resource-controller.cloud.ibm.com/v2/resource_groups/44444444444444444",
"id": "44444444444444444",
"name": "dev-resource-group"
},
"resource_type": "public_gateway",
"status": "available",
"vpc": {
"crn": "crn:v1:bluemix:public:is:us-east:a/555555555555555::vpc:r001-372372bb-5f18-4e36-8b39-4444444333",
"href": "https://us-east.iaas.cloud.ibm.com/v1/vpcs/r001-372372bb-5f18-4e36-8b39-4444444333",
"id": "r001-372372bb-5f18-4e36-8b39-4444444333",
"name": "rdr-mac-p2-wdc06-vpc",
"resource_type": "vpc"
},
"zone": {
"href": "https://us-east.iaas.cloud.ibm.com/v1/regions/us-east/zones/us-east-1",
"name": "us-east-1"
}
}%
- Attach the Public Gateway to the Subnet
❯ ibmcloud is subnet-update sn01 --vpc rdr-mac-p2-wdc06-vpc \
--pgw gw01
Updating subnet sn01 under account Power Cloud - pcloudci as user email@id.xyz...
ID 0757-46e9ca2e-4c63-4bce-8793-f04251d9bdb3
Name sn01
CRN crn:v1:bluemix:public:is:us-east-1:a/555555555555555::subnet:0757-46e9ca2e-4c63-4bce-8793-f04251d9bdb3
Status pending
IPv4 CIDR 10.241.0.0/24
Address available 251
Address total 256
Zone us-east-1
Created 2024-01-24T16:18:10-05:00
ACL ID Name
r001-0a0afc6c-0943-4a0f-b998-e5e87ec93668 causation-browse-capture-behind
Routing table ID Name
r001-216fb1f5-da8f-447e-8515-649bc76b83aa retaining-acquaint-retiring-curry
Public Gateway ID Name
r001-f5f27e42-aed6-4b1a-b121-f234e5149416 gw01
VPC ID Name
r001-372372bb-5f18-4e36-8b39-4444444333 rdr-mac-p2-wdc06-vpc
Resource group ID Name
44444444444444444 dev-resource-group
- Attach the PER network to the TG
❯ ibmcloud tg connection-create 3333333-22222-1111-0000-dad4b38f5063 --name powervs-conn --network-id crn:v1:bluemix:public:power-iaas:wdc06:a/555555555555555:7777777-6666-5555-44444-1111111:: --network-type power_virtual_server --output json
{
"created_at": "2024-01-25T00:37:37.364Z",
"id": "75646025-3ea2-45e2-a5b3-36870a9de141",
"name": "powervs-conn",
"network_id": "crn:v1:bluemix:public:power-iaas:wdc06:a/555555555555555:7777777-6666-5555-44444-1111111::",
"network_type": "power_virtual_server",
"prefix_filters": null,
"prefix_filters_default": "permit",
"status": "pending"
}
- You should see the status
attached
❯ ibmcloud tg connection 3333333-22222-1111-0000-dad4b38f5063 75646025-3ea2-45e2-a5b3-36870a9de141 --output json | jq -r '.status'
attached
- Attach the VPC to the TG
❯ ibmcloud tg connection-create 3333333-22222-1111-0000-dad4b38f5063 --name vpc-conn --network-id crn:v1:bluemix:public:is:us-east:a/555555555555555::vpc:r001-372372bb-5f18-4e36-8b39-4444444333 --network-type vpc --output json
{
"created_at": "2024-01-25T00:40:26.629Z",
"id": "777777777-eef2-4a27-832d-6c80d2ac599f",
"name": "vpc-conn",
"network_id": "crn:v1:bluemix:public:is:us-east:a/555555555555555::vpc:r001-372372bb-5f18-4e36-8b39-4444444333",
"network_type": "vpc",
"prefix_filters": null,
"prefix_filters_default": "permit",
"status": "pending"
}
- Check the status it should be attached
❯ ibmcloud tg connection 3333333-22222-1111-0000-dad4b38f5063 777777777-eef2-4a27-832d-6c80d2ac599f --output json | jq -r '.status'
attached
You now have a VPC and a Power Workspace connected. The next step is to setup the Security Groups to enable communication between subnets.
More details to come and help your adoption of Multi-Arch Compute.
Leave a Reply