1.1.3.1. Flexible InterConnectを設定する

各コマンドの実行については、rootユーザーに昇格して実行する前提で記載しています。

注釈

  • FICリソースの購入は、お申し込みを確定いただいた時点では有効になりません。各種のお申し込みがどのような状態にあるかは、以下コマンドを実行し、対象のリソースのstatusが「Completed」になったことを確認してから次のコマンドを実行してください。
    # cd /usr/local/sdpf/fic
    # bash fic-operation-check.sh
    
    {
        "id": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
        "tenantId": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
        "resourceId": "XXXXXXXXXXXXX",
        "resourceName": "XXXXXXXXX",
        "resourceType": "NAT",
        "requestType": "Activate",
        "status": "Completed", ★「Completed」になっていること。
        ~以降省略~
    
  1. 以下のコマンドを実行し、FIC-Routerの情報を一覧で取得します。
    # cd /usr/local/sdpf/fic
    # bash fic-router-check.sh
    
    {
        "routers": [
            {
                "id": "XXXXXXXXXXXXX", ★「FIC-RouterのID」に該当。
                "tenantId": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
                "name": "FIC-Router01",
                "area": "JPEAST",
                "userIpAddress": "xxx.xxx.xxx.xxx/xx",
                "isPublicServiceEndpoint": false,
                "redundant": true,
                "operationStatus": "Completed",
                "firewalls": [
                    {
                        "id": "XXXXXXXXXXXXX",
                        "isActivated": false
                    }
                ],
                "nats": [
                    {
                        "id": "XXXXXXXXXXXXX", ★「FIC-NATのID」に該当。
                        "isActivated": false
                    }
                ],
                "routingGroups": [
                ~以降省略~
    
  2. 手順1の実行結果内に記載されているID情報を「fic-snat-activate.sh」内に反映後、以下のコマンドを実行し、FIC-NATを有効化します。
    # bash fic-snat-activate.sh
    
    HTTP/1.1 202 Accepted
    Server: nginx
    Date: Mon, 17 Apr 2023 05:32:29 GMT
    Content-Type: application/json
    Content-Length: 672
    Connection: keep-alive
    via: 1.1 google
    alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    access-control-allow-origin: *
    access-control-allow-headers: origin, x-requested-with, accept, Authorization, Content-Type
    access-control-max-age: 1728000
    access-control-allow-methods: *
    x-request-id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    
    {"nat":{"id":"XXXXXXXXXXXXX","tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","redundant":true,"isActivated":true,"operationStatus":"Processing","sourceNaptRules":[],"destinationNatRules":[],"userIpAddresses":["10.255.247.0/30","10.255.247.4/30","10.255.247.8/30","10.255.247.12/30","10.255.247.16/30","10.255.247.20/30","10.255.247.24/30","10.255.247.28/30"],"globalIpAddressSets":[{"id":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX","name":"src-set-01","type":"sourceNapt","natComponentId":"XXXXXXXXXXXXX","operationStatus":"Processing","tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","numOfAddresses":1,"addresses":["XXX.XXXX.XXX.XXX ★「FIC-NATのグローバルIPアドレス」に該当。"]}],"operationId":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}
    
  3. 手順1の実行結果内に記載されているID情報を「fic-snat-policy.sh」内に反映後、以下のコマンドを実行し、FIC-NATの詳細設定を行います。
    # bash fic-snat-policy.sh
    
    HTTP/1.1 202 Accepted
    Server: nginx
    Date: Mon, 17 Apr 2023 05:36:39 GMT
    Content-Type: application/json
    Content-Length: 478
    Connection: keep-alive
    via: 1.1 google
    alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    access-control-allow-origin: *
    access-control-allow-headers: origin, x-requested-with, accept, Authorization, Content-Type
    access-control-max-age: 1728000
    access-control-allow-methods: *
    x-request-id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    
    {"nat":{"id":"XXXXXXXXXXXXX","tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","redundant":true,"isActivated":true,"operationStatus":"Processing","sourceNaptRules":[{"from":["group_1"],"to":"group_2","entries":[{"then":["src-set-01"]}]}],"destinationNatRules":[],"userIpAddresses":["10.255.247.0/30","10.255.247.4/30","10.255.247.8/30","10.255.247.12/30","10.255.247.16/30","10.255.247.20/30","10.255.247.24/30","10.255.247.28/30"],"operationId":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}
    
  4. 手順1の実行結果内に記載されているID情報を「fic-sdpf-connection.sh」内に反映後、以下のコマンドを実行し、SDPFクラウドへのコネクションを作成します。
    # bash fic-sdpf-connection.sh
    
    HTTP/1.1 202 Accepted
    Server: nginx
    Date: Mon, 17 Apr 2023 05:39:14 GMT
    Content-Type: application/json
    Content-Length: 680
    Connection: keep-alive
    via: 1.1 google
    alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    access-control-allow-origin: *
    access-control-allow-headers: origin, x-requested-with, accept, Authorization, Content-Type
    access-control-max-age: 1728000
    access-control-allow-methods: *
    x-request-id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    
    {"connection":{"id":"XXXXXXXXXXXXX","name":"SDPF-Connection","redundant":true,"tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","area":"JPEAST","operationStatus":"Processing","bandwidth":"XXX","source":{"tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","routerId":"XXXXXXXXXXXXX","groupName":"group_1","routeFilter":{"in":"fullRoute","out":"fullRoute"}},"destination":{"interconnect":"XXX-XXX","qosType":"guarantee","eclTenantId":"YYYYYYYYYYYYYYYYYYYYYYYYYYYYY","eclApiKey":"AAAAAAAAAA","eclApiSecretKey":"BBBBBBBBBB"},"primaryConnectedNwAddress":"10.0.0.44/30","secondaryConnectedNwAddress":"10.0.0.48/30","operationId":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}
    
  5. 手順1の実行結果内に記載されているID情報を「fic-wasabi-connection.sh」内に反映後、以下のコマンドを実行し、Wasabiへのコネクションを作成します。
    # bash fic-wasabi-connection.sh
    
    HTTP/1.1 202 Accepted
    Server: nginx
    Date: Mon, 17 Apr 2023 05:46:04 GMT
    Content-Type: application/json
    Content-Length: 410
    Connection: keep-alive
    via: 1.1 google
    alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    access-control-allow-origin: *
    access-control-allow-headers: origin, x-requested-with, accept, Authorization, Content-Type
    access-control-max-age: 1728000
    access-control-allow-methods: *
    x-request-id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    
    {"connection":{"id":"XXXXXXXXXXXXX","name":"Wasabi-Connection","redundant":true,"tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","area":"JPEAST","operationStatus":"Processing","source":{"routerId":"XXXXXXXXXXXXX","groupName":"group_2","routeFilter":{"in":"fullRoute"}},"destination":{"interconnect":"XX-XXXXXXXXX-XXXXX","qosType":"guarantee"},"bandwidth":"XXX","operationId":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}