1.1.3.1. Flexible InterConnectの設定をする

各コマンドの実行については、rootユーザーに昇格して実行する前提で記載しています。

注釈

  • FICリソースの購入は、お申し込みを確定いただいた時点では有効になりません。各種のお申し込みがどのような状態にあるかは、以下コマンドを実行し、対象のリソースのstatusが「Completed」になったことを確認してから次のコマンドを実行してください。
    # cd /usr/local/sdpf/fic
# bash fic-operation-check.sh

    {
    "id": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "tenantId": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
    "resourceId": "XXXXXXXXXXXXX",
    "resourceName": "XXXXXXXXX",
    "resourceType": "NAT",
    "requestType": "Activate",
    "status": "Completed", ★「Completed」になっていること。
    ~以降省略~
  1. 以下のコマンドを実行し、FIC-Routerの情報を一覧で取得します。
    # cd /usr/local/sdpf/fic
# bash fic-router-check.sh

    {
    "routers": [
        {
            "id": "XXXXXXXXXXXXX", ★「FIC-RouterのID」に該当。
            "tenantId": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
            "name": "FIC-Router01",
            "area": "JPEAST",
            "userIpAddress": "xxx.xxx.xxx.xxx/xx",
            "isPublicServiceEndpoint": false,
            "redundant": true,
            "operationStatus": "Completed",
            "firewalls": [
                {
                    "id": "XXXXXXXXXXXXX",
                    "isActivated": false
                }
            ],
            "nats": [
                {
                    "id": "XXXXXXXXXXXXX", ★「FIC-NATのID」に該当。
                    "isActivated": false
                }
            ],
            "routingGroups": [
            ~以降省略~
  2. 手順1の実行結果内に記載されているID情報を「fic-snat-activate.sh」内に反映後、以下のコマンドを実行し、FIC-NATを有効化します。
    # bash fic-snat-activate.sh

    HTTP/1.1 202 Accepted
Server: nginx
Date: Mon, 17 Apr 2023 05:32:29 GMT
Content-Type: application/json
Content-Length: 672
Connection: keep-alive
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, accept, Authorization, Content-Type
access-control-max-age: 1728000
access-control-allow-methods: *
x-request-id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

{"nat":{"id":"XXXXXXXXXXXXX","tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","redundant":true,"isActivated":true,"operationStatus":"Processing","sourceNaptRules":[],"destinationNatRules":[],"userIpAddresses":["10.255.247.0/30","10.255.247.4/30","10.255.247.8/30","10.255.247.12/30","10.255.247.16/30","10.255.247.20/30","10.255.247.24/30","10.255.247.28/30"],"globalIpAddressSets":[{"id":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX","name":"src-set-01","type":"sourceNapt","natComponentId":"XXXXXXXXXXXXX","operationStatus":"Processing","tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","numOfAddresses":1,"addresses":["XXX.XXXX.XXX.XXX ★「FIC-NATのグローバルIPアドレス」に該当。"]}],"operationId":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}
  3. 手順1の実行結果内に記載されているID情報を「fic-snat-policy.sh」内に反映後、以下のコマンドを実行し、FIC-NATの詳細設定を行います。
    # bash fic-snat-policy.sh

    HTTP/1.1 202 Accepted
Server: nginx
Date: Mon, 17 Apr 2023 05:36:39 GMT
Content-Type: application/json
Content-Length: 478
Connection: keep-alive
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, accept, Authorization, Content-Type
access-control-max-age: 1728000
access-control-allow-methods: *
x-request-id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

{"nat":{"id":"XXXXXXXXXXXXX","tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","redundant":true,"isActivated":true,"operationStatus":"Processing","sourceNaptRules":[{"from":["group_1"],"to":"group_2","entries":[{"then":["src-set-01"]}]}],"destinationNatRules":[],"userIpAddresses":["10.255.247.0/30","10.255.247.4/30","10.255.247.8/30","10.255.247.12/30","10.255.247.16/30","10.255.247.20/30","10.255.247.24/30","10.255.247.28/30"],"operationId":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}
  4. 手順1の実行結果内に記載されているID情報を「fic-sdpf-connection.sh」内に反映後、以下のコマンドを実行し、SDPFクラウドへのコネクションを作成します。
    # bash fic-sdpf-connection.sh

    HTTP/1.1 202 Accepted
Server: nginx
Date: Mon, 17 Apr 2023 05:39:14 GMT
Content-Type: application/json
Content-Length: 680
Connection: keep-alive
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, accept, Authorization, Content-Type
access-control-max-age: 1728000
access-control-allow-methods: *
x-request-id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

{"connection":{"id":"XXXXXXXXXXXXX","name":"SDPF-Connection","redundant":true,"tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","area":"JPEAST","operationStatus":"Processing","bandwidth":"XXX","source":{"tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","routerId":"XXXXXXXXXXXXX","groupName":"group_1","routeFilter":{"in":"fullRoute","out":"fullRoute"}},"destination":{"interconnect":"XXX-XXX","qosType":"guarantee","eclTenantId":"YYYYYYYYYYYYYYYYYYYYYYYYYYYYY","eclApiKey":"AAAAAAAAAA","eclApiSecretKey":"BBBBBBBBBB"},"primaryConnectedNwAddress":"10.0.0.44/30","secondaryConnectedNwAddress":"10.0.0.48/30","operationId":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}
  5. 手順1の実行結果内に記載されているID情報を「fic-wasabi-connection.sh」内に反映後、以下のコマンドを実行し、Wasabiへのコネクションを作成します。
    # bash fic-wasabi-connection.sh

    HTTP/1.1 202 Accepted
Server: nginx
Date: Mon, 17 Apr 2023 05:46:04 GMT
Content-Type: application/json
Content-Length: 410
Connection: keep-alive
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, accept, Authorization, Content-Type
access-control-max-age: 1728000
access-control-allow-methods: *
x-request-id: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

{"connection":{"id":"XXXXXXXXXXXXX","name":"Wasabi-Connection","redundant":true,"tenantId":"XXXXXXXXXXXXXXXXXXXXXXXXXX","area":"JPEAST","operationStatus":"Processing","source":{"routerId":"XXXXXXXXXXXXX","groupName":"group_2","routeFilter":{"in":"fullRoute"}},"destination":{"interconnect":"XX-XXXXXXXXX-XXXXX","qosType":"guarantee"},"bandwidth":"XXX","operationId":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"}}
1.1.3. 自動構築を実行する
1.1.3.2. Wasabiオブジェクトストレージの設定をする