System Requirements for Azure Deployment
Read this section to understand the system, resource, port, and licensing requirements for installing Juniper Cloud-Native Router on Microsoft Azure Cloud Platform.
Minimum Host System Requirements for Azure
Table 1 lists the host system requirements for installing JCNR on Azure.
| Component | Value/Version | Notes |
|---|---|---|
| Azure Deployment | VM-based | |
| Instance Type | Standard_F16s_v2 | |
| CPU | Intel x86 | The tested CPU is Intel Cascade Lake |
| Host OS | Rocky Linux 8.7 | |
| Kernel Version |
Rocky Linux: 4.18.X |
The tested kernel version is 4.18.0-477.15.1.el8_8.cloud.x86_64 |
| Kubernetes (K8s) | Version 1.25.x | The tested K8s version is 1.25.5 |
| Calico | Version 3.25.1 | |
| Multus | Version 4.0 | |
| Helm | 3.9.x | |
| Container-RT | containerd 1.7.x | Other container runtimes may work but have not been tested with JCNR. |
Resource Requirements for Azure
Table 2 lists the resource requirements for installing JCNR on Azure.
| Resource | Value | Usage Notes |
|---|---|---|
| Data plane forwarding cores | 2 cores (2P + 2S) | |
| Service/Control Cores | 0 | |
| UIO Driver |
uio_hv_generic |
To enable, add the following modules to be loaded at boot: cat /etc/modules-load.d/k8s.conf uio uio_hv_genericib_uverbs mlx4_ib The above libraries are provided by ibverbs package. |
| Hugepages (1G) | 6 Gi | Add GRUB_CMDLINE_LINUX_DEFAULT values in
/etc/default/grub. For example:
GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0 default_hugepagesz=1G hugepagesz=1G hugepages=6 intel_iommu=on iommu=pt" Update grub and reboot the host. For example: grub2-mkconfig -o /boot/grub2/grub.cfg reboot Verify the hugepage is set by executing the following commands: cat /proc/cmdline grep -i hugepages /proc/meminfo Note:
This 6 x 1GB hugepage requirement is the minimum for a basic L2 mode setup. Increase this number for more elaborate installations. For example, in an L3 mode setup with 2 NUMA nodes and 256k descriptors, set the number of 1GB hugepages to 10 for best performance. |
| JCNR Controller cores | .5 | |
| JCNR vRouter Agent cores | .5 |
Miscellaneous Requirements for Azure
Table 3 lists additional requirements for installing JCNR on Azure.
|
Requirement |
Example |
|---|---|
|
Set IOMMU and IOMMU-PT in GRUB. |
Add the following line to
/etc/default/grub.GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0 default_hugepagesz=1G hugepagesz=1G hugepages=64 intel_iommu=on iommu=pt" Update grub and reboot. grub2-mkconfig -o /boot/grub2/grub.cfg reboot |
|
Additional kernel modules need to be loaded on the host before deploying JCNR in
L3 mode. These modules are usually available in
Note:
Applicable for L3 deployments only. |
Create a /etc/modules-load.d/crpd.conf file and add the following kernel modules to it: tun fou fou6 ipip ip_tunnel ip6_tunnel mpls_gso mpls_router mpls_iptunnel vrf vxlan |
|
Enable kernel-based forwarding on the Linux host. |
ip fou add port 6635 ipproto 137 |
|
Add firewall rules for loopback address for VPC. |
Configure the VPC firewall rule to allow ingress traffic with source filters set to the subnet range to which JCNR is attached, along with the IP ranges or addresses for the loopback addresses. For example: Navigate to Firewall policies on the Azure console and create a firewall rule with the following attributes:
where 10.2.0.0/24 is the subnet to which JCNR is attached and 10.51.2.0/24, 10.51.1.0/24, 10.12.2.2/32, and 10.13.3.3/32 are loopback IP ranges. |
|
Set the MTU on all fabric interfaces to 1500 bytes. |
After JCNR comes up, use the cRPD CLI to set the MTU size on all fabric interfaces to 1500 bytes. Microsoft Azure Cloud Platform recommends an MTU size less than or equal to 1500 bytes on all interfaces that connect directly to the Azure infrastructure. These interfaces are the JCNR fabric interfaces. Failure to follow this rule might lead to packet drops. For information on how to access the cRPD CLI, see Access cRPD CLI. |
|
Ensure accelerated networking is enabled for the fabric interface. |
If accelerated networking is enabled properly, two interfaces become available for the fabric interface. For example: 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:22:48:23:3b:9e brd ff:ff:ff:ff:ff:ff
inet 10.225.0.6/24 brd 10.225.0.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::222:48ff:fe23:3b9e/64 scope link
valid_lft forever preferred_lft forever
4: enP22960s2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master eth1 state UP group default qlen 1000
link/ether 00:22:48:23:3b:9e brd ff:ff:ff:ff:ff:ff
altname enP22960p0s2
When configuring the fabric interface in the Helm chart, you must provide the
interface with user@jcnr01:~# ethtool -i eth1 driver: hv_netvsc version: 5.15.0-1049-azure firmware-version: N/A expansion-rom-version: bus-info: supports-statistics: yes supports-test: no supports-eeprom-access: no supports-register-dump: yes supports-priv-flags: no Note:
Do not enable accelerated networking for the management interface. |
|
Exclude JCNR interfaces from NetworkManager control. |
NetworkManager is a tool in some operating systems to make the management of network interfaces easier. NetworkManager may make the operation and configuration of the default interfaces easier. However, it can interfere with Kubernetes management and create problems. To avoid NetworkManager from interfering with JCNR interface configuration, exclude JCNR interfaces from NetworkManager control. Here's an example on how to do this in some Linux distributions:
|
|
Verify the core_pattern value is set on the host before deploying JCNR. |
sysctl kernel.core_pattern kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h %e You can update the core_pattern in kernel.core_pattern=/var/crash/core_%e_%p_%i_%s_%h_%t.gz |
|
Note:
JCNR supports only IPv4 for Azure. |
|
Port Requirements
Juniper Cloud-Native Router listens on certain TCP and UDP ports. This section lists the port requirements for the cloud-native router.
| Protocol | Port | Description |
|---|---|---|
| TCP | 8085 | vRouter introspect–Used to gain internal statistical information about vRouter |
| TCP | 8070 | Telemetry Information- Used to see telemetry data from the JCNR vRouter |
| TCP | 8072 | Telemetry Information-Used to see telemetry data from JCNR control plane |
| TCP | 8075, 8076 | Telemetry Information- Used for gNMI requests |
| TCP | 9091 | vRouter health check–cloud-native router checks to ensure the vRouter agent is running. |
| TCP | 9092 | vRouter health check–cloud-native router checks to ensure the vRouter DPDK is running. |
| TCP | 50052 | gRPC port–JCNR listens on both IPv4 and IPv6 |
| TCP | 8081 | JCNR Deployer Port |
| TCP | 24 | cRPD SSH |
| TCP | 830 | cRPD NETCONF |
| TCP | 666 | rpd |
| TCP | 1883 | Mosquito mqtt–Publish/subscribe messaging utility |
| TCP | 9500 | agentd on cRPD |
| TCP | 21883 | na-mqttd |
|
TCP |
50053 |
Default gNMI port that listens to the client subscription request |
| TCP | 51051 | jsd on cRPD |
| UDP | 50055 | Syslog-NG |
Download Options
See JCNR Software Download Packages.
JCNR Licensing
See Manage JCNR Licenses.