This version supports auto scaling for AliCloud or Aliyun environments.
To set up auto scaling for a an AliCloud environment:
- Create a scaling group in AliCloud console.
- Create a scaling configuration in AliCloud console.
- Create scaling rules in AliCloud console.
- Set the first FortiGate VM in the auto scaling group as the master member.
- Scale out another FortiGate VM and set it as a slave member; and then synchronize configuration from master to slave.
- In AliCloud, go to Auto Scaling > Scaling Groups, click Create Scaling Group.
- Configure the scaling group parameters:
Scaling Group Name
Enter a name. In this example: FGT-ASG.
In this example: 4.
In this example: 1.
Instance Configuration Source
Use the default.
Use the default of VPC.
Select the VPC ID.
Select the VSwitch.
- In the scaling group pop-up window, click Create Now to create a new scaling configuration.
- Select the Instance Type and FortiGate image.
- Select Assign Public IP and the Security Group.
- Click Next: System Configurations.
- If desired, select a Key Pair.
- Click Preview.
- If the configuration is correct, click Create and then click Enable Configuration.
- Check that the auto scaling group is created and the first FortiGate VM is launched automatically.
- In the Auto Scaling console Scaling Groups page, click FGT-ASG to edit it.
- In the left menu, click Scaling Rules.
- Configure the scaling rule parameters:
Enter a scaling rule name. In this example: FGT-ASG-ADD1.
Select the Action. In this example, 1.
In this example: 300 seconds.
The scaling rule FGT-ASG-ADD1 is created and it can be executed to add one FGT-ASG instance.
Use the same procedure to create another scaling rule named FGT-ASG-REMOVE1 to remove one FortiGate VM instance.
- Log into the FortiGate VM as administrator.
- Use the CLI to enable auto scaling and set the role to master.
config system auto-scale set status enable set role master set sync-interface "port1" set psksecret xxxxxx end
To scale out another FortiGate VM and set it as a slave member; and then synchronize configuration from master to slave:
- In the Auto Scaling console FGT-ASG scaling rules page, execute the scaling rule policy FGT-ASG-ADD1.
A new FortiGate VM instance is created.
- Log into the new FortiGate VM as administrator and use the CLI to enable auto scaling and set the role to slave.
master-ip, use the master side private IP address.
config system auto-scale set status enable set role slave set sync-interface "port1" set master-ip 192.168.1.204 set psksecret xxxxxx end
- Wait a few moments for the slave member to sync with the master member; and then the slave member can sync the FortiGate configuration from the master member.
FortiGate-VM64-ALION~AND # diag deb app hasync -1 slave's configuration is not in sync with master's, sequence:0 slave's configuration is not in sync with master's, sequence:1 slave's configuration is not in sync with master's, sequence:2 slave's configuration is not in sync with master's, sequence:3 slave's configuration is not in sync with master's, sequence:4 slave starts to sync with master logout all admin users