Fortinet Document Library

Version:


Table of Contents

About FortiWeb for Azure

Deploying FortiWeb on Azure

Use Case: High Availability for FortiWeb on Azure

Deploying Auto Scaling on Azure

Deploying FortiWeb-VM on Azure Stack

  • Select version:
  • 6.1
6.1.1
Copy Link

Deploying autoscaling resources using ARM templates

In this topic, we will introduce how to deploy the autoscaling resources using ARM templates.

  1. Download the templates through this link.
  2. Unzip the file. You will get the following two files:
    1. deploy_scaleset.json: This template deploys Azure resources including Azure VMSS, Load Balancer, Virtual Network, Azure Function Application, Azure CosmosDB, etc.
    2. deploy_scaleset.params.json: Editable parameter template paired with the deploy_scaleset.json.
  3. In the Microsoft Azure Dashboard, click All services, type templates in the search box, then click Templates in the search results.
  4. Click Add.
  5. Specify a name for the template, and describe it briefly. Click OK.
  6. Delete the default provided template content.
  7. Copy the text in deploy_scaleset.json, then paste it here. Click OK.
  8. Click Add.
  9. In the template list, click the template you just added.
  10. Click Deploy.
  11. In BASICS settings, select the Subscription, Resource group, and Location.
    For the Subscription, make sure you select a PAYG type of subscription. FortiWeb autoscaling solution currently only supports instances with the PAYG type. For the Location, make sure there are at least 2 CPUs available in your specified location.
  12. In SETTINGS, refer to the following table to configure the settings.
    Parameter name Description
    vmssName VM Scale Set name that the FortiWeb VM instance deployed in. Must be 3-61 characters in length and globally unique across Azure.
    vmSku Size of VMs in the VM Scale Set. The default value is Standard_F2, The allowed values are Standard_F2 Standard_F4, and Standard_F8.

    imageversion

    FortiWeb image version. Select Latest option will launch the latest FortiWeb image in the marketplace.

    adminUsername Admin username for all FortiWeb VM instances in the VMSS. Must not be 'admin' nor 'root'. Must be 3-48 characters in length.
    adminPassword

    Admin user password. Password must be between 6-72 characters long and must satisfy at least 3 of password complexity requirements from the following:

    1) Contains an uppercase character;

    2) Contains a lowercase character;

    3) Contains a numeric digit;

    4) Contains a special character;

    5) Control characters are not allowed.

    vnetNewOrExisting

    Identify whether to use a new or existing VNET. The default value is new. The allowed values are new, existing.

    If the customer use the existing VNET, the existing VNET must contains at least two subnet, and the resource group of the existing VNET must be appointed.

    vnetName Name of the Azure virtual network. If the field vnetNewOrExisting value is new, the virtual network with the appointed name will be created. If the field vnetNewOrExisting value is existing, the system will find the specified virtual network and deploy the VMs in it.
    vnetResourceGroup Name of the resource group where the existing virtual network belongs in. If the vnetNewOrExisting value is existing, this field is required
    vnetAddressPrefix Virtual Network Address prefix. If the field vnetNewOrExisting value is new, this field is required.
    Subnet1Name Name of the Subnet1 in the virtual network. If the field vnetNewOrExisting value is new, the subnet with the appointed name will be created. Must be 3-48 characters in length.
    Subnet1Prefix Prefix of Subnet1 in the virtual network. If the field vnetNewOrExisting value is new, this field is required.
    Subnet2Name Name of the Subnet2 in the virtual network. If the field vnetNewOrExisting value is new, the subnet with the appointed name will be created. Must be 3-48 characters in length.
    Subnet2Prefix Prefix of Subnet2 in the virtual network. If the field vnetNewOrExisting value is new, this field is required.
    capacity Initial Number of VM instances. The range is 0-16.
    autoscaleMin Minimum Number of VM instances. The range is 0-16.
    autoscaleMax

    Maximum Number of VM instances. The range is 1-16.

    autoscaleMax ≥ capacity ≥ autoscaleMin

    scaleUpCPUThreshold CPU percentage at which the scaleup should occur.
    scaleUpTimeWindow The range of time (minutes) in which the instance CPU percentage is collected. The range is 5-720 minutes.
    scaleDownCPUThreshold CPU percentage at which the scaledown should occur.
    scaleDownTimeWindow The range of time (minutes) in which instance CPU percentage is collected. The range is 5-720 minutes.
    funcAppPrefix The name prefix of the function application. Must be 3-36 characters in length.
    subscriptionId Azure Subscription ID.
    tenantId Directory ID on the Active Directory of your current subscription.

    restappId

    Application ID found on your registered application.

    restappSecret

    Key added to the registered application.

    heartbeatLoss

    Heartbeat loss count before the function application considers the VM instance dead (each VM sends heartbeat to function application every 10 seconds)

  13. If you plan to create more autoscaling clusters with the same or similar settings, it's recommended to download the template containing the above settings by clicking Edit parameters > Download.
    The next time you deploy an autoscaling cluster, you can use Load file to upload the settings with one click.

  14. Click Purchase.
  15. Wait for several minutes. When the auto-scale is deployed successfully, it will run automatically.
  16. The template automatically creates a function application. Go to the App Service resource, click the function application AutoscaleHandler, and then you can view the log of your function application.
  17. Access your VM Scale Set.
    Find the resource group in which the autoscaling resources are deployed. Select the Virtual Machine Scale Set (VMSS) resources. You can check the instance number and the status at the Instances label.
    Click either one of the instances to open the Overview page of the instance. Take note of its public IP address. You will use it later.
  18. Go to the Scaling label, you can modify the autoscaling configurations. Click Run history label to view the scale log of your VMSS.

 

Deploying autoscaling resources using ARM templates

In this topic, we will introduce how to deploy the autoscaling resources using ARM templates.

  1. Download the templates through this link.
  2. Unzip the file. You will get the following two files:
    1. deploy_scaleset.json: This template deploys Azure resources including Azure VMSS, Load Balancer, Virtual Network, Azure Function Application, Azure CosmosDB, etc.
    2. deploy_scaleset.params.json: Editable parameter template paired with the deploy_scaleset.json.
  3. In the Microsoft Azure Dashboard, click All services, type templates in the search box, then click Templates in the search results.
  4. Click Add.
  5. Specify a name for the template, and describe it briefly. Click OK.
  6. Delete the default provided template content.
  7. Copy the text in deploy_scaleset.json, then paste it here. Click OK.
  8. Click Add.
  9. In the template list, click the template you just added.
  10. Click Deploy.
  11. In BASICS settings, select the Subscription, Resource group, and Location.
    For the Subscription, make sure you select a PAYG type of subscription. FortiWeb autoscaling solution currently only supports instances with the PAYG type. For the Location, make sure there are at least 2 CPUs available in your specified location.
  12. In SETTINGS, refer to the following table to configure the settings.
    Parameter name Description
    vmssName VM Scale Set name that the FortiWeb VM instance deployed in. Must be 3-61 characters in length and globally unique across Azure.
    vmSku Size of VMs in the VM Scale Set. The default value is Standard_F2, The allowed values are Standard_F2 Standard_F4, and Standard_F8.

    imageversion

    FortiWeb image version. Select Latest option will launch the latest FortiWeb image in the marketplace.

    adminUsername Admin username for all FortiWeb VM instances in the VMSS. Must not be 'admin' nor 'root'. Must be 3-48 characters in length.
    adminPassword

    Admin user password. Password must be between 6-72 characters long and must satisfy at least 3 of password complexity requirements from the following:

    1) Contains an uppercase character;

    2) Contains a lowercase character;

    3) Contains a numeric digit;

    4) Contains a special character;

    5) Control characters are not allowed.

    vnetNewOrExisting

    Identify whether to use a new or existing VNET. The default value is new. The allowed values are new, existing.

    If the customer use the existing VNET, the existing VNET must contains at least two subnet, and the resource group of the existing VNET must be appointed.

    vnetName Name of the Azure virtual network. If the field vnetNewOrExisting value is new, the virtual network with the appointed name will be created. If the field vnetNewOrExisting value is existing, the system will find the specified virtual network and deploy the VMs in it.
    vnetResourceGroup Name of the resource group where the existing virtual network belongs in. If the vnetNewOrExisting value is existing, this field is required
    vnetAddressPrefix Virtual Network Address prefix. If the field vnetNewOrExisting value is new, this field is required.
    Subnet1Name Name of the Subnet1 in the virtual network. If the field vnetNewOrExisting value is new, the subnet with the appointed name will be created. Must be 3-48 characters in length.
    Subnet1Prefix Prefix of Subnet1 in the virtual network. If the field vnetNewOrExisting value is new, this field is required.
    Subnet2Name Name of the Subnet2 in the virtual network. If the field vnetNewOrExisting value is new, the subnet with the appointed name will be created. Must be 3-48 characters in length.
    Subnet2Prefix Prefix of Subnet2 in the virtual network. If the field vnetNewOrExisting value is new, this field is required.
    capacity Initial Number of VM instances. The range is 0-16.
    autoscaleMin Minimum Number of VM instances. The range is 0-16.
    autoscaleMax

    Maximum Number of VM instances. The range is 1-16.

    autoscaleMax ≥ capacity ≥ autoscaleMin

    scaleUpCPUThreshold CPU percentage at which the scaleup should occur.
    scaleUpTimeWindow The range of time (minutes) in which the instance CPU percentage is collected. The range is 5-720 minutes.
    scaleDownCPUThreshold CPU percentage at which the scaledown should occur.
    scaleDownTimeWindow The range of time (minutes) in which instance CPU percentage is collected. The range is 5-720 minutes.
    funcAppPrefix The name prefix of the function application. Must be 3-36 characters in length.
    subscriptionId Azure Subscription ID.
    tenantId Directory ID on the Active Directory of your current subscription.

    restappId

    Application ID found on your registered application.

    restappSecret

    Key added to the registered application.

    heartbeatLoss

    Heartbeat loss count before the function application considers the VM instance dead (each VM sends heartbeat to function application every 10 seconds)

  13. If you plan to create more autoscaling clusters with the same or similar settings, it's recommended to download the template containing the above settings by clicking Edit parameters > Download.
    The next time you deploy an autoscaling cluster, you can use Load file to upload the settings with one click.

  14. Click Purchase.
  15. Wait for several minutes. When the auto-scale is deployed successfully, it will run automatically.
  16. The template automatically creates a function application. Go to the App Service resource, click the function application AutoscaleHandler, and then you can view the log of your function application.
  17. Access your VM Scale Set.
    Find the resource group in which the autoscaling resources are deployed. Select the Virtual Machine Scale Set (VMSS) resources. You can check the instance number and the status at the Instances label.
    Click either one of the instances to open the Overview page of the instance. Take note of its public IP address. You will use it later.
  18. Go to the Scaling label, you can modify the autoscaling configurations. Click Run history label to view the scale log of your VMSS.