Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config system sdn-connector

FortiADC periodically gets a Kubernetes object (service, node, pod) by a built-in container connector. Service is required to be exposed on NodeIP or External IP.

The real server pool can be automatically created. Once the real server pool is created automatically, the corresponding real server will be created and will be referenced as a pool member.

Syntax

Kubernetes Connector

config system sdn-connector

edit <name>

set type {kubernetes | aws | oci |sap}

set status {enable | disable}

set server <server address>

set server-port <port number>

set secret-token <string>

set update-interval <seconds>

next

end

OCI Connector

config system sdn-connector

edit <name>

set type oci

set tenant-id <string>

set compartment-id <string>

set user-id <string>

set oci-region <string>

set oci-cert <string>

set use-metadata-iam {enable | disable}

set ha-status {enable | disable}

next

end

 

AWS Connector

config system sdn-connector

edit <name>

set type aws

set status {enable | disable}

set aws-region <string>

set aws-accesskey <string>

set aws-secretkey <string>

set update-interval <seconds>

set use-metadata-iam {enable | disable}

next

end

SAP Connector

config system sdn-connector

edit <name>

set status {enable | disable}

set server <server address>

set sap-ms-http-port <port number>

set sap-icm-http-port <port number>

set sap-sidadm <string>

set sap-password <string>

set update-interval <seconds>

next

end

CLI Parameter

Description

type

The type of SDN.

Kubernetes connector

status

Enable/disable SDN connector

server

Server IP address.

server-port

Port number. Default is 6443. Range is 1 to 65535.

secret-token

Specify a secret token.

update-interval

Specify an update interval in seconds. Default is 30. Range is 30 to 3600.

OCI connector

tenant-id

Specify the OCI region type.The tenant ID to log in to OCI.

compartment-id

The Compartment ID in which your compute instances are deployed.

user-id

The user ID to log in to OCI.

oci-region

Specify the OCI region where your compute instances are located.

oci-cert

The certificate that FortiADC uses to build connections with OCI.

use-metadata-iam

When FortiADC is deployed on OCI, you can assign IAM role for it to access OCI objects.

ha-status

Enable this option if your OCI instances are deployed in HA mode.

AWS connector

status

Enable or disable the AWS connector.

aws-region

Specify the region where your instances are deployed.

aws-accesskey

Specify the access key ID.

aws-secretkey

Specify the secret access key.

update-interval

Specify the update interval for the connector to get AWS objects and dynamically populates the information in the server pool configuration.

use-metadata-iam

When FortiADC is deployed on AWS, you can assign IAM role for it to access EC2 instances and EKS objects.

SAP Connector

status

Enable or disable the SAP connector.

server

Type the IP address of the SAP server.

sap-ms-http-port

Specify the SAP MS HTTP port that FortiADC uses to communicate with the SAP server.

sap-icm-http-port

Specify the ICM HTTP Port.

sap-sidadm

Specify the SID admin account that FortiADC uses to access the resources in this account.

sap-password

Specify the password.

update-interval

Specify the update interval for the connector to get SAP objects and dynamically populates the information in the server pool configuration.

config system sdn-connector

FortiADC periodically gets a Kubernetes object (service, node, pod) by a built-in container connector. Service is required to be exposed on NodeIP or External IP.

The real server pool can be automatically created. Once the real server pool is created automatically, the corresponding real server will be created and will be referenced as a pool member.

Syntax

Kubernetes Connector

config system sdn-connector

edit <name>

set type {kubernetes | aws | oci |sap}

set status {enable | disable}

set server <server address>

set server-port <port number>

set secret-token <string>

set update-interval <seconds>

next

end

OCI Connector

config system sdn-connector

edit <name>

set type oci

set tenant-id <string>

set compartment-id <string>

set user-id <string>

set oci-region <string>

set oci-cert <string>

set use-metadata-iam {enable | disable}

set ha-status {enable | disable}

next

end

 

AWS Connector

config system sdn-connector

edit <name>

set type aws

set status {enable | disable}

set aws-region <string>

set aws-accesskey <string>

set aws-secretkey <string>

set update-interval <seconds>

set use-metadata-iam {enable | disable}

next

end

SAP Connector

config system sdn-connector

edit <name>

set status {enable | disable}

set server <server address>

set sap-ms-http-port <port number>

set sap-icm-http-port <port number>

set sap-sidadm <string>

set sap-password <string>

set update-interval <seconds>

next

end

CLI Parameter

Description

type

The type of SDN.

Kubernetes connector

status

Enable/disable SDN connector

server

Server IP address.

server-port

Port number. Default is 6443. Range is 1 to 65535.

secret-token

Specify a secret token.

update-interval

Specify an update interval in seconds. Default is 30. Range is 30 to 3600.

OCI connector

tenant-id

Specify the OCI region type.The tenant ID to log in to OCI.

compartment-id

The Compartment ID in which your compute instances are deployed.

user-id

The user ID to log in to OCI.

oci-region

Specify the OCI region where your compute instances are located.

oci-cert

The certificate that FortiADC uses to build connections with OCI.

use-metadata-iam

When FortiADC is deployed on OCI, you can assign IAM role for it to access OCI objects.

ha-status

Enable this option if your OCI instances are deployed in HA mode.

AWS connector

status

Enable or disable the AWS connector.

aws-region

Specify the region where your instances are deployed.

aws-accesskey

Specify the access key ID.

aws-secretkey

Specify the secret access key.

update-interval

Specify the update interval for the connector to get AWS objects and dynamically populates the information in the server pool configuration.

use-metadata-iam

When FortiADC is deployed on AWS, you can assign IAM role for it to access EC2 instances and EKS objects.

SAP Connector

status

Enable or disable the SAP connector.

server

Type the IP address of the SAP server.

sap-ms-http-port

Specify the SAP MS HTTP port that FortiADC uses to communicate with the SAP server.

sap-icm-http-port

Specify the ICM HTTP Port.

sap-sidadm

Specify the SID admin account that FortiADC uses to access the resources in this account.

sap-password

Specify the password.

update-interval

Specify the update interval for the connector to get SAP objects and dynamically populates the information in the server pool configuration.