Deploy F5 Distributed Cloud CE on Proxmox with Secure Mesh Site v2 (SMSv2)
F5 Distributed Cloud Customer Edge (CE) provides a way to extend many of Distributed Cloud's SaaS capabilities into customer environments such as data centers, private/public clouds and edge sites. With the introduction of Secure Mesh Site v2 (SMSv2), the deployment workload of CEs has been greatly simplified, bringing enhancements including:
- Removal of certified hardware requirement,
- A single endpoint for CE site registration,
- Auto-registration,
- Removal of IAM permissions on the CE VM on AWS,
- And much more.
In this example, we will go through the deployment of an SMSv2 CE on Proxmox. As Proxmox utilizes KVM under the hood, we will largely be following the official SMSv2 deployment guide for KVM, with some modifications.
Secure Mesh Site v2 Object
Begin by performing the following task as per official documentation:
- Create SMSv2 site object
- Generate node token and cloud-init configuration
- Download the QCOW2 image file for the CE
New Customer Edge VM on Proxmox
With the above completed, we turn our attention to Proxmox to deploy the CE Virtual Machine (VM).
Start by creating a new VM with the following attributes:
- Under General, set the name and VM ID for the CE VM.
- Under OS, select Do not use any media.
- Under Disks, delete the scsi0 disk assigned by default
- Under CPU, set the desired number of cores (minimum of 4). The CPU type must be set to Host or the CE won't be provisioned correctly.
- Under Memory, set the desired amount of memory (minimum of 14GB).
Finish the VM creation process without starting the VM, taking note of the VM ID, which is 100 in this example.
Customer Edge QCOW2 Image
Next, we load the downloaded QCOW2 image into the newly created VM.
Copy the QCOW2 image to the Proxmox host, e.g.
scp f5xc-ce-9.2024.44-20250102051113.qcow2 root@proxmox:/qcow2/f5xc-ce-9.2024.44-20250102051113.qcow2The QCOW2 image then needs to be imported as a new disk for the VM. SSH to the Proxmox host and run the command below, replacing the VM ID and QCOW2 image path as required.
# qm importdisk <vm_id> <path to qcow2 image> local-lvm qm importdisk 100 /qcow2/f5xc-ce-9.2024.44-20250102051113.qcow2 local-lvmThe imported disk has a default size of 80GB, and can be further expanded at this stage.
# qm resize <vm_id> virtio0 +<additional capacity>G qm resize 100 virtio0 +20GWith the disk imported, we attach it to the VM via the Proxmox UI
Set the Device type to VirtIO Block, and click Add.
Finally, we modify the boot order of the VM for it to boot from the newly attached disk.
Make sure the virtio0 device is first in the boot order and the only one enabled.
Customer Edge cloud-init Configuration
The last task is to load the cloud-init configuration from the SMSv2 object into the VM.
Begin by adding a new CloudInit Drive to the VM.
To pass the custom cloud-init YAML into the VM, the content must be stored on a Proxmox storage that supports snippet.
To do that, first enable Snippets in the local volume. From on Proxmox UI, navigate to Datacenter > Storage > Local. Enable Snippets under Content.
Then, SSH to the Proxmox host and create a directory named snippets under a directory mapped to the local storage option, which is /var/lib/vz as seen in the screenshot above.
mkdir -p /var/lib/vz/snippetsWrite the cloud-init generated from the SMSv2 object into a YAML file within the snippets directory, e.g.
$ cat /var/lib/vz/snippets/f5xc-cloud-init.yaml #cloud-config write_files: - path: /etc/vpm/user_data permissions: 644 owner: root content: | token: <node token>Lastly, load the cloud-init file into the VM as a custom cloud-init config.
# qm set <vm_id> --cicustom "user=local:snippets/<cloud-init filename>" qm set 100 --cicustom "user=local:snippets/f5xc-cloud-init.yaml"With all that done, start the VM. The CE will self-register onto the F5 Distributed Cloud control plane and kick off the provisioning process.
Employee