Configuring the appliance network

You can configure the network devices for the Secure Service Container for IBM Cloud Private appliance by using the Secure Service Container user interface. The cluster nodes on the Secure Service Container partitions communicate through the Ethernet-type or VLAN-type connections over the network devices bound to Open Systems Adapter-Express (OSA-Express) devices.

If you have both worker and proxy nodes on one Secure Service Container partition, you must configure two network devices with one for internal communication among the cluster nodes, and another for external access through the proxy node. You can configure one network device to each of the OSA-Express device on the Secure Service Container partitions, or multiple network devices on one OSA-Express device.

This procedure is intended for users with role appliance administrator.

Before you begin


Complete the following steps to configure the network devices.

  1. Connect to the Secure Service Container partition through the browser of your choice. For example, https://<secure_service_container_partition_ip_address>.

  2. On the Login page, enter the master use ID and password values that you supplied in the image profile (standard mode system) or the partition definition (DPM-enabled system), and click Login.

  3. In the navigation pane, click the Network icon to display the network connections page.

  4. Select one of the network devices to get the channel path identifier (CHPID) of the OSA-Express device. For example, encf900 is the network device name, and AA is the CHPID.

  5. Configure another network device on the Secure Service Container partition.

    • For an ethernet-type connection:

      1. Click the plus (+) icon to add a new connection, and then select Ethernet as the connection type.
      2. Select a new network device from the drop-down list. Ensure that the CHPID in the Device Details section is different from the one in step 4. For example, the network device name is encf700, and the CHPID is AB.
      3. Use the default value for the Port field, and set the connection state to Active.
      4. Use Automatic for both IPV4 and IPV6 addresses fields.
    • For a VLAN-type connection, ensure that your OSA device is tagged with an VLAN ID (for example, 1121) and the OSA device is connected with the trunk port of the switch.

      1. Click the plus (+) icon to add a new connection, and then select VLAN as the connection type.
      2. Select a parent device (also known as a tagged OSA device) from the drop-down list. If the parent device is not available, click the plus (+) icon to create a parent device. For example, the parent device name is encf300.
      3. Enter the VLAN ID by which the OSA device is tagged. For example, 1121.
      4. Use the auto-generated connection name. For example, vxlan0f300.1121.
      5. If the DHCP is not configured in your network, select the Manual checkbox on the IPv4 tab and assign an appropriate IP address according to your network.
      6. Set the connection state on the General tab to Active.
      7. Click the ADD button to save the changes.

Two OSA-Express devices on the Secure Service Container partion

Figure 2. two OSA-Express devices


For more information, see the following topic in Secure Service Container User's Guide:


You can now follow the instructions in the Configuring the network for worker and proxy nodes topic to plan how the cluster nodes will communicate among each other and how the external requests can access the services inside the cluster.