Oracle Cloud Infrastructure (OCI) Startup Guide

The Aviatrix cloud network solution consists of two components, the controller and gateways, both of which are cloud VMs. Gateways are launched from the controller console to specific VCNs. This guide helps you to launch the controller in OCI.

Note

Currently we support deploying the Controller in either OCI or AWS. If you would like to launch Controller from the AWS Marketplace as a metered AMI, please follow the AWS Startup Guide. The Aviatrix Controller is multi cloud, multi subscription and multi region capable. Launching the Controller in any vendor can also enable you to deploy and manage gateways in any cloud.

1. Prepare your account in OCI

Create an OCI account

Create an OCI account if you do not already have one.

Set up your compartment

Although you can use default account and root compartment, it is recommended that you follow this doc to create your own user, group, and compartment with the right policy. For more detail, refer to Setting Up Your Tenancy

Create a VCN that has internet access

Create a VCN that has internet access by navigating to “Networking -> Virtual Cloud Networks” in the OCI console, then click “Create Virtual CLoud Network” button and choose “create virtual cloud network plus related resources”.

Alternatively if you want to create a VCN with your own CIDR, choose “create virtual cloud network only”. Continue to create subnet, and internet gateway. Then add default route in the VCN default routing table to point to the newly created internet gateway. This is to grant internet access to the controller inside of this VCN.

2. Subscribe to the Controller

Go to Oracle Cloud Marketplace and search for Aviatrix to subscribe to the Aviatrix platform.

  • Click “Get App >” at the top of the App page.
  • Select OCI region and click “Launch Image”
inst_region
  • Choose the version, compartment and click “Launch Instance”
inst_launch
In the “Create Compute Instance” Page
  1. choose name, availability domain and “virtual Machine” as instance type

  2. choose Instance Shape. The recommended shape is Standard2.2

    inst_flavor

  3. choose proper compartment for VCN and subnet

  4. you could optionally choose “Use network security groups to control traffic” if you have one, otherwise leave it as we will create one later

    inst_network

  5. choose ssh public key file

  6. click “Create” to launch the instance

3. Access the Controller

To be able to reach controller public ip via https using browser, you will need to open port 443 in either security list or security group.

Security List (easy to config)

From OCI portal, navigate to Networking -> Virtual Cloud Networks -> your vcn name -> Security Lists -> Default Security List, Add an ingress rule to allow port 443. You could further limit the source cidr if you know all your VCN subnets where gateway will be launched.

inst_seclist

Security Group (recommend to use)

From OCI portal, navigate to Networking -> Virtual Cloud Networks -> your vcn name -> Network Security Groups Create a new security group. Add an ingress rule to allow port 443. You could further limit the source cidr if you know all your VCN subnets where gateway will be launched.

inst_secgroup

Then navigate to Compute -> Instances -> Controller VM detail page, click the “Edit” link besides the “Network Security Groups” under “Primary VNIC Information”. Associate the security group you created to the controller VNIC.

inst_vnic_secgroup

Controller UI

After the Controller instance is in a running state, you can access the Controller via a browser by https://Controller_public_IP, where Controller_public_IP is the static public IP address of the Controller. The initial password is the private IP address of the instance.

startup_first_login

Follow the steps in browser to go through an initial setup phase to download the latest software. Use “latest” as version if not asked to use other version number.

startup_version

After the latest software is downloaded which takes around 5 mins, UI would redirect you to the login page. You could also try to re-login if browser is closed to go through the account onboarding process.

startup_login

4. Onboarding

Follow the onboarding instructions to create an Aviatrix account that corresponds to your OCI account credential.

Note: you only need to create a single Aviatrix account that corresponds to many OCI, AWS, Azure and GCloud account credentials. This is a multi-cloud platform.

Congratulations on finishing launching your Aviatrix networking platform. Please take a look at our step by step doc site https://docs.aviatrix.com/ Enjoy!