Planning your Controller Deployment
There are two ways to deploy an Aviatrix Controller:
-
Through one of the CSP (Cloud Service Provider) marketplaces: AWS, Azure, GCP, or OCI.
-
Through Terraform. Click here to access the Aviatrix Terraform modules.
| Terraform is the recommended method. See this document for more information. |
The sections below describe the prerequisites for deploying from CSP marketplaces. After completing these steps, see the "Next Steps" section below for links to deployment instructions.
Prerequisites for Deploying through a CSP Marketplace
Prerequisites
Before launching the Aviatrix Platform from your AWS account, complete the following prerequisites:
Creating a New VPC
-
Log into your AWS account, preferably an Infrastructure OU – Networking or Shared Services account.
-
Go to VPC > Create VPC. Make sure this new VPC has the following settings:
Region – Before configuring any settings, click on the dropdown menu in the top right and select the region in which to locate this VPC.
In the example below, the current region is Oregon.
Setting Value Resources to create
Select the VPC and more radio button.
Name tag
Enter a clear and recognizable name (such as “aviatrix-mgt” or “aviatrix-management”).
IPv4 CIDR block
Enter the IPv4 CIDR block for the Controller VPC. The minimum is /24; the maximum is /16. A best practice is to use RFC1918 ranges.
IPv6 CIDR block
No IPv6 CIDR block
Tenancy
Default
Number of Availability Zones (AZs)
Select 1 if you choose not to configure HA. One Availability Zone offers a simpler deployment but no resiliency.
Select 2 if you require Controller resiliency through HA.
Number of public subnets
1 if you selected 1 Availability Zone above.
2 if you selected 2 Availability Zones.
Number of private subnets
0
NAT gateways ($)
None
VPC endpoints
None
DNS options
Leave these settings at their defaults (both checkboxes marked).
-
Click Create VPC. See the screenshot below to confirm your settings. This example VPC uses two Availability Zones and two public subnets to enable HA.
Optional steps (not required for deployment):
-
Create an S3 bucket for storage. An S3 bucket is not required to launch the Aviatrix Platform, but is required for HA (High Availability) and Backup and Restore Configuration.
The S3 bucket you use or create for Controller HA and Backups should be configured to restrict public access.
-
Create an Application Load Balancer with a Web Application Firewall (WAF) for additional security. This configuration requires a second subnet in a different Availability Zone. See this article for more information.
AWS Prerequisite Checklist
Make sure you have completed these prerequisites before launching your Controller:
-
Create a new, dedicated VPC for the Controller and CoPilot
-
Saved the CIDR range for the main user of the Controller
-
Reviewed the optional steps above (creating an S3 bucket and an Application Load Balancer) and completed them if needed for your configuration
Azure Prerequisites
You only need to find and save the CIDR range for the device of the main Aviatrix Controller and CoPilot user, as explained in Prerequisites for all Clouds.
Prerequisites
Get a Customer ID from Aviatrix
The Aviatrix Controller for Google Cloud Platform (GCP) is available on the Google Cloud Marketplace for BYOL license. Send an email to info@aviatrix.com or open a support ticket at Aviatrix Support Portal with your organization name to request a customer ID. We offer a 30-day free trial license.
Creating a GCP Account
Aviatrix Cloud Connect is a software product that is launched in your own GCP account. The Controller and the Gateways created from the Controller are all in your own network perimeter and completely under your control.
Create a GCP account (https://cloud.google.com/). If you already have an account, skip this step and go to the next step.
The Controller supports multiple accounts and each account is associated with a different GCP project. But you must have at least one account.
Creating a GCP Project
Log in to your Google Cloud Platform (GCP) account and go to the project page: https://console.cloud.google.com/project
Create a project. Go on to the next step if you have already created one. The project ID will be used in referencing this project by Aviatrix Controller.
For example, in a project called Aviatrix-UCC, the project ID is aviatrix-ucc-1214.
(Optional) Creating Networks
This step creates a network in the project created in the previous step.
When a new project is created, a default network is created. You may skip this step if you do not need to customize the network address range by creating a new network, or go on to the next step if you have done so.
The Aviatrix Controller handles a GCP network like a VPC in AWS. Whenever a network configuration is mentioned for Google, the term VPC is used. (The VNet is used for Azure.)
At the GCP console, select the project that you copied the Aviatrix Controller image to. Click the 3 bars. At the dropdown menu, select VPC Network. Click [+] Create Network. Use the automatic subnet creation mode; otherwise ensure there is a subnet allocated for each region where a Gateway will be deployed.
| If you plan to have multiple projects, we suggest you plan your subnets so that the network addresses do not overlap. Select Custom to create subnets. |