Planning your Controller Deployment
There are two ways to deploy an Aviatrix Controller:
-
Through one of the CSP (Cloud Service Provider) marketplaces: AWS, Azure, GCP, or OCI.
-
Through Terraform. Click here to access the Aviatrix Terraform modules.
| Terraform is the recommended method. See this document for more information. |
The sections below describe the prerequisites for deploying from CSP marketplaces. After completing this steps, see the "Next Steps" section below for links to deployment instructions.
Prerequisites for Deploying through a CSP Marketplace
Prerequisites
Before launching the Aviatrix Platform from your AWS account, complete the following prerequisites:
Creating a New VPC
-
Log into your AWS account, preferably an Infrastructure OU – Networking or Shared Services account.
-
Go to VPC > Create VPC. Make sure this new VPC has the following settings:
Region – Before configuring any settings, click on the dropdown menu in the top right and select the region in which to locate this VPC.
In the example below, the current region is Oregon.
| Setting | Value |
|---|---|
Resources to create |
Select the VPC and more radio button. |
Name tag |
Enter a clear and recognizable name (such as “aviatrix-mgt” or “aviatrix-management”). |
IPv4 CIDR block |
Enter the IPv4 CIDR block for the Controller VPC. The minimum is /24; the maximum is /16. A best practice is to use RFC1918 ranges. |
IPv6 CIDR block |
No IPv6 CIDR block |
Tenancy |
Default |
Number of Availability Zones (AZs) |
Select 1 if you choose not to configure HA. One Availability Zone offers a simpler deployment but no resiliency. Select 2 if you require Controller resiliency through HA. |
Number of public subnets |
1 if you selected 1 Availability Zone above. 2 if you selected 2 Availability Zones. |
Number of private subnets |
0 |
NAT gateways ($) |
None |
VPC endpoints |
None |
DNS options |
Leave these settings at their defaults (both checkboxes marked). |
-
Click Create VPC. See the screenshot below to confirm your settings. This example VPC uses two Availability Zones and two public subnets to enable HA.
Optional steps (not required for deployment):
-
Create an S3 bucket for storage. An S3 bucket is not required to launch the Aviatrix Platform, but is required for HA (High Availability) and Backup and Restore Configuration.
The S3 bucket you use or create for Controller HA and Backups does not need to have public access enabled and should be configured to restrict general public access.
-
Create an Application Load Balancer with a Web Application Firewall (WAF) for additional security. This configuration requires a second subnet in a different Availability Zone. See this article for more information.
AWS Prerequisite Checklist
Make sure you have completed these prerequisites before launching your Controller:
-
Create a new, dedicated VPC for the Controller and CoPilot
-
Saved the CIDR range for the main user of the Controller
-
Reviewed the optional steps above (creating an S3 bucket and an Application Load Balancer) and completed them if needed for your configuration
Prerequisites
Get a Customer ID from Aviatrix
The Aviatrix Controller for GCloud is available on the Google Cloud Marketplace for BYOL license. Send an email to info@aviatrix.com or open a support ticket at Aviatrix Support Portal with your organization name to request a customer ID. We offer a 30-day free trial license.
Creating a Google Cloud Platform (GCloud) Account
Aviatrix Cloud Connect is a software product that is launched in your own GCloud account. The Controller and the Gateways created from the Controller are all in your own network perimeter and completely under your control.
Create a GCloud account (https://cloud.google.com/). Go on to the next step if you have already done so.
Note that the Controller supports multiple accounts with each one associated with a different GCloud projects, but there needs to be at least one to start with.
Creating a GCloud Project
Log in to your GCloud account and go to the project page: https://console.cloud.google.com/project
Create a project. Go on to the next step if you have already created one. Note that the project ID will be used in referencing this project by Aviatrix Controller.
For example, in a project called Aviatrix-UCC, the project ID is aviatrix-ucc-1214.
(Optional) Creating Networks
This step creates a network in the project created in the previous step.
When a new project is created, a default network is created. You may skip this step if you do not need to customize the network address range by creating a new network, or go on to the next step if you have done so.
Note that the Aviatrix Controller handles a GCloud network like a VPC in AWS. Whenever a network configuration is mentioned for GCloud, the term VPC is used. (The VNet is used for Azure.)
At the GCloud console, select the project that you have copied the Aviatrix Controller image to. Click the 3 bars. At the dropdown menu, select VPC Network. Click [+] Create Network. Use the automatic subnet creation mode; otherwise ensure there is a subnet allocated for each region where a Gateway will be deployed.
| If you plan to have multiple projects, we suggest you plan your subnets so that the network addresses do not overlap. Select Custom to create subnets. |