Verify the CoPilot Deployment and the Connectivity with Controller

You are now successfully logged into CoPilot. To verify Copilot has connected successfully to your Aviatrix Controller, perform the following steps:

  1. From the CoPilot dashboard, confirm that you can see your resource inventory across all clouds in your multicloud network that is managed by Aviatrix Controller.

  2. Confirm that the inventory tiles show the number and status of each of your managed resources and that the global location of your managed VPCs/VNets is represented on the geographic map.

  3. After deployment, the CoPilot virtual machine ports 31283 and 5000 will be open for any IP (0.0.0.0/0). It is strongly recommended to remove the 0.0.0.0 entry from the CoPilot security group for these ports and add entries for all of your gateway IP addresses as described in the next steps.

    In Controller 6.8, the CoPilot Security Group Management feature (From Controller User Interface, SETTINGS > CoPilot > CoPilot Security Group Management) is automatically enabled so this configuration is expected to be completed. This is only a verification step.

  4. (Verify NetFlow Agent is enabled in Controller) To use the FlowIQ feature in CoPilot, ensure that the Controller is configured to forward NetFlow logs to CoPilot.

    In Controller 6.8, the CoPilot Netflow Agent feature is automatically enabled so this configuration is expected to be completed. This is only a verification step.

    1. Log in to Aviatrix Controller UI.

    2. Go to SETTINGS > Logging > NetFlow Agent.

    3. Use the static IP address of CoPilot as the Netflow server IP and UDP port 31283 (default, port is configurable).

    4. Use version 9.

    5. Click EDIT OPTIONS to enable the edit the Netflow Agent settings. Tick the Advanced check-box. In Gateways, verify all of your Aviatrix gateways are in the Include List.

    6. Click Enable.

      If you launch new gateways from your Controller later, you must transfer the newly launched gateways to the Include List here. In addition, in your native cloud console, you must open your CoPilot security group for UDP 31283 from each newly launched gateway.

  5. (Verify Remote Syslog is enabled in Controller) Remote syslog index 9 is used for the Settings > Logging > Remote Syslog page. Ensure the controller is configured to specify CoPilot as the loghost server.

    In Controller 6.8, the CoPilot Security Group Management feature (in Controller > SETTINGS> CoPilot > CoPilot Security Group Management) is automatically enabled so this configuration is expected to be completed. This is only a verification step.

    1. Log in to Aviatrix Controller.

    2. Go to SETTINGS > Logging > Remote Syslog.

    3. Choose Profile Index 9.

    4. Click EDIT OPTIONS to edit the Remote Syslog settings.

    5. In Enable Remote Syslog, enter the profile name you want to use, the static IP address of CoPilot as the server, and UDP port 5000 (default).

    6. If you want to use custom certificates, choose your custom Server CA certificate, Client certificate, and Client Private Key.

    7. Tick the Advanced checkbox. In Gateways, verify all of your Aviatrix gateways are in the Include List.

    8. Click Enable.

      If you launch new gateways from your Controller later, you must transfer the newly launched gateways to the Include List here. In addition, in your native cloud console, you must open your CoPilot security group for UDP 5000 from each newly launched gateway.