Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update for backbone #560

Merged
merged 2 commits into from
Nov 4, 2024
Merged

update for backbone #560

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4e7ffe7
update for backbone
joe-amendolara Nov 4, 2024
6e72d38
auto build from GitHub Actions
Nov 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
127 changes: 98 additions & 29 deletions ace_backbone/docs/backbone.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,16 +37,8 @@ Initial Topology

| **POD#** | **Copilot** |
|:----------:|:---------------:|
| 1 | <a href="https://cplt.pod1.aviatrixlab.com" target="_blank">POD1</a> |
| 2 | <a href="https://cplt.pod2.aviatrixlab.com" target="_blank">POD2</a> |
| 3 | <a href="https://cplt.pod3.aviatrixlab.com" target="_blank">POD3</a> |
| 4 | <a href="https://cplt.pod4.aviatrixlab.com" target="_blank">POD4</a> |
| 5 | <a href="https://cplt.pod5.aviatrixlab.com" target="_blank">POD5</a> |
| 6 | <a href="https://cplt.pod6.aviatrixlab.com" target="_blank">POD6</a> |
| 7 | <a href="https://cplt.pod7.aviatrixlab.com" target="_blank">POD7</a> |
| 8 | <a href="https://cplt.pod8.aviatrixlab.com" target="_blank">POD8</a> |
| 9 | <a href="https://cplt.pod9.aviatrixlab.com" target="_blank">POD9</a> |
| 10 | <a href="https://cplt.pod10.aviatrixlab.com" target="_blank">POD10</a> |
| 1 | <a href="https://cplt.pod1.aviatrixlab.com" target="_blank">POD##</a> |
|

## Access credentials

Expand All @@ -59,7 +51,7 @@ student
Password:

```bash
1012fw633#SYTY3
#############
```

## LAB Pre-Req
Expand Down Expand Up @@ -167,7 +159,7 @@ It will take roughly **2 minutes** for the Aviatrix Controller to completing the

```{figure} images/backbone-tgw07.png
---
height: 250px
height: 600px
align: center
---
Attachment
Expand All @@ -179,6 +171,7 @@ Let's continue building the cloud backbone, now you are asked to create the `Tra

```{figure} images/backbone-tgw08.png
---
height: 400px
align: center
---
Initial Topology for Task#3
Expand Down Expand Up @@ -218,6 +211,7 @@ Now it's time to deploy a pair of **`Transit GWs`** inside the VPC created on th

```{figure} images/backbone-tgw011.png
---
height: 400px
align: center
---
Inital Topology for Task #4
Expand All @@ -227,39 +221,114 @@ Go to **CoPilot > Cloud Fabric > Gateways > Transit Gateways** and click on the

```{figure} images/backbone-tgw12.png
---
height: 400px
align: center
---
Transit Gateways section
```

### Deploy Aviatrix Spoke GW
Ensure these parameters are entered in the pop-up window `"Create Transit Gateway"`.

- **Name:** <span style='color:#479608'>transit-aws</span>
- **Cloud:** <span style='color:#479608'>AWS (Standard)</span>
- **Account:** <span style='color:#479608'>aws-account</span>
- **Region:** <span style='color:#479608'>us-east-1 (N. Virginia)</span>
- **VPC/VNet:** <span style='color:#479608'>transit-aws</span>
- **Instance Size:** <span style='color:#479608'>c6in.large</span>
- **High Performance Encryption:** <span style='color:#479608'>**ON**</span>
- **Peer To Transit Gateways:** <span style='color:#479608'>transit-azure</span>

then click on the `"+ Instance"` button!

**Instance-1**:
- **Attach to Subnet:** <span style='color:#479608'>us-east-1a</span>

**Instance-2**:
- **Attach to Subnet:** <span style='color:#479608'>us-east-1b</span>

```{figure} images/backbone-tgw013.png
---
align: center
---
Transit GW Template
```

Do not forget to click on **SAVE**.

```{note}
The Aviatrix Controller will deploy two Transit Gateways and, at the same time, it will establish the peering with the predeployed Transit Gateways in Azure.
```

```{caution}
The Aviatrix Controller will deploy two Transit Gateways and, at the same time, it will establish the peering with the predeployed Transit Gateways in Azure.
```

You can monitor the progress of the task!
Go to **CoPilot > Monitor > Notifications > Tasks** and expand the task named `"Create transit gateway: transit-aws"`.

```{figure} images/backbone-tgw014.png
---
height: 400px
align: center
---
Task in progress
```

```{caution}
it will take roughly **10 minutes** for the Aviatrix Controller for completing this task, therefore, be patient!
```

- The public IP address will be different (Public EIP automatically allocated by CSP)
- The Subnet CIDR could be different (automatically picked up by Aviatrix Controller)
- Region: us-east-1
Now go to **CoPilot > Cloud Fabric > Topology**, click on `"Managed"` for hiding all the unmanaged VPCs (i.e. VPCs without an Aviatrix GW) and then click on the `"Collapse all VPC/VNets"` button.

![Spoke](images/egress_spoke_gw.png)
```{figure} images/backbone-tgw015.png
---
height: 400px
align: center
---
Dynamic Topology
```

Check the Egress setting. The Egress traffic is going through the AWS NAT GW.
You will notice the presence of the newly created **peering**.

![Egress](images/egress_egress.png)
## Task #5: Attach Transit Gateway to aws-tgw

### Enable spoke GW to become the Egress GW
Now Let's attach the Transit GWs in AWS to the AWS TGW.

1. Click +Local Egress on VPC/VNets.
2. In the Add Local Egress on VPC/VNets dialog, select the VPC/VNets on which to enable Local Egress.
3. Click Add.
```{figure} images/backbone-tgw016.png
---
height: 400px
align: center
---
Initial Topology for task #5
```

[Read more at Aviatrix Documentation](https://docs.aviatrix.com/copilot/latest/network-security/index.html)
Go to **CoPilot > Networking > Connectivity > AWS TGW** and click on the `"Attach Transit Gateway"` button.

![Local](images/egress_add_local.png)
```{figure} images/backbone-tgw017.png
---
align: center
---
"Attach Transit GW" button
```

Ensure this parameter is entered in the pop-up window `"Attach Transigt Gateway to AWS-NVirginia-TGW"`.

- **Transit Gateway:** <span style='color:#479608'>transit-aws</span>

```{figure} images/backbone-tgw018.png
---
align: center
---
Attachment Template
```

Add Local Egress on VPC/VNets
Adding Egress Control on VPC/VNet changes the default route on VPC/VNet to point to the Spoke Gateway and enables SNAT. Egress Control also requires additional resources on the Spoke Gateway.VPC/VNets
Do not forget to click on **SAVE**.

Now the diagram should look like the following:
```{caution}
it will take roughly **3 minutes** for the Aviatrix Controller for completing this task, therefore, be patient!
```

![Vpc](images/egress_vpc.png)
## Task #6: Attach Transit Gateway to aws-tgw

## Conclusion

Expand Down
Binary file added ace_backbone/docs/images/backbone-tgw013.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added ace_backbone/docs/images/backbone-tgw014.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added ace_backbone/docs/images/backbone-tgw015.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added ace_backbone/docs/images/backbone-tgw016.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added ace_backbone/docs/images/backbone-tgw017.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added ace_backbone/docs/images/backbone-tgw018.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/ace-backbone/_images/backbone-tgw013.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/ace-backbone/_images/backbone-tgw014.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/ace-backbone/_images/backbone-tgw015.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/ace-backbone/_images/backbone-tgw016.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/ace-backbone/_images/backbone-tgw017.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/ace-backbone/_images/backbone-tgw018.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
127 changes: 98 additions & 29 deletions docs/ace-backbone/_sources/docs/backbone.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,16 +37,8 @@ Initial Topology

| **POD#** | **Copilot** |
|:----------:|:---------------:|
| 1 | <a href="https://cplt.pod1.aviatrixlab.com" target="_blank">POD1</a> |
| 2 | <a href="https://cplt.pod2.aviatrixlab.com" target="_blank">POD2</a> |
| 3 | <a href="https://cplt.pod3.aviatrixlab.com" target="_blank">POD3</a> |
| 4 | <a href="https://cplt.pod4.aviatrixlab.com" target="_blank">POD4</a> |
| 5 | <a href="https://cplt.pod5.aviatrixlab.com" target="_blank">POD5</a> |
| 6 | <a href="https://cplt.pod6.aviatrixlab.com" target="_blank">POD6</a> |
| 7 | <a href="https://cplt.pod7.aviatrixlab.com" target="_blank">POD7</a> |
| 8 | <a href="https://cplt.pod8.aviatrixlab.com" target="_blank">POD8</a> |
| 9 | <a href="https://cplt.pod9.aviatrixlab.com" target="_blank">POD9</a> |
| 10 | <a href="https://cplt.pod10.aviatrixlab.com" target="_blank">POD10</a> |
| 1 | <a href="https://cplt.pod1.aviatrixlab.com" target="_blank">POD##</a> |
|

## Access credentials

Expand All @@ -59,7 +51,7 @@ student
Password:

```bash
1012fw633#SYTY3
#############
```

## LAB Pre-Req
Expand Down Expand Up @@ -167,7 +159,7 @@ It will take roughly **2 minutes** for the Aviatrix Controller to completing the

```{figure} images/backbone-tgw07.png
---
height: 250px
height: 600px
align: center
---
Attachment
Expand All @@ -179,6 +171,7 @@ Let's continue building the cloud backbone, now you are asked to create the `Tra

```{figure} images/backbone-tgw08.png
---
height: 400px
align: center
---
Initial Topology for Task#3
Expand Down Expand Up @@ -218,6 +211,7 @@ Now it's time to deploy a pair of **`Transit GWs`** inside the VPC created on th

```{figure} images/backbone-tgw011.png
---
height: 400px
align: center
---
Inital Topology for Task #4
Expand All @@ -227,39 +221,114 @@ Go to **CoPilot > Cloud Fabric > Gateways > Transit Gateways** and click on the

```{figure} images/backbone-tgw12.png
---
height: 400px
align: center
---
Transit Gateways section
```

### Deploy Aviatrix Spoke GW
Ensure these parameters are entered in the pop-up window `"Create Transit Gateway"`.

- **Name:** <span style='color:#479608'>transit-aws</span>
- **Cloud:** <span style='color:#479608'>AWS (Standard)</span>
- **Account:** <span style='color:#479608'>aws-account</span>
- **Region:** <span style='color:#479608'>us-east-1 (N. Virginia)</span>
- **VPC/VNet:** <span style='color:#479608'>transit-aws</span>
- **Instance Size:** <span style='color:#479608'>c6in.large</span>
- **High Performance Encryption:** <span style='color:#479608'>**ON**</span>
- **Peer To Transit Gateways:** <span style='color:#479608'>transit-azure</span>

then click on the `"+ Instance"` button!

**Instance-1**:
- **Attach to Subnet:** <span style='color:#479608'>us-east-1a</span>

**Instance-2**:
- **Attach to Subnet:** <span style='color:#479608'>us-east-1b</span>

```{figure} images/backbone-tgw013.png
---
align: center
---
Transit GW Template
```

Do not forget to click on **SAVE**.

```{note}
The Aviatrix Controller will deploy two Transit Gateways and, at the same time, it will establish the peering with the predeployed Transit Gateways in Azure.
```

```{caution}
The Aviatrix Controller will deploy two Transit Gateways and, at the same time, it will establish the peering with the predeployed Transit Gateways in Azure.
```

You can monitor the progress of the task!
Go to **CoPilot > Monitor > Notifications > Tasks** and expand the task named `"Create transit gateway: transit-aws"`.

```{figure} images/backbone-tgw014.png
---
height: 400px
align: center
---
Task in progress
```

```{caution}
it will take roughly **10 minutes** for the Aviatrix Controller for completing this task, therefore, be patient!
```

- The public IP address will be different (Public EIP automatically allocated by CSP)
- The Subnet CIDR could be different (automatically picked up by Aviatrix Controller)
- Region: us-east-1
Now go to **CoPilot > Cloud Fabric > Topology**, click on `"Managed"` for hiding all the unmanaged VPCs (i.e. VPCs without an Aviatrix GW) and then click on the `"Collapse all VPC/VNets"` button.

![Spoke](images/egress_spoke_gw.png)
```{figure} images/backbone-tgw015.png
---
height: 400px
align: center
---
Dynamic Topology
```

Check the Egress setting. The Egress traffic is going through the AWS NAT GW.
You will notice the presence of the newly created **peering**.

![Egress](images/egress_egress.png)
## Task #5: Attach Transit Gateway to aws-tgw

### Enable spoke GW to become the Egress GW
Now Let's attach the Transit GWs in AWS to the AWS TGW.

1. Click +Local Egress on VPC/VNets.
2. In the Add Local Egress on VPC/VNets dialog, select the VPC/VNets on which to enable Local Egress.
3. Click Add.
```{figure} images/backbone-tgw016.png
---
height: 400px
align: center
---
Initial Topology for task #5
```

[Read more at Aviatrix Documentation](https://docs.aviatrix.com/copilot/latest/network-security/index.html)
Go to **CoPilot > Networking > Connectivity > AWS TGW** and click on the `"Attach Transit Gateway"` button.

![Local](images/egress_add_local.png)
```{figure} images/backbone-tgw017.png
---
align: center
---
"Attach Transit GW" button
```

Ensure this parameter is entered in the pop-up window `"Attach Transigt Gateway to AWS-NVirginia-TGW"`.

- **Transit Gateway:** <span style='color:#479608'>transit-aws</span>

```{figure} images/backbone-tgw018.png
---
align: center
---
Attachment Template
```

Add Local Egress on VPC/VNets
Adding Egress Control on VPC/VNet changes the default route on VPC/VNet to point to the Spoke Gateway and enables SNAT. Egress Control also requires additional resources on the Spoke Gateway.VPC/VNets
Do not forget to click on **SAVE**.

Now the diagram should look like the following:
```{caution}
it will take roughly **3 minutes** for the Aviatrix Controller for completing this task, therefore, be patient!
```

![Vpc](images/egress_vpc.png)
## Task #6: Attach Transit Gateway to aws-tgw

## Conclusion

Expand Down
2 changes: 1 addition & 1 deletion docs/ace-backbone/docs/Requirements.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -324,7 +324,7 @@ <h1>Requirements<a class="headerlink" href="#requirements" title="Link to this h
<figure class="align-center" id="id1">
<img alt="../_images/backbone-quiz.png" src="../_images/backbone-quiz.png" />
<figcaption>
<p><span class="caption-number">Fig. 36 </span><span class="caption-text">Requirements</span><a class="headerlink" href="#id1" title="Link to this image">#</a></p>
<p><span class="caption-number">Fig. 42 </span><span class="caption-text">Requirements</span><a class="headerlink" href="#id1" title="Link to this image">#</a></p>
</figcaption>
</figure>
<div class="admonition caution">
Expand Down
Loading