DEMO - Setting up a Transitive Controller
Start course
1h 15m

Join cloud experts Neel Kumar and Mike McLaughin from Aviatrix for a technical chalk talk on how you can solve some of the common issues that can occur when running cloud networking at scale. This group of chalk talks and technical demonstrations provides a practical reference for how to solve complex cloud networking challenges. First, we outline the common architectures and issues faced when scaling cloud architectures, then we workshop a transitive architecture use case defining best practices and design patterns. We discuss multi-cloud implementation, provider limits, hub and spoke architecture patterns, VPN and connectivity. Next, we set up a transitive controller in the AWS console with two instructional demos. 

Learning Objectives 

  • Recognize and explain the common issues that occur when running complex cloud networks 
  • Describe and implement transitive architecture designs using a hub and spoke model 
  • Implement and maintain VPC connectivity at scale 

Intended Audience

This course will suit anyone running or planning to run cloud services at scale.


an understanding of Cloud networking and the AWS Virtual Private Cloud will help you gain the most from this Chalk Talk.
We recommend completing the AWS Networking & Content Delivery learning path in order to gain practical knowledge and hands-on experience if you are not familiar with cloud networking and the virtual private cloud. 

Content Overview

First, we outline the common architectures and issues faced when scaling cloud architectures, then we workshop a transitive architecture and design pattern. Next, we set up a transitive hub in the AWS console with a hands-on demo, and discuss the following:

  1. Cloud Networking - The Common Journey
  2. The Common Patterns with VPC Design
  3. Designing a Transitive VPC Architecture
  4. Managing Network Security at Scale
  5. DEMO - Setting up a Transitive Controller
  6. DEMO - Setting up a Transitive Hub

Aviatrix is an Advanced AWS technology partner highly regarded in the cloud community for helping AWS customers solve advanced networking challenges.  
I strongly recommend reading more about Aviatrix on their website at
Aviatrix have a number of AWS quick start architectures at the links below.


If you have any questions or suggestions for this course, please contact Cloud Academy at

If you have any questions for Neel or Mike, you can contact them directly at


- [Mike] Hi there, my name is Mike McLaughlin. I'm a system architect with Aviatrix. And in this video, I'm gonna show you how to set up an Aviatrix controller within your AWS account. We're gonna start off by looking for VPC, where your tools are. Typically, it's called something like shared services, things like Splunk, Active Directory, Jenkins. Those kinds of tools are all within this VPC. That's where we're gonna put the Aviatrix controller. We're gonna create a separate public subnet, and drop the Aviatrix controller within that subnet. We're gonna start that process by going to In this website, you're gonna find all the documentation and guides on how to set up Aviatrix, along with tools and techniques, best practices, and so on. We're going to go to AWS start-up guide, and go to step 2: launch the controller with CloudFormation. If we click on the first link, it's gonna take us right to CloudFormation, creating a new stack, and pre-populating the template URL with the right URL to create the controller itself. The stack name's pre-populated. You're welcome to change that, or keep it as AviatrixController. Then, select your shared services VPC, along with a public subnet. Pick a keypair, and the controller size. Well leave that at all defaults. And finally, we're gonna create a couple of roles, and policies, to go with this controller. So leave that at new, since you don't have an existing role or policies yet. Finally, do a quick verification. Just make sure you select the right VPC and subnet, and so on. Check the box that you're acknowledging you're creating some new roles and policies. And then, click create. If you wait a few minutes, you'll see that the creation of the controller is complete, along with the policies and the roles. Once it's complete, click around on the outputs tab. And let's look at the outputs. Let's start with the first one. AviatrixControllerEIP is gonna tell you where the controller's external address is. It has a web interface, so we're gonna go ahead and go to https in that EIP. When you go to that EIP, you're gonna be presented with a log-in prompt. Notice that the password defaults to the private IP address of the controller. That's contained within the outputs as well. So let's head over, grab the private IP address, copy it, and paste it into the password field. Quick sign-in, with the user name, admin, and it'll prompt you for an email address for password recovery, notifications, and other needs. I'm gonna use my own address here. And then, I'm gonna click save. And it's gonna save that on a controller. I'm then gonna change my password to something else. Confirm that password, and click save. Once you do this, you're gonna then be prompted for the proxy settings. If you don't have a web proxy, just click skip. Finally, you're gonna upgrade the version of software to the latest. This'll take a couple minutes. And then, once you have the latest version, it's gonna prompt you to log in. So now, we're gonna log in again, with our username admin, and the password that I just changed it to. We are presented with an onboarding screen. Let's get started by setting up our first AWS account. We're gonna give it a friendly account name. Here, I'm gonna just pick SharedServices as my name. And then, I'm gonna put in the account number that I created this controller in. Well, you can see it's in the outputs back on the CloudFormation template. So, we're gonna copy it from there, paste it in, and then click create. This is actually gonna connect you, the controller, to that account. And we're gonna use the friendly name SharedServices to show you what that account within the Aviatrix controller. Finally, you can get started with any one of our use cases. There's a Next-Ten Transit, Egress Security, Remote User VPN, Encrypted Peering, MultiCloud Peering, as well as Site to Cloud VPN. Each one of these will have its own video that you can watch separately. Thanks for your time. And thanks for trying out Aviatrix.



About the Author
Learning Paths

Andrew is fanatical about helping business teams gain the maximum ROI possible from adopting, using, and optimizing Public Cloud Services. Having built  70+ Cloud Academy courses, Andrew has helped over 50,000 students master cloud computing by sharing the skills and experiences he gained during 20+  years leading digital teams in code and consulting. Before joining Cloud Academy, Andrew worked for AWS and for AWS technology partners Ooyala and Adobe.