1. Home
  2. Training Library
  3. Amazon Web Services
  4. Courses
  5. Managing Cloud Networking at Scale - Chalk Talk with Aviatrix

DEMO - Setting up a Transitive Controller

Developed with
Aviatrix

The course is part of these learning paths

SysOps Administrator – Associate Certification Preparation for AWS
course-steps 34 certification 5 lab-steps 30 quiz-steps 4 description 5
AWS Advanced Networking – Specialty Certification Preparation
course-steps 18 certification 1 lab-steps 8 quiz-steps 4
play-arrow
Start course
Overview
DifficultyIntermediate
Duration1h 15m
Students211

Description

Overview
Join cloud experts Neel Kumar and Mike McLaughin from Aviatrix for a technical chalk talk on how you can solve some of the common issues that can occur when running cloud networking at scale. This group of chalk talks and technical demonstrations provides a practical reference for how to solve complex cloud networking challenges. First we outline the common architectures and issues faced when scaling cloud architectures, then we workshop a transititive architecture use case defining best practices and design patterns. We discuss multi-cloud implementation, provider limits, hub and spoke architecture patterns, VPN and connectivity.  Next we set up a transitive controller in the AWS console with two instructional demos. 

Prerequisites
an understanding of Cloud networking and the AWS Virtual Private Cloud will help you gain the most from this Chalk Talk.
We recommend completing the following Learning path to gain the practical knowledge and hands-on experience if you are not familiar with cloud networking and the virtual private cloud. AWS Networking and Content Delivery 

Intended Audience
This course will suit anyone running or planning to run cloud services at scale.

Learning Objectives 

  • Recognize and explain the common issues that occur when running complex cloud networks 
  • Describe and implement transitive architecture designs using a hub and spoke model 
  • Implement and maintain VPC connectivity at scale 

Content Overview 
First, we outline the common architectures and issues faced when scaling cloud architectures, then we workshop a transitive architecture and design pattern. Next, we set up a transitive hub in the AWS console with a hands-on demo, discuss 

  1. Cloud Networking - The Common Journey
  2. The Common Patterns with VPC Design
  3. Designing a Transitive VPC Architecture
  4. Managing Network Security at Scale
  5. DEMO - Setting up a Transitive Controller
  6. DEMO - Setting up a Transitive Hub


Aviatrix.com
Aviatrix are an Advanced AWS technology partner highly regarded in the cloud community for helping AWS customers solve advanced networking challenges.  
I highly recommend reading more about Aviatrix at their website www.aviatrix.com 
Aviatrix have a number of AWS quick start architectures at the links below. 
https://aws.amazon.com/quickstart/architecture/aviatrix-global-transit-hub/
https://aws.amazon.com/quickstart/architecture/aviatrix-user-vpn/

 

Feedback 
If you have any questions or suggestions for this course, please contact Cloud Academy at support@cloudacademy.com

If you have any questions for Neel or Mike, you can contact them directly at info@aviatrix.com

Transcript

- [Mike] Hi there, my name is Mike McLaughlin. I'm a system architect with Aviatrix. And in this video, I'm gonna show you how to set up an Aviatrix controller within your AWS account. We're gonna start off by looking for VPC, where your tools are. Typically, it's called something like shared services, things like Splunk, Active Directory, Jenkins. Those kinds of tools are all within this VPC. That's where we're gonna put the Aviatrix controller. We're gonna create a separate public subnet, and drop the Aviatrix controller within that subnet. We're gonna start that process by going to docs.aviatrix.com. In this website, you're gonna find all the documentation and guides on how to set up Aviatrix, along with tools and techniques, best practices, and so on. We're going to go to AWS start-up guide, and go to step 2: launch the controller with CloudFormation. If we click on the first link, it's gonna take us right to CloudFormation, creating a new stack, and pre-populating the template URL with the right URL to create the controller itself. The stack name's pre-populated. You're welcome to change that, or keep it as AviatrixController. Then, select your shared services VPC, along with a public subnet. Pick a keypair, and the controller size. Well leave that at all defaults. And finally, we're gonna create a couple of roles, and policies, to go with this controller. So leave that at new, since you don't have an existing role or policies yet. Finally, do a quick verification. Just make sure you select the right VPC and subnet, and so on. Check the box that you're acknowledging you're creating some new roles and policies. And then, click create. If you wait a few minutes, you'll see that the creation of the controller is complete, along with the policies and the roles. Once it's complete, click around on the outputs tab. And let's look at the outputs. Let's start with the first one. AviatrixControllerEIP is gonna tell you where the controller's external address is. It has a web interface, so we're gonna go ahead and go to https in that EIP. When you go to that EIP, you're gonna be presented with a log-in prompt. Notice that the password defaults to the private IP address of the controller. That's contained within the outputs as well. So let's head over, grab the private IP address, copy it, and paste it into the password field. Quick sign-in, with the user name, admin, and it'll prompt you for an email address for password recovery, notifications, and other needs. I'm gonna use my own address here. And then, I'm gonna click save. And it's gonna save that on a controller. I'm then gonna change my password to something else. Confirm that password, and click save. Once you do this, you're gonna then be prompted for the proxy settings. If you don't have a web proxy, just click skip. Finally, you're gonna upgrade the version of software to the latest. This'll take a couple minutes. And then, once you have the latest version, it's gonna prompt you to log in. So now, we're gonna log in again, with our username admin, and the password that I just changed it to. We are presented with an onboarding screen. Let's get started by setting up our first AWS account. We're gonna give it a friendly account name. Here, I'm gonna just pick SharedServices as my name. And then, I'm gonna put in the account number that I created this controller in. Well, you can see it's in the outputs back on the CloudFormation template. So, we're gonna copy it from there, paste it in, and then click create. This is actually gonna connect you, the controller, to that account. And we're gonna use the friendly name SharedServices to show you what that account within the Aviatrix controller. Finally, you can get started with any one of our use cases. There's a Next-Ten Transit, Egress Security, Remote User VPN, Encrypted Peering, MultiCloud Peering, as well as Site to Cloud VPN. Each one of these will have its own video that you can watch separately. Thanks for your time. And thanks for trying out Aviatrix.

About the Author

Students51665
Courses77
Learning paths28

Andrew is an AWS certified professional who is passionate about helping others learn how to use and gain benefit from AWS technologies. Andrew has worked for AWS and for AWS technology partners Ooyala and Adobe.  His favorite Amazon leadership principle is "Customer Obsession" as everything AWS starts with the customer. Passions around work are cycling and surfing, and having a laugh about the lessons learnt trying to launch two daughters and a few start ups.