Clud Cntrller Startup Guide Aviatrix GClud Clud Cnnect Startup Guide Versin 10-16-2016 Cpyright 2014-2016 Aviatrix Systems, Inc. All rights reserved. Aviatrix Systems Page 0
GClud Cntrller Startup Guide 1 Welcme... 1 2 Prerequisite... 2 2.1 Get a Custmer ID frm Aviatrix... 2 2.2 Create a Ggle Clud Platfrm (GClud) accunt... 2 2.3 Create a GClud Prject... 3 2.4 Cpy Aviatrix Cntrller Image t Yur Prject... 3 2.5 (Optinal) Create Netwrks... 3 3 Launch the Aviatrix Cntrller... 4 4 Access the Aviatrix Cntrller... 5 5 Onbarding... 6 6 Supprt... 6 1 Welcme This is a startup guide fr launching an Aviatrix Clud Cnnect in Ggle GClud. If yu are a first time user, this dcument is fr yu. Aviatrix Clud Cnnect (ACC) prvides an end t end and seamless secure clud cnnectivity fr yu. The end-t-end cnsists f accessing t the GClud prject, inter-prject and inter-clud ruting, s that yu have the same experience yu enjy when yu wrk n-prem (where yu d nt need t be aware f the netwrk infrastructure, things just wrk!) Highlights f the Aviatrix Clud Cnnect: Scalable and highly available Clud VPN slutin: Remte access fr users t cnnect t clud directly. Integrated with ggle native lad balancer, the slutin scales t unlimited number f VPN gateways t serve any number f users and bandwidth. Aviatrix Systems Page 1
GClud Cntrller Startup Guide Supprts multi factr authenticatin: DUO, LDAP and Okta. User prfile based access rules that allw administratr t define and enfrce access privilege t any resurces (netwrk, prtcls and prts) in GClud at the perimeter f yur clud netwrk. Supprts wide range f clients: Windws, OSX, Linux, Chrmebk, Andrid and ios. Supprts lg frwarders Lgstash, Splunk, SUMO Lgic, rsyslg fr remte lgging. Supprts Split tunnel and full tunnel mde. Split tunnel mde allws additinal CIDRs be pushed t client. Mdular cnfiguratin supprt incremental cnfiguratin as yur envirnment scales. Supprts active user dashbard and user brwsing activity. N extra hp t access instances in different VPCs. Plicy based multi regin and multi clud (AWS, Azure and GClud) encrypted peering. Multi accunts supprt fr different business grups and prjects. The Aviatrix Clud Cnnect cnsists f tw cmpnents, cntrller and gateway. The gateway is launched frm the cntrller brwser cnsle. This guide helps yu t launch the cntrller image in GClud. Fr the rest f the dcument, cntrller r Aviatrix cntrller is used t refer the cntrller cmpnent f the slutin. Imprtant nte: a GClud prject crrespnds t Aviatrix clud accunt r an AWS (IAM) accunt with its wn credentials. A netwrk in a GClud prject is lgically equivalent t a VPC in AWS, but with a few significant differences, fr example, a netwrk in GClud prject can have disparate subnets and a subnet can acrss regins. 2 Prerequisite 2.1 Get a Custmer ID frm Aviatrix Currently Aviatrix Cntrller fr GClud is nly available via cmmunity image fr BYOL license. Send email t inf@aviatrix.cm r supprt@aviatrix.cm with yur rganizatin name t request a custmer ID. We ffer a 30 day free trial license. 2.2 Create a Ggle Clud Platfrm (GClud) accunt Aviatrix Clud Cnnect is a sftware prduct that is launched in yur wn GClud accunt. The cntrller and the gateways created frm the cntrller cnsle are all in yur wn netwrk perimeter and cmpletely under yur cntrl. Create a GClud accunt (https://clud.ggle.cm/). G n t the next step if yu have already dne s. Aviatrix Systems Page 2
GClud Cntrller Startup Guide Nte that the cntrller supprts multiple accunts with each ne assciated with a different GClud prjects, but there needs t be at least ne t start with. 2.3 Create a GClud Prject Lgin t yur GClud accunt and g t prject page: https://cnsle.clud.ggle.cm/prject Create a prject. G n t the next step if yu have already created ne. Nte the prject ID will be used in referencing t this prject by Aviatrix cntrller. (As an example, we created a prject Aviatrix-UCC, the prject ID is aviatrix-ucc-1214) 2.4 Cpy Aviatrix Cntrller Image t Yur Prject At yur GClud cnsle (https://cnsle.clud.ggle.cm), select the prject where yu want t launch yur cntrller. Click the 3 bars at the tp left crner. At the drp dwn menu, select Cmpute Engine, then select Images. At the tp screen, click [+] CREATE IMAGE, make sure: Select the prject where yu want t launch yur Aviatrix Cntrller. Fill in the image name, fr example, aviatrix-ucc-083016 Fill in the descriptin. At Surce, select Clud Strage File. At Clud Strage file, paste in the fllwing text string: aviatrix100/aviatrix-clud-services-gateway-092716-byl.tar.gz Click create, as shwn belw. 2.5 (Optinal) Create Netwrks This step creates a netwrk in the prject created in the previus step. Aviatrix Systems Page 3
GClud Cntrller Startup Guide When a new prject is created, a default netwrk is created. Yu may skip this step if d nt need t custmize the netwrk address range by creating a new netwrk, r g n t the next step if yu have dne s. Nte Aviatrix Cntrller handles a GClud netwrk like a VPC in AWS. Whenever a netwrk cnfiguratin is mentined fr GClud, the term VPC is used. (The VNet is used fr Azure.) At GClud cnsle, select the prject that yu have cpied the Aviatrix cntrller image t. Click the 3 bars. At the drp dwn menu, select Netwrking. Click [+] Create Netwrk. Nte: if yu plan t have multiple prjects, we suggest yu plan yur subnets s that the netwrk addresses d nt verlap. Select Custm t create subnets. 3 Launch the Aviatrix Cntrller At GClud cnsle, select the prject that yu just cpied the Aviatrix cntrller image t. Click the 3 bars. At the drp dwn menu, select the Aviatrix cntrller image, click [+] Create Instance. Fill in Name fr the instance, Zne and Machine type fr the instance. Make sure the Machine type is n1-standard-2 r larger. Fr Identity and API access, select Allw full access t all Clud APIs. Alternatively, At Access scpes, select Set access fr each API, and then Select Enabled fr Clud Pub/Sub. Select Read Write fr Cmpute. At Firewall, click Allw HTTPS Traffic, as shwn belw. Click Create. Aviatrix Systems Page 4
GClud Cntrller Startup Guide 4 Access the Aviatrix Cntrller After the instance is created, click the cntrller instance name, and nte its External IP address and Internal IP address. G t https://external_ip_f_the_cntrller At the lgin prmpt, type admin fr username, type the internal IP address fr passwrd, as shwn belw: Fllw the initial setup prcess t setup admin email address, passwrd and install the latest sftware. Re-lgin with yur new admin passwrd Aviatrix Systems Page 5
GClud Cntrller Startup Guide 5 Onbarding If n GClud accunt has been setup, yu will be guided thrugh the nbarding prcess. It takes nly a few steps. Once that is dne, fllw the quick tur guide t start launching gateways. 6 Supprt Check ut Help menu fr Frequently Asked Questins (FAQs), Reference Design and Release Ntes. All features have descriptins embedded and shuld be self-explanatry. An alert message will be displayed n the Dashbard menu when a new release becmes available. Fr supprt, send email t supprt@aviatrix.cm Enjy! Aviatrix Systems Page 6