AWS Installation

An AWS configuration example is shown in the figure below. We offer an Ansible script to ease the AWS installation. Further below are the installation instructions.

@startuml
!define AWSPUML ../../images/AWS-PlantUML/dist
!include AWSPUML/common.puml
!include AWSPUML/NetworkingContentDelivery/AmazonVPC/router/router.puml
!include AWSPUML/General/client/client.puml
!include AWSPUML/General/Internetalternate1/Internetalternate1.puml
!include AWSPUML/General/corporatedatacenter/corporatedatacenter.puml
!include AWSPUML/General/virtualprivatecloud/virtualprivatecloud.puml
!include AWSPUML/General/AWScloud/AWScloud.puml
!include AWSPUML/NetworkingContentDelivery/AmazonVPC/VPCNATgateway/VPCNATgateway.puml

left to right direction
hide stereotype
skinparam shadowing false
skinparam rectangle {
    borderColor<<awscloud>> #black
    roundCorner<<awscloud>> 50
    borderColor<<virtualprivatecloud>> #black
    roundCorner<<virtualprivatecloud>> 50
    borderColor<<site>> #black
    roundCorner<<site>> 50
    borderColor Transparent
    backgroundColor Transparent
    fontColor #black
    stereotypeFontColor Transparent
}
skinparam linetype polyline
skinparam linetype ortho

AWSCLOUD(AWC1, "Region1", rectangle) {
    VPCNATGATEWAY(GW1, "Gateway 13.53.107.28\n13.53.107.28 <--> 172.18.254.76", rectangle)
    VIRTUALPRIVATECLOUD(VPC1, "172.18.0.0/16", rectangle) {
        cloud "AWS WAN\n172.18.254.x/24" as WAN
        ROUTER(R2, "flexiWAN\nRouter2", rectangle,"#Teal")
        CORPORATEDATACENTER(CDC1, Server1, rectangle)
        cloud "AWS LAN\n172.18.1.x\24" as LAN
        CORPORATEDATACENTER(CDC2, Server2, rectangle)
        note right of CDC1 : Default GW=172.18.1.254
        note bottom of R2 : Default GW=172.18.254.1\n192.168.56.x/24 via 10.100.0.4
        note right of CDC2 : Default GW=172.18.1.254
    }
}
INTERNETALTERNATE1(INT,"Internet",rectangle,"#RoyalBlue")
rectangle Site as SITE <<site>> {
    CLIENT(C1, Client1, rectangle)
    note top of C1 : Default GW=192.168.56.105
    cloud "Site LAN\n192.168.56.x/24" as SL
    ROUTER(R1, "flexiWAN\nRouter1", rectangle,"#Teal")
    note left of R1 : Default GW=77.77.77.1\n172.18.1.x/24 via 10.100.0.5
}

GW1 .[thickness=7,#LimeGreen]. INT
GW1 <--> INT
GW1 -[hidden]- INT
INT ..[thickness=7,#LimeGreen] R1
INT <--> R1 : "77.77.77.77"
GW1 <-> WAN : "172.18.254.1"
GW1 .[thickness=7,#LimeGreen] WAN
WAN <--> R2 : "172.18.254.76"
WAN .[thickness=7,#LimeGreen]. R2
LAN <--> CDC1 : "172.18.1.178"
R2 <--> LAN : "172.18.1.254"
LAN <--> CDC2 : "172.18.1.219"
C1 <--> SL
SL <-> R1 : "192.168.56.105"
R1 <..[hidden].> R2
INT ..[hidden] R1
INT ..[hidden] R1
INT ..[hidden] R1
INT ..[hidden] R2
INT ..[hidden] R2

@enduml

Installation Steps

Prerequisites

The Ansible script described below can be executed from any Linux machine that has access to your AWS account. Before starting the installation process, make sure you have the following things:

  1. An Amazon EC2 account for installing the flexiEdge device

  2. An Ansible environment on your Linux machine.

    If you are running under Linux Ubuntu 18.04 you can install it by:

    sudo apt update
    sudo apt install software-properties-common
    sudo apt-add-repository ppa:ansible/ansible
    sudo apt update
    sudo apt install ansible python-boto3 python3-boto3 python-boto python3-boto
    
  3. A valid AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY.

    The keys can be found in the IAM management console of Amazon EC2. More information on how to find and update the access keys is detailed here

Installation

  1. Download the Ansible script

    mkdir ansible
    cd ansible
    wget https://sandbox.flexiwan.com/Utils/ansible.v0.1.3.tar.gz
    
  2. Unzip the tar.gz:

    tar -vxf ansible.v0.1.3.tar.gz
    cd ansible.v0.1.3/
    
  3. Export the AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY

    export AWS_ACCESS_KEY=AKIAVWP**********************
    export AWS_SECRET_ACCESS_KEY=5Gp9Pg***********************************************
    
  4. Run the Ansible script to create your AWS flexiEdge device

    Use the following parameters in the script command line:

    Ansible parameters
    Parameter Description
    region Region in Amazon EC2 used for creating the flexiEdge device
    vpc_name A string for naming the VPC
    vpc_cidr_block The CIDR for the VPC. Note: This should be a globally unique CIDR, as our goal is to create a tunnel between VPCs
    cidr_lan The CIDR for the LAN network
    lan_ip_address The LAN IP address
    flexiwan_token The organization token created in your flexiManage account
    stack A sting for tagging the resource in EC2

    Example: the following command creates a VPC in Ohio region (us-east-2), the LAN and WAN subnets, the Internet Gateway and one m5.large EC2 instance with Ubuntu 18.04 and the flexiEdge software (as shown in the figure above). Once the script completes successfully, a new flexiEdge device should appear in the flexiManage Devices menu automatically. The SSH key to access the EC2 instance is saved in the directory under the string name used for the stack parameter.

    ansible-playbook ec2_create_customer.yml --extra-vars "region=us-east-2 vpc_name=VPC vpc_cidr_block=172.18.0.0/16 cidr_lan=172.18.1.0/24 cidr_wan=172.18.254.0/24 lan_ip_address=172.18.1.254 flexiwan_token=ey****** stack=Ohio"
    
  5. To access the instance via SSH

    SSH with your key, and the public IP allocated for the flexiEdge device

    ssh -i Ohio -l ubuntu 13.53.107.28