Configure an External Load Balancer on GigaVUE Cloud Suite for AWS

You can use your own load balancer to uniformly distribute the traffic from AWS target VMs to GigaVUE V Series 2 nodes. The load balancer distributes the traffic to the GigaVUE V Series 2 nodes and the GigaVUE-FM auto-scales the GigaVUE V Series Nodes based on the traffic. GigaVUE-FM creates a traffic mirror from the target VMs to the load balancer that all the targets must have the same traffic load balancer destination. Load balancer forwards the traffic to the GigaVUE V Series 2 nodes and the AWS Auto Scaling group monitors the load of all GigaVUE V Series nodes. AWS Auto Scaling group can add or remove nodes if the traffic load is heavy or low.

Refer to the following topics for detailed information.

• Architecture
• Prerequisites
• Configure an External Load Balancer in AWS
• Deploy GigaVUE V Series Solution with Elastic Load Balancing

Architecture

The design depicts deploying GigaVUE Cloud Suite fabric components in a centralized VPC where the target VMs of mutiple AWS accounts are deployed behind an external AWS network load balancer. GigaVUE-FM creates VPC mirroring on the target VMs to mirror and forward the traffic to the load balancer. The load balancer deploys or deletes additional GigaVUE V Series 2 nodes and distributes the traffic among them to aggregate, filter, and forward the traffic to the tools over the tunnel endpoint. In AWS, the Auto Scaling group monitors the load among all the GigaVUE V Series 2 nodes and adds or removes them via RESTful API integration with the GigaVUE-FM when the traffic load crosses or drops below a pre-defined threshold.

A typical AWS deployment to support the external load balancer requires the following components:

• GigaVUE-FM (Fabric Manager
• GigaVUE V Series 2 node
• AWS Network Load Balancer (uniformly distributes traffic from AWS target VMs to GigaVUE V Series nodes)

Prerequisites

• Create or update Security Group polices of GigaVUE Cloud Suite components. Refer to Security Group topic for detailed information.
• Create or update routes in various VPCs across participating mirrored AWS accounts so that all mirrored account VPCs can connect to the target account VPC where the AWS Network Load Balancer is deployed. Refer to Amazon VPC for more information.
  

  Note:  The target account VPC is considered as the centralized VPC by GigaVUE-FM and the connections towards all other mirrored account VPCs either through 1 : 1 VPC peering or via 1 : M transit gateway (that connects all participating VPCs across mirrored AWS accounts). VPC peering has no bandwidth limitation and no additional cost within the same region (recommended). Transit gateway costs more and it also has a limitation of 50 Gbps burst per VPC.

• Create or update existing IAM role for GigaVUE-FM in the centralized VPC. Additionally trust relationship needs to be created between the mirrored and the target account for GigaVUE-FM to execute the above permissions at the IAM role level. Refer to AMI and Permissions section for detailed information.

Configure an External Load Balancer in AWS

To configure an external load balancer in AWS:

1. In the Target Groups page, click Create target group and the Create target group wizard appears. Enter or select the following values and create the target group.
   
   1. Select IP addresses as the target type.
   2. Enter a name for the target group.
   3. Select the UDP as the Protocol and 4789 as the port number.
   4. Select the VPC of your target group where the targets are registered.
   5. Select TCP as the Health check protocol in port number 8889 with 10 seconds health check interval.

   Note:  For detailed instructions, refer to Create a target group for your Network Load Balancer topic in the AWS Elastic Load Balancing document.

2. Navigate to the Load Balancer page and click Create Load Balancer the Create elastic load balancer wizard appears. Enter or select the following values and create the load balancer.
   1. Select Network Load Balancer as the load balancer type and click Create.
   2. Enter a name for the Network Load Balancer.
   3. Select Internal load balancer as the Scheme.
   4. Select the VPC for your targets (GigaVUE V Series Nodes).
   5. Select the regions/zones and the corresponding subnets.
   6. Select UDP as the Listener Protocol with Port number 4789.

   Note:  For detailed instructions, refer to Create a Network Load Balancer topic in the AWS Elastic Load Balancing document.

3. Navigate to the Launch Templates page and click Create launch template the Create launch template wizard appears. Enter or select the following values and create the launch template.
   1. Enter a name for the launch template.
   2. Select the AMI of the GigaVUE V Series node.
   3. Select t3a.xlarge as the instance type.
   4. Select a Key pair for the instance.
   5. Select VPC as the Networking platform and don't specify the security group.
   6. Add 2 Network Interfaces for the GigaVUE V Series node with device index as 0 and 1 (mgmt and data interface respectively) and for the interfaces, select the appropriate security group.

   Note:  For detailed instructions, refer to Creating a launch template for an Auto Scaling group topic in the AWS EC2 Auto Scaling document.

4. Navigate to the Auto Scaling groups page, and click Create an Auto Scaling group the Create Auto Scaling group wizard appears. Enter or select the following values and create the Auto Scaling group.
   1. Enter a name for the Auto Scaling group.
   2. Select an existing launch template.
   3. Select the VPC and subnet.
   4. In the Group size section, enter the value for minimum and maximum capacity.
   5. In the Scaling policies section, select Target tracking scaling policy and choose Average network in (bytes) for the Metric type with 1000000000 (bytes) as target value and 300 seconds warm up value.
   6. (optional) Add Tags to the instances.

   Note:  For detailed instructions, refer to Creating an Auto Scaling group using a launch template topic in the AWS EC2 Auto Scaling document.

In the Instances page, you can view the GigaVUE V Series 2 node instance deployed by the load balancer and use the same

Deploy GigaVUE V Series Solution with Elastic Load Balancing

To deploy GigaVUE V Series solution across the AWS accounts with Elastic Load Balancing in GigaVUE-FM:

1. In the Monitoring Domain Configuration page, select VPC Traffic Mirroring as the Traffic Acquisition method. Refer to Create a Monitoring Domain for detailed information.
   
2. For the Use Load Balancer field, select Yes.
3. Click Save and the AWS Fabric Launch Configuration page appears.
   
4. In the AWS Fabric Launch Configuration page, select the following for the load balancer.
   • Select the Load Balancer configured in AWS
   • Select the Auto Scaling Group configured in AWS

   For the remaining field description, refer to Configure and Deploy GigaVUE Fabric Components in GigaVUE-FM.

5. Click Save to save the configuration.