Configure GigaVUE Fabric Components using Azure

This topic provides instruction on how to register GigaVUE fabric components using Azure Portal or a configuration file.

Recommended Instance Type

The following table lists the recommended instance type for deploying the fabric components:

Note:  Additional instance types are supported. You can choose the instance type that best fits your deployment needs. If you're unsure which instance to select, contact Support, Sales, or Professional Services for deployment optimization.

Product

 Instance Type vCPU RAM

GigaVUE V Series Node

Standard_D4s_v4

4 vCPU

16GB

Standard_D8S_V4

8 vCPU

32GB

GigaVUE V Series Proxy

Standard_B1s

1 vCPU

1GB

UCT-V Controller

Standard_B4ms

4 vCPU

16GB

Note:  A single UCT-V Controller can manage up to 500 UCT-Vs. For more than 500 UCT-Vs, you must add an additional UCT-V Controller to scale up accordingly.

Deployment Best Practices

Keep in mind the following when deploying the fabric components using generic mode:

  • Set the correct MTU for tunnels: Use 1450 for IPv4 tunnels and 1430 for IPv6. To update the Traffic Acquisition Tunnel MTU:

    1. Select the monitoring domain.

    2. Select the Edit Monitoring Domain option.

    3. Enter the Traffic Acquisition Tunnel MTU value and select Save.

Note:  Set the correct MTU before deploying the Monitoring Session. If not, you must undeploy and redeploy the session after updating the MTU.

  • You can also create a monitoring domain under Third Party Orchestration and provide the monitoring domain name and the connection name as groupName and subGroupName in the registration data. Refer to Create Monitoring Domain for more detailed information on how to create monitoring domain under third party orchestration.
  • When creating virtual machine for deploying the fabric components in Azure, SSH public key must only be used as the Authentication type in Azure.
  • Create tokens in the User Management page in GigaVUE-FM. Refer to Configure Tokens for more detailed information.
  • When GigaVUE‑FM is 6.10.00 or above and the Fabric Components are on (n-1) or (n-2) versions, you must create a Username and Password instead of using tokens in the registration data. For more details, refer to the Configure Role-Based Access for Third-Party Orchestration section in the 6.9 Documentation.

Prerequisites

Ensure that GigaVUE V Series Node has at least have two Networks Interfaces (NIC) attached to it:

  • A management NIC 

  • A data NIC with Accelerated Networking enabled.

When creating a virtual machine for GigaVUE V Series Node using CLI, you can attach Management NIC and Data NIC at the time of the virtual machine creation. However, if you are using Azure GUI to create the virtual machine for GigaVUE V Series Node, then you can attach the data NIC only after creating the virtual machine.

For details, refer to the following topics:

NOTE:

  • Accelerated Networking must be enabled in the Data NIC only when deploying GigaVUE V Series Nodes using Third Party Orchestration.
  • Accelerated Networking is not required for Management NIC.

Create GigaVUE V Series Node with Management and Data NIC Attached using CLI

  1. Create the management NIC.

    az network nic create -g <resource group> --vnet-name <VNet Name> --subnet <Subnet name> -n <Mangement NIC Name>

  2. Create data NIC with Accelerated Networking enabled.

    az network nic create -g <resource group> --vnet-name <VNet> --subnet <Subnet> -n <Data NIC> --accelerated-networking true

  3. CreateGigaVUE V Series Node virtual machine using the above NICS.

az vm create --resource-group <Resource group> --size <Standard_D4s_v4/Standard_D8S_V4> --name <GigaVUE V Series Node> --admin-username gigamon --generate-ssh-keys --image gigamon-inc:gigamon-gigavue-cloud-suite-v2:vseries-nodev6.11.00:6.11.00 --plan-name vseries-node-v6.11.00 --plan-product gigamon-gigavue-cloud-suite-v2 --plan-publisher gigamon-inc --nics <Management NIC and Data NIC>

Note:  You can use the following command to view all the images from Gigamon.

az vm image list --all --publisher gigamon-inc

Create GigaVUE V Series Node with Management and Data NIC Attached using Azure GUI

Enable Management NIC when creating the GigaVUE V Series Node virtual machine.

For details, refer to the Create virtual machine topic in Azure Documentation.

Perform the following steps to attach the data NIC:

  1. Select the GigaVUE V Series Node virtual machine from the Resources Page.
  2. Stop the Virtual Machine using the Stop button.
  3. Navigate to Setting > Networking from the left navigation pane.
    The Networking page appears.
  4. In the Networking page, select Attach network interface.
  5. Select an existing network interface for Data NIC and select OK.
    To enable accelerated networking, refer to Manage Accelerated Networking through the portal.
  6. Start the Virtual Machine.

In your Azure Portal, you can configure the following GigaVUE fabric components:

Configure UCT-V Controller in Azure

You can configure more than one UCT-V Controller in a monitoring domain.

To register UCT-V Controller in Azure Portal, use one of the following methods:

Register UCT-V Controller during Virtual Machine Launch

In your Azure portal, you canlaunch the UCT-V Controller init virtual machine and register UCT-V Controller using custom data,

Perform the following steps:

  1. In the Virtual machines page of the Azure Portal, select Create then Virtual machine. Then Create a Virtual Machine Page appears. For detais , refer to Create virtual machine topic in Azure Documentation.
  2. On the Advanced tab, enter the Custom Data as text in the following format and deploy the virtual machine. The UCT-V Controller uses this custom data to generate config file (/etc/gigamon-cloud.conf) used to register with GigaVUE‑FM.
    Copy
    #cloud-config
     write_files:
     - path: /etc/gigamon-cloud.conf
       owner: root:root
       permissions: '0644'
       content: |
         Registration:
            groupName: <Monitoring Domain Name>
            subGroupName: <Connection Name>
            token: <Token>
            remoteIP: <IP address of the GigaVUE-FM>
            sourceIP: <IP address of UCT-V Controller> (Optional Field)
            remotePort: 443


The UCT-V Controller deployed in your Azure portal appears on the Monitoring Domain page ofGigaVUE‑FM.

Register UCT-V Controller after Virtual Machine Launch

To register UCT-V Controller after launching a Virtual Machine using a configuration file, perform the following steps::

  1. Log in to the UCT-V Controller.
  2. Create a local configuration file (/etc/gigamon-cloud.conf) and enter the following custom data.
    Copy
    Registration:
        groupName: <Monitoring Domain Name>
        subGroupName: <Connection Name>
        token: <Token>
        remoteIP: <IP address of the GigaVUE-FM>
        sourceIP: <IP address of UCT-V Controller> (Optional Field)
        remotePort: 443
  3. Restart the UCT-V Controller service.
    $ sudo service uctv-cntlr restart

Assign Static IP address for UCT-V Controller

By default, the UCT-V Controller gets assigned an IP address using DHCP.

To assign a static IP address, perform the following steps:

  1. Navigate to /etc/netplan/ directory.
  2. Create a new .yaml file. (Other than the default 50-cloud-init.yaml file)
  3. Update the file as shown in the following sample:
Copy 
network:
  version: 2
  renderer: networkd
  ethernets:
    <interface>:                # Replace with your actual interface name (e.g., eth0)
      dhcp4: no
      dhcp6: no
      addresses:
        - <IPV4/24>             # e.g., 192.168.1.10/24
        - <IPV6/64>             # e.g., 2001:db8:abcd:0012::1/64
      nameservers:
        addresses:
          - <DNS_IPV4>          # e.g., 8.8.8.8
          - <DNS_IPV6>          # e.g., 2001:4860:4860::8888
      routes:
        - to: 0.0.0.0/0
          via: <IPV4_GW>        # e.g., 192.168.1.1
        - to: ::/0
          via: <IPV6_GW>        # e.g., 2001:db8:abcd:0012::fffe
                        
Example netplan config:

network:
  version: 2
  renderer: networkd
  ethernets:
    ens3:
      addresses:
         -192.168.1.10/24
         -2001:db8:1::10/64
      nameservers:
        addresses:
          -8.8.8.8
          -2001:4860:4860::8888
      routes:
        -to: 0.0.0.0/0
          via: 192.168.1.1
          metric: 100
        -to: ::/0
           via: 2001:db8:1::1
          metric: 100
  1. Save the file.
  2. Restart the UCT-V Controller service.
$ sudo service uctv-cntlr restart

The deployed UCT-V Controller registers with the GigaVUE‑FM. After successful registration the UCT-V Controller sends heartbeat messages to GigaVUE‑FM every 30 seconds. If one heartbeat is missing, the fabric component status appears as Unhealth. If more than five heartbeats fail to reach GigaVUE‑FM, GigaVUE‑FM tries to reach the UCT-V Controller. If that fails as well then GigaVUE‑FM unregisters the UCT-V Controller and removes from GigaVUE‑FM.

Configure UCT-V in Azure

You need to register UCT-V through the registered UCT-V Controller. It communicates through PORT 8891.

Note:  Deployment of UCT-Vs through third-party orchestrator is supported on both Linux and Windows platforms. For details, refer to Linux UCT-V Installation and Windows UCT-V Installation.

To register UCT-V in Azure Portal, use one of the following methods.

Register UCT-V during Virtual Machine Launch

Note:  Registering UCT-V during Virtual Machine Launch is not applicable for Windows Agents. You can register your Windows Agents after launching the Virtual machine, using a configuration file.

In your Azure portal, you can launch the UCT-V init virtual machine and register the UCT-V using custom data,

Perform the following steps:

  1. In the Virtual machines page of the Azure Portal, select Create then Virtual machine. Then, Create a Virtual Machine Page appears. For details, refer to Create virtual machine topic in Azure Documentation.
  2. On the Advanced tab, enter the Custom Data as text in the following format and deploy the virtual machine. The UCT-V uses this custom data to generate config file (/etc/gigamon-cloud.conf) to register with GigaVUE‑FM.
    Copy
    #cloud-config
     write_files:
     - path: /etc/gigamon-cloud.conf
       owner: root:root
       permissions: '0644'
       content: |
         Registration:
             groupName: <Monitoring Domain Name>
             subGroupName: <Connection Name>
             token: <Token>
             remoteIP: <IP address of the UCT-V Controller 1>,<IP address of the UCT-V Controller 2>
             sourceIP: <IP address of UCT-V> (Optional Field)

    NOTE: If you are using multiple interface in UCT-V and UCT-V Controller is not connected to the primary interface, then add the following to the above registration data: 

    localInterface:<Interface to which UCT-V Controller is connected>

Register UCT-V after Virtual Machine Launch

Note:  You can configure more than one UCT-V Controller for a UCT-V, so that if one UCT-V Controller goes down, the UCT-V registration will happen through another Controller that is active.

To register UCT-V after launching a Virtual Machine using a configuration file, perform the following steps:

  1. Install the UCT-V in the Linux or Windows platform. For detailed instructions, refer to Linux UCT-V Installation and Windows UCT-V Installation.

  2. Log in to the UCT-V.
  3. Edit the local configuration file and enter the following custom data.
    • /etc/gigamon-cloud.conf is the local configuration file in Linux platform.
    • C:\ProgramData\uctv\gigamon-cloud.conf is the local configuration file in Windows platform.
    • When creating C:\ProgramData\uctv\gigamon-cloud.conf file, ensure that the file name extension is .conf. To view the file name extension in Windows, follow the steps given below:
      1. Go to File Explorer and open the File Location.
      2. On the top navigation bar, click View.
      3. In the View tab, enable the File name extensions check box.
    Copy
    Registration:
        groupName: <Monitoring Domain Name>
        subGroupName: <Connection Name>
        token: <Token>
        remoteIP: <IP address of the UCT-V Controller 1>,<IP address of the UCT-V Controller 2>
        sourceIP: <IP address of UCT-V> (Optional Field)

    NOTE: If you are using multiple interface in UCT-V and UCT-V Controller is not connected to the primary interface, then add the following to the above registration data: 

    localInterface:<Interface to which UCT-V Controller is connected>
  4. Restart the UCT-V service.
    • Linux platform: 
      $ sudo service uctv restart
    • Windows platform: Restart from the Task Manager.

The deployed UCT-V registers with the GigaVUE‑FM through the UCT-V Controller. After successful registration, the UCT-V sends heartbeat messages to GigaVUE‑FM every 30 seconds. If one heartbeat is missing, UCT-V status appears as Unhealthy. If more than five heartbeats fail to reach GigaVUE‑FM, then GigaVUE‑FM tries to reach the UCT-V. If that fails as well, then GigaVUE‑FM unregisters the UCT-V and it is removed from GigaVUE‑FM.

Configure GigaVUE V Series Node and GigaVUE V Series Proxy in Azure

Note:  It is not mandatory to register GigaVUE V Series Nodes via V Series proxy however, if there is a large number of nodes connected to GigaVUE‑FM or if the user does not wish to reveal the IP addresses of the nodes, then you can register your nodes using GigaVUE V Series Proxy. In this case, GigaVUE‑FM communicates with GigaVUE V Series Proxy to manage the GigaVUE V Series Nodes.

To register GigaVUE V Series Node and GigaVUE V Series Proxy in Azure Portal, use any one of the following methods.

Register GigaVUE V Series Node and GigaVUE V Series Proxy during Virtual Machine Launch

To register GigaVUE V Series Node and GigaVUE V Series Proxy using the custom data in Azure Portal, perform the following steps:

  1. In the Virtual machines page of the Azure Portal, select Create then Virtual machine. Then Create a Virtual Machine Page appears. For detailed information, refer to Create virtual machine topic in Azure Documentation.
  2. On the Advanced tab, enter the Custom Data as text in the following format and deploy the virtual machine. The GigaVUE V Series Node and GigaVUE V Series Proxy uses this custom data to generate config file (/etc/gigamon-cloud.conf) used to register with GigaVUE‑FM.
    Copy
    #cloud-config
     write_files:
     - path: /etc/gigamon-cloud.conf
       owner: root:root
       permissions: '0644'
       content: |
         Registration:
            groupName: <Monitoring Domain Name>
            subGroupName: <Connection Name>
            token: <Token>
            remoteIP: <IP address of the GigaVUE-FM> or <IP address of the Proxy>
            remotePort: 443

    NOTE: You can register your GigaVUE V Series Nodes directly with GigaVUE‑FM or you can use V Series proxy to register your GigaVUE V Series Nodes with GigaVUE‑FM. If you wish to register GigaVUE V Series Nodes directly, enter the remotePort value as 443 and the remoteIP as <IP address of the GigaVUE‑FM> or if you wish to deploy GigaVUE V Series Nodes using V Series proxy then, enter the remotePort value as 8891 and remoteIP as <IP address of the Proxy>.

Register GigaVUE V Series Proxy after Virtual Machine Launch

You can register GigaVUE V Series Proxy after launching the virtual machine using a configuration file.

To register,

  1. Log in to the GigaVUE V Series Proxy.
  2. Create a local configuration file (/etc/gigamon-cloud.conf) and enter the following custom data.
    Copy
    Registration:
        groupName: <Monitoring Domain Name>
        subGroupName: <Connection Name>
        token: <Token>
        remoteIP: <IP address of the GigaVUE-FM> or <IP address of the Proxy>
        remotePort: 443

    NOTE: You can register your GigaVUE V Series Nodes directly with GigaVUE‑FM or you can use V Series proxy to register your GigaVUE V Series Nodes with GigaVUE‑FM. If you wish to register GigaVUE V Series Nodes directly, enter the remotePort value as 443 and the remoteIP as <IP address of the GigaVUE‑FM> or if you wish to deploy GigaVUE V Series Nodes using V Series proxy then, enter the remotePort value as 8891 and remoteIP as <IP address of the Proxy>.

  3. Restart the GigaVUE V Series Proxy service. 
    • GigaVUE V Series Node: 
      $ sudo service vseries-node restart
    • GigaVUE V Series Proxy: 
      $ sudo service vps restart

The deployed GigaVUE V Series proxy registers with the GigaVUE‑FM. After successful registration, the GigaVUE V Series proxy sends heartbeat messages to GigaVUE‑FM every 30 seconds. If one heartbeat is missing, the fabric component status appears as Unhealthy. If more than five heartbeats fail to reach GigaVUE‑FM, then GigaVUE‑FM tries to reach theGigaVUE V Series Proxy. If that fails as well then GigaVUE‑FM unregisters the GigaVUE V Series proxy and it is removed from GigaVUE‑FM.

Note:  When the GigaVUE V Series Node is stopped or terminated from the Azure, it does not send any unregistration request and GigaVUE‑FM unregisters the V Series Node soon after.

Key Considerations for Upgrade

Consider the following when upgrading the GigaVUE‑FM to 6.1.00 or higher version (when using third party orchestration to deploy fabric components):

When upgrading GigaVUE‑FM to any version higher than 6.0.00, if the GigaVUE V Series Nodes version deployed in that GigaVUE‑FM is lower than or equal to 6.0.00, then, for the seamless flow of traffic, GigaVUE‑FM automatically creates Users and Roles in GigaVUE‑FM with the required permission.

For the user created in GigaVUE‑FM,

  • Username: orchestration

  • Password: orchestration123A!.

    Verify that the username orchestration does not belong to another user in GigaVUE‑FM.

After the upgrade, we recommend changing the password on the Users page. For details, refer to Configure Role-Based Access for Third Party Orchestration.