Configure a Gateway Load Balancer
Prerequisites
- Create or update Security Group policies of GigaVUE Cloud Suite components. Refer to Security Group topic for detailed information.
- Create or update routes in various VPCs across participating mirrored AWS accounts so that all mirrored account VPCs can connect to the target account VPC where the AWS Gateway Load Balancer is deployed. Refer to Amazon VPC for more information.
- Create or update existing IAM role for GigaVUE-FM in the centralized VPC. Additionally trust relationship needs to be created between the mirrored and the target account for GigaVUE-FM to execute the above permissions at the IAM role level. Refer to AMI and Permissions section for detailed information.
- For more information on AWS recommended design for Gateway Load Balancer implementation with inline services, such as firewall. see Getting started with Gateway Load Balancers - Elastic Load Balancing (amazon.com)
- You must create a VPC endpoint and endpoint service. For more information, see Create endpoint service
- Create a routing table. For more information, see Amazon documentation.
- User and Password provided in the registration data must be configured in the User Management page for deploying GigaVUE V Series Node using Third Party Orchestration. Refer to Configure Role-Based Access for Third Party Orchestration for more detailed information.
Points to Note:
When configuring Gateway Load Balancer, the GigaVUE V Series Nodes must be deployed using Third Party Orchestration.
Perform the following steps to configure an external load balancer in AWS:
- In the Target Groups page, click Create target group and the Create target group wizard appears. Enter or select the following values and create the target group.
- Select IP addresses as the target type.
- Enter a name for the target group..
- Select the VPC of your target group where the targets are registered.
- Select TCP as the Health check protocol in port number 8889 with 10 seconds health check interval.
Note: You must select GENEVE protocol and port 6081 while creating the targets groups. For detailed instructions, refer to Target groups for your Gateway Load Balancers.
- Navigate to the Load Balancer page and click Create Load Balancer the Create elastic load balancer wizard appears. Enter or select the following values and create the load balancer.
- Select Gateway Load Balancer as the load balancer type and click Create.
- Enter a name for the Gateway Load Balancer.
- Select the VPC for your targets (GigaVUE V Series Nodes).
- Select the regions/zones and the corresponding subnets.
- Associate the load balancer to the target group.
- By default, GENEVE as the Listener Protocol with Port number 6081 is selected.
Note: For detailed instructions, refer to Create a Gateway Load Balancer topic in the AWS Elastic Load Balancing document
- Navigate to the Launch Templates page and click Create launch template the Create launch template wizard appears. Enter or select the following values and create the launch template.
- Enter a name for the launch template.
- Select the AMI of the GigaVUE V Series node.
- Select c5n.xlarge as the instance type.
- Select a Key pair for the instance.
- Select VPC as the Networking platform and don't specify the security group.
- Add 2 Network Interfaces for the GigaVUE V Series Node with device index as 0 and 1 (mgmt and data interface respectively) and for the interfaces, select the appropriate security group.
- In the Advanced details section, enter the User data as text in the following format and deploy the instance. The GigaVUE V Series Nodes uses this user data to generate config file (/etc/gigamon-cloud.conf) used to register with GigaVUE-FM using Third Party Orchestration.Copy
#cloud-config
write_files:
- path: /etc/gigamon-cloud.conf
owner: root:root
permissions: '0644'
content: |
Registration:
groupName: <Monitoring Domain Name>
subGroupName: <VPC Name>
user: <Username>
password: <Password>
remoteIP: <IP address of the GigaVUE-FM>
remotePort: 443Note: Enter the UserName and Password created in the Add Users Section of the User Management page.
Note: For detailed instructions, refer to Creating a launch template for an Auto Scaling group topic in the AWS EC2 Auto Scaling document.
- Navigate to the Auto Scaling groups page, and click Create an Auto Scaling group the Create Auto Scaling group wizard appears. Enter or select the following values and create the Auto Scaling group.
- Enter a name for the Auto Scaling group.
- Select an existing launch template.
- Select the VPC and subnet.
- In the Group size section, enter the Desired capacity as 0. The Desired capacity value must be less that the Maximum Capacity value.
Note: Once the monitoring Domain and connection is configured, edit this value to the number of GigaVUE V Series Node that needs to be deployed in this Monitoring Domain.
- In the Scaling policies section, select Target tracking scaling policy and choose Average network in (bytes) for the Metric type with 1000000000 (bytes) as target value and 300 seconds warm up value.
- (optional) Add Tags to the instances.
Note: For detailed instructions, refer to Creating an Auto Scaling group using a launch template topic in the AWS EC2 Auto Scaling document.
In the Instances page, you can view the GigaVUE V Series Node instance launched by the auto scaling group.