Skip to main content
Versa Networks

Install on AWS

  1. Last updated
  2. Save as PDF

Versa-logo-release-icon.png For supported software information, click here. 

This article describes how to install the Versa headend components on AWS using AWS CloudFormation templates. It is also possible to install the headend components without using the CloudFormation templates.

Before You Begin

If you are using AWS CloudFormation templates, before you install the Versa headend infrastructure on AWS:

  • From Versa Networks Customer Support, obtain the CloudFormation template link to host the AWS CloudFormation template. The CloudFormation templates are described in the next section.
  • Edit the Mapping section of the JSON template, adding the AMI ID for the images shared by Versa Networks Customer Support in the Tenant Account section and in the region where headend is to be deployed.
  • Ensure that your AWS account can access the Versa headend AMIs. To have Versa provide access to the AMIs, contact Versa Customer Support and give them your account ID.
  • Locate or create the key pair to use to launch the AWS stack. You need this key pair to log in to Versa Analytics, Versa Director, and Versa SD-WAN Controller. If you do not have this key pair, generate it by logging in to the AWS console as the AWS admin user.

Note that if you have never run an Ubuntu instance in your AWS account, you must accept the AWS terms and conditions before you can launch a CloudFormation template. To accept the terms, go to the EC2 console page, manually launch an instance of Ubuntu 14.04, and accept the terms and conditions. You can then immediately terminate or delete this instance.

CloudFormation Templates

You use AWS CloudFormation templates to deploy a set of AWS resources. A template is a simple text file that describes a stack, which is a collection of AWS resources that you want to deploy together as a group. Here, the cloud resources are the Versa headend infrastructure, which consists of Versa Director, Versa Analytics, and Versa Controller. (You can also provision a standalone Versa provider edge (PE) router using CloudFormation templates.) When you launch a stack, the Versa headend infrastructure described in the template is provisioned. Placing all the cloud resources in a single stack allows you to manage them together as a group instead of having to manage the individual resources.

The AWS CloudFormation template is a JSON or YAML formatted text file. Versa Networks provides the JSON files to use as AWS CloudFormation templates. To obtain these files, go to the github repository at https://github.com/versa-networks/devops/tree/master/cf.

Versa Networks leverages CloudFormation template capabilities to bring up the headend infrastructure, which consists of Director, Analytics, and Controller. To provision standalone PE router, you use variants of the CloudFormation template.

The following table lists the Versa JSON CloudFormation template files and describes the resources that each template creates. Note that while a PE router is not a headend component, it is required for some topologies.

Template
Name		 Versa
Analytics		 Versa Controller Versa
Director		 Versa PE Router EIP
(for Transport)		 VPC VPC
Gateway		 Availability Zone Selection
aws-basic-headend.json 1 1 1 1 No No
aws-basic-single-flexvnf.json 1 1 1 No No
aws-basic-single-flexvnf-dual-transport.json 1 2 1 No No
aws-direct-connect-sf-sc-sd-da.json 2 1 1 1
(Standalone)		 1 Yes No
aws-direct-connect-sf-sc-sd-da-backup.json 2 1 1 1
(Standalone)		 1 Yes No
single-flexvnf.json 1 1 No No
aws-sf-sc-sd-sa-primary.json 1
per VPC		 1
per VPC		 1
per VPC		 1 per VPC
(Standalone)		 2 Yes Yes
aws-sf-sc-sd-sa-da-secondary.json 3
per VPC		 1
per VPC		 1
per VPC		 1 per VPC
(Standalone)		 2 Yes Yes

Note that last template in the table, aws-sf-sc-sd-sa-da-secondary.json, provisions a single Versa Operating SystemTM (VOSTM) PE router (sf), a single Versa Controller (sc), a single Versa Director (sd), a single Versa Analytics (sa) and a dual Versa Analytics (da). The FlexVNF json files are for VOS devices.

The CloudFormation templates perform the following actions:

  • Creates all the necessary infrastructure to host the Versa headend infrastructure. An example of the infrastructure is illustrated in the figure in Set Up Headend Infrastructure, below.
  • Creates the following infrastructure:
    • Amazon Virtual Private Cloud (VPC) and the default VPC network 10.234.0.0/16
    • Subnetworks to connect your headend nodes
    • Routing tables
    • Network interfaces for each headend component
    • Public IP addresses for Versa Director and Versa SD-WAN Controller
    • Security group rules
    • Internet gateway for the VPC
    • EC2 instances for Versa Director, and Versa SD-WAN Controller, and Versa Analytics
  • Generates a client certificate for Versa Director and copies it to Versa Analytics
  • Executes Versa Director and Versa Analytics initialization scripts
  • Edits the /etc/ssh/sshd_config path in Versa Controller to enable password-based login from the Versa Director management address. Note that all other password-based login to the EC2 instances is disabled for security reasons. By default, only public key–based authentication is allowed.
  • Sets up appropriate routing configurations on all the EC2 instances
  • Installs static routes 10.0.0.0/16 and 10.1.0.0/16 in the Versa Director towards the branches

Set Up Headend Infrastructure

To install the Versa headend components on AWS, you use CloudFormation templates to set up the infrastructure for the headend:

  1. Log in to the AWS Management Console.
  2. In the Services tab:
    1. Select Management & Governance > CloudFormation.
    2. Click Create Stack.

      1.png
  3. In the Create Stack menu, click Select Template. Choose a template and Specify an Amazon template URL to form the CloudFormation template. Then click Next.

    2.png
     
  4. In the Create Stack menu:
    1. Click Specify Details.
    2. Select Amazon EC2 Parameters, and from the drop-down menu select a key pair to use to log in to your instances.
    3. Click Next.

      3.png
  5. In the Create Stack menu:
    1. Click Options.
    2. Configure Tags, Permissions, Rollback Triggers, and Advanced options.
    3. Click Next.

      4.png
  6. In the Create Stack menu:
    1. Click Review.
    2. Verify the Template, Details, and Options information.
    3. Click Create.

      5.png

After you create the stack, wait for at least 10 minutes before logging in to any of the Versa headend infrastructures. During this time, additional scripts are running that complete the creation of the Versa headend infrastructure and set up connectivity details.

The figure below illustrates a sample headend topology deployed in AWS. The first two bytes of the IP addresses, shown in the figure as X.X, are taken from the IPv4 address you entered for the VPC. The second two bytes of the IP address are assigned by the CloudFormation template.

6.png

Set Up Headend Infrastructure Without Using Templates

To install the Versa headend components on AWS without using CloudFormation templates to set up the infrastructure for the headend, perform the following steps on the Controller node after the virtual machine (VM) boots. You can also follow these steps on service VNF routers that are part of the headend topology.

  1. Edit the /etc/ssh/sshd_config and add the following lines at the end of the file, just after the ClientAliveInterval line. If the VM is the Versa Controller node and is reachable from the Director node using a public IP address, specify this public IP address in the ine below.
Match Address Director-northbound-IP-address/32
PasswordAuthentication yes
Match Address Director-southbound-IP-address/32
PasswordAuthentication yes
Match all
  1. Restart the SSH service:
sudo service ssh restart
  1. If you created the VM using an AWS marketplace AMI image, issue the sudo passwd admin command to change the default password of the admin account to "versa123".

Access Versa Headend EC2 Instances

For out-of-band management access to the EC2 instances for Versa headend components, you open an SSH connection to the eth0 nterface using the key pair PEM file for authentication. The eth0 interface is used for out-of-band management.

To access the Versa Director EC2 instance:

ssh -i /path_to_key/my_key.pem Administrator@director-IP-address

To launch the Versa Director as a user, use the following command:

 https://director-IP-address

To access the Versa Analytics EC2 instance:

ssh -i /path_to_key/my_key.pem versa@analytics-IP-address

To access the EC2 instance of the VOS device that is acting as the Versa Controller or of the provider edge (PE) router:

ssh -i /path_to_key/my_key.pem admin@controller-IP-address
ssh -i /path_to_key/my_key.pem admin@PE-router-IP-address

Supported Software Information

Releases 20.2 and later support all content described in this article.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    1. CloudFormation templates