Versions Compared

Old Version 9

changes.mady.by.user Jyothi KP

Saved on

compared with

New Version 10

changes.mady.by.user Jyothi KP

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

You can obtain the Infoblox vNIOS for AWS AMI by going to the CommunityAMI page in Amazon Web Services. Use 'NIOS' or 'Infoblox' as the search term to locate the AMI. For information, see the Obtaining the Infoblox vNIOS for AWS AMI section.

This topic describes the procedure that you can use to launch and provision an Infoblox vNIOS for AWS instance for your AWS VPC in the AWS console. This procedure supports users who want to provision Infoblox vNIOS for AWS using the BYOL (Bring Your Own Licensing) model. It provides the complete sequence of procedures that you must perform to manually provision a new Infoblox vNIOS for AWS instance in AWS.

When you use the BYOL licensing model, you install licenses using the standard methods described in the Infoblox NIOS DocumentationNIOS Documentation, including a set of temporary feature licenses. Ensure that you add the following licenses to the appliance: A vNIOS license for your Infoblox vNIOS for AWS instance, a DNS license to run DNS services, a DHCP license to run DHCP services in the Infoblox vNIOS instance deployed on AWS, the Enterprise (Grid) license to configure it as a Grid Master, a Grid member, or a Grid Master Candidate, and the CNA (Cloud Network Automation) license to manage cloud features on the Grid Master. All other NIOS features are available for use in Infoblox vNIOS for AWS instances and can be enabled by their respective licenses.

...

You may also use Elastic Scaling (dynamic licenses) to automatically provision and configure vNIOS instances in the AWS VPC. For more information about these licensing models, see Provisioning Infoblox vNIOS for AWS using Elastic Scaling.

Obtaining the Infoblox vNIOS for AWS AMI

...

  1. Choose your VPC from the Network drop-down list.

    1. If you have not yet created a VPC, click the Create new VPC link, and then specify the name and the IP address range (in standard CIDR format) for the new VPC.
      To also associate IPv6 IP address with the instance, select Amazon provided IPv6 CIDR Block. (The address range you specify in this step appears as the top-level network view in the NIOS Data Management -> IPAM page.)

  2. Define the Subnet to which the new vNIOS for AWS instance is assigned. Each VPC must have a default subnet. You can then select this subnetwork value for your configuration:

    1. If you have not yet created a subnet for your VPC, click the Create new subnet link.

    2. On the VPC Dashboard page, which may open in a new browser window, click Subnets.

    3. Click Create Subnet. In the Create Subnet dialog box, complete the following:

      1. In the VPC list, select the VPC you created in Step 1.

      2. From the IPv4 CIDR Block drop-down list, choose the IPv4 IP address range for the subnet.

      3. If you need to assign an IPv6 address to the subnet, from the IPv6 CIDR Block drop-down list, choose the IPv6 address range.
        Note that the CIDR block must be a smaller prefix than the IP address range for the VPC.

    4. Click Yes, Create.
      You may create more than one subnet. The subnet prefix values appear in the Subnet field for each network interface in your AWS console.

  3. In the Auto-assign Public IP drop-down list, keep the default option, Use subnet setting (Disable).
    As you are creating an instance with two interfaces, AWS does not allow a Public IP assignment to the new vNIOS for AWS instance. AWS displays a warning to this effect when you create the second interface. (You may use an Elastic IP address or a private IP address.)

  4. In the Auto-assign IPv6 IP drop-down list, perform one of the following:

    1. Keep the default option, Use subnet setting (Disable) to assign only IPv4 addresses to the vNIOS instance.

    2. Choose Enable to also assign IPv6 addresses to the vNIOS instance. When the instance starts, it will be associated with both IPv4 and IPv6 addresses.

  5. Choose the IAM role for the vNIOS for AWS instance. Choose your IAM role from the list. You may use default settings for your initial testing. It can also be defined on the Identity and Access Management page in the AWS console. Your AWS administrator may not allow custom IAM accounts for your deployment, so this may not be a selectable value.
    For more information about Amazon IAM, see the Amazon IAM documentation page at http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_Introduction.html. For information about how Amazon IAM roles and permissions work with your Infoblox vNIOS for AWS instances to ensure secure and accurate authorization of user privileges, see Credentials for vDiscovery and Assigning AWS User Credentials to the NIOS Cloud Admin Accountsee Credentials for vDiscovery and Assigning AWS User Credentials to the NIOS Cloud Admin Account.

  6. Keep the default Tenancy setting (Sharedtenancy(multi-tenanthardware). For information about tenant settings, see About Configuring AWS Access for NIOS Cloud Admins#AboutTenants Tenants.

  7. Select Network Interfaces -> eth0 and then choose the default Subnet from the drop-down list. This subnet should be the same one as the subnet described in Step 2 above. (If a default subnet is in the selected VPC, it automatically appears in this field.)
    Note that you must use two interfaces for your new Infoblox vNIOS for AWS instance: eth0 and eth1. You create a new eth1 interface for your instance. You use the eth1 interface to join the new Infoblox vNIOS for AWS instance to a NIOS Grid.

  8. Click the AddDevice button. A new eth1 interface listing appears.
    The eth1 interface, automatically designated as such during configuration of the new Infoblox vNIOS for AWS instance, is also labeled as LAN1 in NIOS. You cannot change this setting. By default, the eth1 interface is assigned with IPv4 address.
    For SSH access to the vNIOS for AWS instance, you must always use the IP address associated with the LAN1 port.

    1. Choose the default Subnet from the drop-down list. (For more information on usage of Elastic IP addresses for interfaces in your Infoblox vNIOS for AWS instances, see Using an Elastic IP Address.)

    2. To set the AWS server to also assign IPv6 address to the eth1 interface, in the IPv6 IPs column, click the Add IP link.

  9. Open AdvancedDetails to configure the Userdata settings for your new instance.

...

 
All user data settings are optional directives that can be included or left out of a configuration. For example, you can include the remote_console_enabled and default_admin_password declarations to the Elastic Scale configuration in Figure Adding the Grid Master, Token and Certificate information to the AWS vNIOS Instance in topic Provisioning Infoblox vNIOS for AWS using Elastic Scaling. The temp_license command setting does not interfere with or override any dynamic license assignments through Elastic Scaling. For more information, see Provisioning Infoblox vNIOS for AWS using Elastic Scaling.

Example:

#infoblox-config

...

Note

Note

For information about Cloud Extensible Attributes, see Extensible Attributes for Cloud Objects in the Infoblox NIOS Documentationthe Infoblox NIOS Documentation.

  1. On the TagInstance page, enter the name for the first Key. This key name may match a Cloud EA defined in NIOS, or you can define that extensible attribute at a later time in Grid Manager.

  2. Enter the Value for the new tag.

  3. Click the CreateTag button to add a new tag entry to the list. For more information, see the Tagging Existing AWS Objects section.

  4. To add more tags to the list, create AddAnotherTag.

  5. When you are finished defining the tags, click Next:ConfigureSecurityGroup to continue setting up the new Infoblox vNIOS for AWS instance. For information, see the Defining an AWS Instance Security Group section.

...

  1. After reviewing the settings, click Launch. The Key Pair dialog box opens.

    • You can choose the Choose an existing key pair, Create a new keypair, or Proceed without a key pair option if you want to perform a simple deployment. Selecting an existing key or creating a new key pair file on AWS will upload the public key to NIOS. Then, click the I acknowledge... checkbox

    • The Infoblox standard configuration for Infoblox vNIOS for AWS deployment requires use of a VPN connection or a direct connection to the Amazon VPC(s) on which you are deploying and operating Infoblox vNIOS for AWS instances. This connection does not require an Internet-connected IP address or a secure key pair. All AWS Proxy API operations require use of an assigned and regularly rotated AWS-generated key pair assigned to the cloud-api-only account under Grid Manager. For information, see Assigning AWS User Credentials to the NIOS Cloud Admin Account.

  2. Click Launch Instances to launch your new instance. After a brief period of time, the Infoblox vNIOS for AWS instance is active in your VPC.

  3. Perform additional tasks for the vNIOS for AWS configuration to ensure that the virtual appliance is functioning properly. For more information, see Additional Configuration for vNIOS for AWS.
    Note:

    • The access to the CLI using the NIOS password is blocked, except for the root user. To gain CLI entry, other users have to allow SSH keys in the NIOS Grid Manager.

    • For a Grid Master or a standalone vNIOS for AWS instance, the default NIOS password must be reset on the first login in the NIOS UI.


...