Table of Contents:
- Pre-work on AWS for ND Install
2.a.Details of Pre-Work
- Install ND from Marketplace
- Some basic housekeeping stuff
- Configuring and joining the cluster
This writeup with show step by step how to install Nexus Dashboard on AWS.
📙⚠️ Previously I had written an article on
Deploying MSO on Cisco Application Service Engine ( AWS AMI Based SE)
Please don’t use SE/MSO any more, use ND/NDO
Before Installing ND on AWS, few items need to be checked and completed on AWS Account first:
- Make sure your quotas allow 6 additional AWS Elastic IPs. The common cluster of ND will comprise of 3 k8s master nodes and each node will have 2 Elastic Network Interfaces (data and management). Each of these Network Interfaces will require a public IP. If you don’t have enough quota for 6 additional EIPs, just open a case with AWS and get it increased.
- Create a VPC in some AWS Region of your choice. Create a Private CIDR of /16 to /24 in the VPC
- Create a IGW and associate it with the VPC you created
- Create a route table and associate with the VPC. Add the default route 0/0 pointing to the IGW you created
- Create a Key pair or upload a public key to AWS (for ssh purposes)
1. Make sure your quotas allow 6 additional AWS Elastic IPs. The common cluster of ND will comprise of 3 k8s master nodes and each node will have 2 Elastic Network Interfaces (data and management). Each of these Network Interfaces will require a public IP. If you don’t have enough quota for 6 additional EIPs, just open a case with AWS and get it increased.
On EC2 Dashboard, click on Elastic IPs and observe the number being used right now. Example is show below where 10 are in use:
Figure 1: Number of EIPs being used
Next, check the limits and open a case to increase limit if 6 extras will not be allowed. Example below shows limit of 20, and since I only have 10 in use, I can accomodate 6 more.
Figure 2: Checking EIP Quota Limits (increase if needed)
2. Create a VPC in some AWS Region of your choice. Create a Private CIDR of /16 to /24 in the VPC
In this step create a VPC in some AWS Region of your choice. Make sure to have a Private CIDR of /16 to /24. Example below shows I’ve assigned the CIDR of 10.9.9.0/24 and I named my VPC NDO-VPC
Figure 3: Creating VPC and assigning CIDR
3. Create a IGW and associate it with the VPC you created
Create a IGW and attach it to the VPC you created as shown in example below:
Figure 4: Creating IGW and attaching to VPC
4. Create a route table and associate with the VPC. Add the default route 0/0 pointing to the IGW you created
Example below shows route table NDO-RT1 created. Notice the Route Table is associated with the VPC and also default route is created pointing to IGW.
Figure 5: Creating Route Table/Attach to VPC/Add default to IGW
5. Create a Key pair or upload a public key to AWS (for ssh purposes)
Below screenshots show the creation of the ssh key pair and uploading the public key to AWS. (chmod 400 for keys is recommended)
Figure 6: Creating ssh key pairs and uploading public key
In AWS Marketplace, search for nexus dashboard
Figure 7: Searching for ND in Marketplace
click "continue to subscribe" as shown below:
Figure 8: Continue to subscribe
Click "Continue to Configuration" followed by "Continue to Launch" as shown below:
Figure 9: Continue to Configuration
Figure 10: Continue to Launch
Next, page will lead you to the docuementation, which you should read. Clck "Launch"
Figure 11: Clicking Launch (also read documentation)
Next on the Create stack page, click "Next"
Figure 12: Create Stack
Now, specify Stack Details. In the example below, I named the stack "aws-ndo"
Figure 13: Naming the Stack
Choose the VPC you created for NDO (identified by VPC ID). Type in the CIDR you created for VPC. You do have to option of choosing a smaller CIDR block than what’s in the VPC, but I would suggest using the full CIDR, since this VPC is meant for ND. Also choose 3 AZs from the region for deployment
Figure 14: Choosing the VPC, CIDR, AZs
Next, put in the admin password, the key you uploaded and the access control. In the example below, I used 0.0.0.0/0 for access control. Normally you would be more careful on what IP sources you want to permit to reach the ND.
Figure 15: admin password, keys and access control parameters
Next, just follow through as shown below.
Figure 16: Creating the stack
Refresh the Deployment Manager screen and wait for it to be done. This takes no longer than a few minutes.
Figure 17: Waiting for Deployment Manager to complete
Before you point your browser to the ND instances for cluster setup, it is imporant that you do some basic house keeping work.
On VPC screen go to subnets and name the subnets. This will make it easier to identify later. You will notice that 6 subnets have been created from the CIDR each with a /28 mask
Figure 18: Housekeeping – Naming the subnets
Check that each of those subnets have the IGW association. in the example below I am checking NDO-6 subnet. Also check the route table for the subnets
Figure 19: Checking that subnets have IGW association. Check route table also
Next, go to EC2/Network Interaces and name the Network Interfaces. That way later it will be easier to identify.
Figure 20: Naming the Network Interfaces
Next go to the EC2 instances one at a time and make a note of the Public IP for both management and data interfaces as shown in the example below.
Figure 21: Noting the Public IPs of each of the 3 instances
Next go to EC2/Elastic IPs and name the Elastic IPs for data and management by comparing the caputes you got from the previous step.
Figure 22: Naming the EIPs for data and management appropriately
In this step we will do the basic configuration for the cluster and join the cluster of 3 NDOs
First, point your browser to the Master-1 NDO management IP
Figure 23: Pointing browser to Master-1 management IP
After login with admin credentials you entered, you will see the cluster configuration screen. Enter the Cluster Name (I named mine aws-ndo). Also enter the NTP Server (I used pool.ntp.org) and enter the DNS IP (I used 220.127.116.11)
Figure 24: Naming the Cluster, entering NTP abnd DNS info
For the Proxy Server, click on the "i" button and click on "skip". If you wanted to use a proxy, you would have to install a proxy such as squid proxy. Click "confirm" and then "Next".
Figure 25: Skipping the proxy
Next you will be taken to the Node Details Config screen.
Click on Add Node as shown below.
Figure 26: Adding Node to cluster
On the next screen put the management IP of ND2-Master. Also enter the password (that you had configured earlier with Deployment manager)
📙 The username of rescue-user has the same password as admin user (the one that you entred in Deplopyment Manager Template)
Once you do the above, click on the Validate button. If you put in the IP and password correctly, you should see a ☑️ symbol. Put in the Node name for the 2nd node. I used "ND-2-Master" Now, hit "Add".
Figure 27: Adding Master-2 node to cluster
Repeat the Add Node for Master-3 using the ND-3-mgmt IP
Figure 28: Adding Master-3 node to cluster
On the next screen you will see that you can’t go any further. That is because we have not named the 1st node.
Hit the Edit button on the side of the 1st Node and name the Node as shown below. Then hit "Update"
Figure 29: Naming the 1st Node.
Now, the "Next" button will light up. Hit it.
Figure 30: Next button has lit up
On next screen, just hgit the "Configure" button
Figure 31: Hitting the Configure button
ND, Cluster will Install and Sync now as shown below.
Figure 31: ND cluster installing and Syncing
At the same time open up an ssh session to the master-1 node mgmt IP. Please use the private key yoyu created before for logging in. Username for ssh should be "rescue-user". Once loggoed in do a
watch acs health
to see a continious status. Below you will observe that it took about 10 minutes for cluster to sync up.
Figure 32: ssh in as rescue-user and do "watch acs health"
Nexus Dashboard is now installed ! Log in with admin, create remote authentication, onboard sites, Install apps like NDO, etc, etc.
Figure 33: Nexus Dashboard on AWS ready for use