Onboard VPCs or VNets
After onboarding your cloud account in Aviatrix, the VPCs or VNets associated with the account display as unmanaged resources in Aviatrix Platform. You can see a list of VPCs and VNets, and associated VM resources, on the Cloud Assets page.
To bring the resources under Aviatrix management, you must onboard the VPCs or VNets. The recommended (default) performance size for VPCs and VNets is Medium.
It is recommended that you deploy each VPC or VNet with at least two subnets in two different zones to provide high availability.
To onboard Kubernetes clusters, see Onboard Kubernetes Clusters. |
During onboarding, an Aviatrix Spoke Gateway is created on each subnet in the managed VPC or VNet. This gateway is displayed on the Topology map, along with other network resources.
You can onboard only one VPC or VNet at a time, but you can begin the onboarding process for multiple VPCs or VNets at one time. You do not have to wait until a VPC or VNet finishes onboarding to start onboarding another one. |
You can also onboard VPCs and VNets from Security > Egress > Protected VPC/VNets.
To onboard your VPCs or VNets, do the following.
-
Go to Cloud Resources > Cloud Assets > VPC/VNets & Subnets.
-
Click the Onboard link for a VPC or VNet you want Aviatrix to manage.
You can only onboard resources that have public IPs. By default, the 10.0.0.0/16 CIDRs are private.
-
On Onboard a VPC/VNet you can do the following:
-
From Performance Size, select the instance size for your VPC or VNet.
The recommended default size is Medium.
-
Remove a subnet from the onboarding list by clicking the "x" next to the subnet IP address.
This action only removes the subnet from being managed, it does not remove the subnet from the VPC or VNet.
-
Add a subnet to the list by clicking the down arrow and selecting the subnet IP address.
-
Click Onboard.
The Aviatrix Managed column changes status to In Progress. When onboarding of all subnets for the VPC or VNet is complete, status changes to Yes.
-
-
Expand the VPC or VNet listing to see the status of individual subnets in the VPC or VNet.
-
Click the Name of the VPC or VNet to display related route tables.
As subnets are onboarded, they also appear in the Cloud Fabric > Topology map as managed resources.
You can offboard a VPC or VNet from the Aviatrix Platform by using the Manage menu. |
Next Steps:
Apply security to your VPCs or VNets using either the Distributed Cloud Firewall (DCF) or Egress Security workflow.
-
Protect Your Traffic with Distributed Cloud Firewall
DCF provides granular network security rules for distributed applications in the cloud.
-
Protect Your Traffic with Egress Security
Egress Security involves monitoring network traffic to the Internet and protecting the traffic using DCF Rules, SmartGroups, and WebGroups.