CoPilot Platform Requirements
This section discusses the system and platform requirements of Aviatrix CoPilot.
The requirements listed below are intended as a general guide only. Once you have deployed CoPilot, it is important to monitor the indexing of data traffic in your specific environment and adjust configuration settings, such as index retention periods, to optimize instance sizing for your business needs. It is also recommended to upgrade the size of virtual machines if Aviatrix platform global health alerts are triggered frequently. For information about platform global health alerts, see Global Network Health Alert. |
Instance (Virtual Machine) Sizing for CoPilot
The following is information for selecting the instance (virtual machine) size for your Copilot deployment.
You must consider how much memory and CPU you require for your CoPilot instance (virtual machine).
The configuration of the virtual machine that you provision for your CoPilot deployment depends on the scale and the kind of networking infrastructure you have planned according to your business requirements.
Work with your Aviatrix Sales representative to determine your sizing requirements. While this section provides minimum requirements and guidelines for minimum sizing based on a number of gateways, it is strongly recommended to reach out to your Aviatrix Sales representative to discuss your specific sizing needs.
Minimum Instance (VM) Size for Single CoPilot
For a simple deployment (single instance/VM), CoPilot requires a minimum of:
Requirement | Minimum Value |
---|---|
Memory & CPU |
32 GB of RAM (or more)* 8 vCPUs (or more) Examples: * Amazon EC2 instance type: m5n.2xlarge (or M5 instances if M5N is not available) * Google Cloud: n2-standard-8 * Oracle Cloud Infrastructure: VM.Standard3.Flex (8core x 32G mem) * Microsoft Azure virtual machine: Standard_D8_v4 |
Data Disk |
1 attached disk/volume for storage — See CoPilot Disk (Volume) Management. |
Minimum Instance (VM) Size for CoPilot Based on Existing Gateways
Minimum VM size based on the number of existing gateways
If you are deploying CoPilot for the first time (new launch) and have existing Aviatrix gateways, below are the general guidelines for a minimum VM size based on the number of existing gateways in an infrastructure.
The information below is intended as a general guide only. After you deploy CoPilot, you will be able to monitor the indexing of data for traffic in your specific environment and tune configuration settings, such as index retention periods, that will help determine the best instance sizing for your business needs. |
Number of existing Aviatrix gateways | Instance sizing guideline |
---|---|
Less than 500 |
For infrastructures with < 500 GWs, the minimum instance/VM size guideline: 32 GB of RAM (or more) 8 vCPUs (or more) Examples: * Amazon EC2 instance type: m5n.2xlarge (or M5 instances if M5N is not available) * Google Cloud: n2-standard-8 * Oracle Cloud Infrastructure: VM.Standard3.Flex (8core x 32G mem) * Microsoft Azure virtual machine: Standard_D8_v4 |
More than 500 but less than 1000 |
For infrastructures with > 500 but < 1000 GWs, the minimum instance/VM size guideline: 64 GB of RAM (or more) 16 vCPUs (or more) Examples: * Amazon EC2 instance type: m5n.4xlarge (or M5 instances if M5N is not available) |
More than 1000 |
For infrastructures with >=1000 GWs, deploy a CoPilot cluster (fault-tolerant deployment) where each node has a minimum instance/VM size of: 32 GB of RAM (or more) 8 vCPUs (or more) |
Instance (VM) Considerations for CoPilot
Note the following points about CoPilot VM requirements:
-
(AWS) For CoPilot ARM-based images, Amazon EC2 A1 instances are currently not supported.
-
(AWS) For CoPilot ARM-based images, Private Mode is currently not supported.
-
For a simple deployment, the single instance (VM) must meet the minimum requirements.
-
For a fault-tolerant (clustered) deployment, each instance (VM) in the cluster must meet the minimum requirements. In addition, each cluster instance must use the same instance sizing. In a cluster, the data instances will have a disk/volume attached for storage in the size you specify during your launch process. Data volume sizes must be the same across all data instances.
-
If you have a CoPilot simple deployment (single instance) and are planning on migrating your data from the simple deployment to a new clustered deployment, the size of the disk volume you specify for each data instance/VM should be the same size or larger than the storage used in your old single copilot.
Instance (Virtual Machine) System Requirements for CoPilot
The following are requirements for the instance (virtual machine) you provision for CoPilot so that it can communicate with other components in the Aviatrix platform.
After launching CoPilot, you must configure integration points for CoPilot to connect and communicate with other components in the Aviatrix platform.
If you launch CoPilot from the Aviatrix Controller user interface, the controller’s auto-deploy process configures the integration points upon deployment.
Starting from Controller 6.8, you can enable the "CoPilot Security Group Management" option in Aviatrix Controller so that controller can open CoPilot access to the below ports for all your gateways. For more information, see CoPilot Security Group Management. |
Configure inbound rules
Add the following inbound rules to enable your CoPilot access (security group) for the corresponding services:
Port Range | Protocol | Source | Description |
---|---|---|---|
443 |
TCP |
Anywhere user access |
To reach CoPilot via HTTPS connection using web browser. |
5000 (Default) |
UDP |
From each gateway |
Enable Syslog for CoPilot Egress FQDN & Audit Data from each gateway. Gateways send remote syslog to CoPilot. |
5000 (Default) |
TCP |
From each gateway |
For private mode, enable Syslog for CoPilot Egress FQDN & Audit Data from each gateway. Gateways send remote syslog to CoPilot. |
31283 (Default, configurable) |
UDP |
From each gateway |
Enable Netflow for CoPilot FlowIQ Data from each gateway. Gateways send Netflow to CoPilot. The port is configurable. |
Each CoPilot instance must be launched in a subnet (availability zone) that has outbound Internet access. In a clustered (fault tolerant) deployment, you must select a subnet with outbound Internet access for the server instance as well as for each data instance in the cluster. This also applies if you are using private mode.
If you need to manually add IPs for gateways to your security groups, you can view the IP addresses of all your gateways from the GATEWAY page on the Aviatrix Controller user interface.
After CoPilot’s VM is launched and assigned a static public IP address, the Controller’s SG on 443 must be open to CoPilot’s public IP. |
Subscription Requirements for CoPilot
You can see details about your Aviatrix Controller license from your CoPilot user interface. Locate the left-side menu on CoPilot user interface. From Settings, click Licensing.
Aviatrix CoPilot Image Subscription
You must subscribe to the "Aviatrix CoPilot" offer in your CSP marketplace to deploy CoPilot.
Aviatrix CoPilot Add-On Features Subscription
To enable the latest CoPilot add-on features you must subscribe to the Aviatrix Secure Networking Platform 2208-Universal x 24x7 Support subscription offer in your CSP marketplace. See Aviatrix Secure Networking Platform 2208-Universal Subscription for instructions on how to obtain the customer ID and update your Controller license with the new ID.
Supported Browsers for CoPilot
Aviatrix recommends Chrome based web browsers for using CoPilot.
Most web browsers work without issue for using CoPilot monitoring and troubleshooting functions.
Safari web browsers are not recommended as unexpected results can occur.
Licensing for CoPilot
CoPilot licensing is unified with Controller licensing. The customer ID that is used to license your Aviatrix Controller will enable your use of CoPilot.
For information about obtaining an Aviatrix License, Aviatrix Trial License, or renewing an Aviatrix license after a license expires, contact any Aviatrix Sales Representative.
UTC Timezone Requirement
To ensure accurate syslog timestamps, set the Controller timezone to UTC for Controller version 7.0.1726 or later. Follow the steps below:
-
Go to "SETTINGS" > "Controller" > "Time."
-
Select "CHANGE TIMEZONE" and choose UTC from the list.
-
Click "OK" to confirm.
Custom timezones are not supported, and this step is only required for Controller version 7.0.1726 or later. Incorrectly configured Controller timezone can result in inaccurate syslog timestamps, which can affect system issue troubleshooting and analysis. |