Deploy CoPilot using Terraform
If you are knowledgeable in deploying infrastructure-as-code using Terraform, you can deploy the Aviatrix CoPilot using a Terraform script rather than via the CSP marketplace.
(Terraform) Launch CoPilot instance using Terraform
This section provides a summary of steps for launching a CoPilot single instance (simple deployment) using Terraform.
This section only provides a summary of steps. Please refer to the documentation for the Aviatrix Terraform Module for CoPilot on GitHub here: https://github.com/AviatrixSystems/terraform-modules-copilot for the most current and detailed instructions. |
A CoPilot launched using Terraform is typically based on the latest CoPilot base image version. You can verify with your Aviatrix representative the CoPilot base image version being launched and record it for your records.
Summary of steps for a CoPilot instance launch via Terraform
-
If you haven’t already done so, subscribe to a CoPilot offer in the CSP marketplace. See Subscribe to the Aviatrix CoPilot Offer in the Marketplace.
You only need to subscribe, review the subscription pricing information, and accept the terms and conditions in the marketplace before proceeding to the next step. You would not move on to the configuration steps in the marketplace. Note that to use the latest CoPilot add-on features, you must also subscribe to the Aviatrix Secure Networking Platform 2208-Universal Subscription.
-
Verify you have your CSP account credentials and you know which CSP region in which to launch CoPilot.
-
Go to the Aviatrix repository GitHub - AviatrixSystems/terraform-modules-copilot (https://github.com/AviatrixSystems/terraform-modules-copilot) to access the sample code in the README file for the applicable CSP. The README file contains the usage for the CoPilot instance launch.
-
In the folder where you put your Terraform scripts based on the sample code, create a .tf file to provide your CSP account credentials (for example, provider block below). You can name the .tf file whatever you want.
Ensure your CSP account credentials are always in a secure location. -
The following is an example of the format to enter your CSP account credentials. You can refer to your CSP Terraform Registry to verify the latest information that is required.
Example of the format to enter your CSP account credentials :
AZURE
provider "azurerm" {
features {}
subscription_id = ""
client_id = ""
client_secret = ""
tenant_id = ""
}
GCP
provider "google" {
project = ""
region = ""
zone = ""
}
OCI
provider "oci" {
tenancy_ocid = ""
user_ocid = ""
fingerprint = ""
private_key_path = ""
region = ""
}
AWS
provider "aws" {
region = ""
access_key = ""
secret_key = ""
}
Refer to Terraform Registry for the latest information.
-
Ensure that you set the variable for the region in which to launch the instance in the provider block.
-
Specify at least 1 data disk (volume) for Terraform to attach to your CoPilot instance for data storage.
For information about CoPilot storage, see CoPilot Disk (Volume) Management.
The following is sample code for building a single CoPilot instance. The variable default_data_volume_name is required to create the data volume :
module "copilot_build_aws" { source = "github.com/AviatrixSystems/terraform-modules-copilot.git//copilot_build_aws" allowed_cidrs = { "tcp_cidrs" = { protocol = "tcp" port = "443" cidrs = [“1.2.3.4/32"] } "udp_cidrs_1" = { protocol = "udp" port = "5000" cidrs = ["0.0.0.0/0"] } "udp_cidrs_2" = { protocol = "udp" port = "31283" cidrs = ["0.0.0.0/0"] } } keypair = "copilot_kp" default_data_volume_name = "/dev/sdf" }
-
Run terraform (terraform apply).
The CoPilot instance is launched in the CSP as defined by the script’s source field. If you do not specify an availability zone (using the variable
availability_zone
), an AZ that supports the instance type will be used. The AZ that is used will be listed in the outputec2-info
.The instance launched is typically based on the latest CoPilot base image version. You can verify with your Aviatrix representative the CoPilot base image version being launched and record it for your records.
-
Wait to receive a success image message.
-
Launch the CoPilot application in your web browser:
https: //copilot_static_ip_address/
where copilot_static_ip_address is the static IP address of your newly deployed CoPilot software instance/virtual machine.
-
Perform the initial setup of CoPilot.
-
Verify connectivity with your controller. See Verify the CoPilot Deployment and the Connectivity with Controller
(Terraform) CoPilot cluster launch using Terraform
If you want to launch a CoPilot cluster (clustered, fault-tolerant deployment) using Terraform, this is supported for AWS, Azure, GCP, and OCI.
For detailed instructions, please refer to the documentation for the Aviatrix Terraform Module for CoPilot on GitHub here: https://github.com/AviatrixSystems/terraform-modules-copilot.
Note that you must select a subnet with outbound Internet access when specifying the subnet for each CoPilot instance in the cluster.