Virtual Service Router (vSR) deployment on GCP
  • 13 Apr 2023
  • 4 Minutes to read
  • Dark
    Light
  • PDF

Virtual Service Router (vSR) deployment on GCP

  • Dark
    Light
  • PDF

Article summary

# Nodegrid VSR on Google GCP

This documentation details creation of a Virtual Service Router VM instance on Google Cloud Platform GCP. The objective is to create a ZPE vSR instance that can act as a concentrator/hub to interconnect with other ZPE Systems Nodegrid appliances (e.g., Hive SR, Bold SR, or Mini SR) and deploy SD-WAN on them.

The following diagram, Diagram-1, shows the expected result:

Diagram-1

This guide structure is as follows:

  1. Licensing and Instance requirements
  2. GCP Credentials
  3. Nodegrid vSR AMI image
  4. Create a Nodegrid vSR instance
  5. Web Access to the Nodegrid vSR

1. Licensing

The Nodegrid vSR product has five hardware license tiers for different use cases. The vSR VM can run for 30 days with no restraints, but after 30 days without a license, the software restricts use.

TierCPURAMEquivalent
12vCPU4GiBGCP e2.median
24vCPU8GiBGCP Custom
34vCPU16GiBGCP e2-standard-4
48vCPU32GiBGCP e2-standard-8
516vCPU64GiBGCP e2-standard-16

2.GCP Credentials

This guide assumes the following:

3. Nodegrid vSR AMI image

The Nodegrid vSR AMI creation for GCP consists of two steps: 1) upload the vSR image file (e.g., Nodegrid_Platform_GCP_v5.8.2_20230114.tar.gz) into a GCP bucket, and 2) create the GCP AMI based on the uploeaded file. Below are the details.

The vSR .tar.gz image file for GCP is distributed by ZPE Systems directly. It is available to all customers via the support portal and is not publicly available in the GCP Public Images. Please contact support@zpesystems.com.

GCP Bucket

These steps are an example of how to configure a GCP Bucket. Adapt accordingly to your security requirements.

  1. Access to GCP Storage > Buckets
  2. Select Create and enter the required information:
  • On Name your bucket: insert a unique, permanent name, e.g., vsr-images
  • For Choose where to store your data: consider Multi-region > us (multiple regions in United States)
  • For Choose a storage class for your data: select Set a default class > Standard
  • For Choose how to control access to objects: select both Enforce public access prevention on this bucket and Access control > Uniform
  • For Choose how to protect object data: select None
  1. Click Create
    gcp-bucket-create.png

Upload the Nodegrid vSR tar.gz image

  1. Access to GCP Storage > Buckets
  2. Select a bucket, e.g., vsr-images
  3. Click Upload Files
  4. Select the Nodegrid vSR tar.gz image file, e.g., Nodegrid_Platform_GCP_v5.8.2_20230114.tar.gz
  5. Verify the image file successfully uploaded
    gcp-bucket-list.png

Create a Nodegrid vSR Image for GCP

This creates the Nodegrid vSR AMI image based on the previously uploaded tarball file to the bucket.

This step is required to be executed gcloud cli. This document considers the Web Cloud Shell option!

gcloud-shell-cli.png

Before executing the command on gcloud cli gcloud compute images create ..., the following information is required:

  • AMI name: e.g., vsr-v5-8-2-20230114
  • Project ID: global GCP project identification
  • Storage Location: GCP region where the image is deployed, e.g., us-west1
  • Source URI: google api endpoint for the image file, in the form:
    https://storage.googleapis.com/<YOUR-BUCKET>/<NODEGRID_ISO>

Execute the following command:

gcloud compute images create vsr-v5-8-2-20230114 \
  --project=clexxxxxxxxxxx420 \
  --family=ng-instance \
  --source-uri=https://storage.googleapis.com/vsr-images/Nodegrid_Platform_GCP_v5.8.2_20230114.tar.gz \
  --storage-location=us-west1 \
  --guest-os-features=UEFI_COMPATIBLE

gcloud-chell-cli-exec.png

To verify Image access, go to https://console.cloud.google.com/compute/images
gcp-images.png

4. Create a Nodegrid vSR instance

The following steps are a simplified deployment of a VM instance in GCP. Some of the resources in Diagram-1 are automatically created with pre-established GCP default configurations.

GCP VPC network

  1. Go to https://console.cloud.google.com/networking/
  2. Select VPC networks > Create VPC Network
  3. Enter the required information:
  • Name: e.g., vsr-vpc
  • Select Add subnet and enter a name, e.g., vsr-subnet-1
  • Select subnet Region
  • Enter IPv4 range: e.g., 10.1.0.0/24
  1. On Firewall rules: select the following:
  • vsr-vpc-allow-icmp
  • vsr-vpc-allow-ssh
  1. Click Create
    gcp-vpc.jpg

GCP Create VM

  1. Go to https://console.cloud.google.com/compute/images
  2. Find the Nodegrid vSR image, e.g., vsr-v5-8-2-20230114, and select Actions > Create instance
  3. Enter Instance Name, e.g., vsr-gcp-1
  4. Select Region and Zone, e.g., us-west1 (Oregon) and us-west1-b
  5. On Machine configuration: select a General-Purpose E2 medium machine type
  6. On Firewall: select Allow HTTP and HTTPS traffic*.
  7. On Networking
  • Select Enable IP forwarding
  • On Network interface: select a network interface in the VPC and Subnetwork previously created
  • On Network Service Tier: select Standard
  1. On Security
  • Select Turn on vTPM
  • Select Turn on Integrity Monitoring
  1. Click Create

gcp-vm.jpg

  1. On the Compute Engine > VM instances: select the created instance and look for the assigned public IP.

5. Web Access to the Nodegrid vSR

  1. In a browser, open https://Public-GCP-IP
  2. Log in to the Nodegrid vSR WebUI. Default credentials are:
  • user: admin
  • password: admin
  1. Follow the steps to change the password
  2. Congratulations! You have successfully deployed a Nodegrid vSR instance.

web-ui

6. Enroll vSR to ZPE Cloud

A Nodegrid vSR is managed through ZPE Cloud. The new deployed unit must be enrolled to the customers ZPE Cloud instance.

  1. Login to your ZPE Cloud account Global , EU or onPrem
  2. Go to SETTINGS :: ENROLLMENT :: CLOUD
  3. Copy the Customer Code and Enrollment Key (required to claim the vSR)
    settings-enrolment-cloud
  4. In a browser, login to vSR by with the link https://Public-AWS-IP
  5. Go to Security :: Services and enable ZPE Cloud service
    security-zpecloud
  6. Go to System :: Toolkit :: Cloud Enrollment
    system-toolkit
  7. Enter the following information
    1. URL: URL of the zpecloud instance, default https://zpecloud.com
    2. Customer Code: Use the copied Customer Code from the Cloud Instance
    3. Enrollment Key: Use the copied Enrollment Key
      settings-enrolment-cloud
  8. Click on Enroll
    system-toolkit-cloud-enrolment-success
  9. This enrolls the unit to ZPE Cloud and be available in ZPE Cloud under DEVICES :: AVAILABLE
    devices-available
  10. To start managment of the vSR, select and click on ENROLL.
  11. When enrolled, the vSR is managed on ZPE Cloud like any other Nodegrid device.

Was this article helpful?

ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence