The Story of a VeloCloud and AWS Proof of Concept
Feb 13, 2019
At QOS, we have the opportunity to work with some really unique and exciting customers. Sometimes we have ones come across our desk that are just a bit more fun and exciting and really put a little pep into our step. We’re still under NDA with a potential customer we’ve been working with, so we can’t name drop yet but we wanted to share our experience as they’ve gone through their Proof of Concept project with our team. The customer had a specific challenge to connect their VeloCloud and AWS platforms for a smooth network experience. VeloCloud has this capability and with some expert engineering design from QOS, the customer’s network can be configured to work flawlessly.
This particular customer is:
- Densely located throughout the U.S.
- Upwards of 5,000 locations domestically
- Plus another 2,000+ internationally
- In the process of exploring the VMware SD-WAN by VeloCloud solution for their locations
- Specifically deploying into their Amazon Web Services (AWS) environment
The initial demonstration was performed using QOS hardware to link their physical VCE (VeloCloud Edge) to a virtual edge living in the QOS AWS ecosystem. This would allow an edge client device to access a private web server in AWS. From there, we were able to deploy virtual edges to the customer’s AWS environment and used the virtual edges to route traffic across a private LAN network through the different AWS regions.
We used a Cloud Formation template to create the full Virtual Private Cloud (VPC) environment in AWS. It generates the needed VPC configuration, including route tables, subnets, interfaces, internet gateway and elastic IPs, and launches an EC2 instance with all of the networking pre-attached. It finally registers the virtual edge with the VeloCloud Orchestrator and attaches it to the customer’s account.
After the instance launches in AWS, an engineer can configure a physical VeloCloud, establish a tunnel to the virtual VeloCloud and can route traffic across it.
We ran into a few challenges with the customer as their network design necessitated some changes to the typical deployment pattern. We could not create the base environment with an ideal routing pattern from the start, instead having to deploy the virtual VCE into existing VPCs with account limitations and strict security requirements.
A virtual VCE requires its network interfaces to be fully defined before the instance starts, so in many cases the virtual VCE requires a fully implemented prior configuration before the instance is launched. Because the instance is launched with a CloudFormation template, the entire network stack must be rolled back and re-initialized in case of an error in configuration. We were able to develop a new set of custom templates to handle this challenge and use our in-house Activation Manager software to roll out virtual edges at a rapid rate.
The customer was in need of a solution to the challenge of passing LAN traffic across AWS VPCs into their different regions. By implementing user-configurable CloudFormation templates, we were able to solve the customer’s peering requirements and allow third party security appliances to sit within their network, i.e. virtual Palo Alto firewalls.
We provided the customer with a best practices network setup guide for the pre-configured network. We then launched the virtual VCEs into each region, configured the tunnels via VCO, and launched test application hosts in the private subnets of each VPC.
Ongoing VeloCloud and AWS Process
The customer has since been able to overcome many of their initial network roadblocks and have been successfully working through their proof of concept process. It’s an interesting process to work with our customers who are in the position that many are – moving to or already in the cloud, highly dispersed networks, security conscious, and needing a solution to perform well.
Overall the customer has already been able to prove ROI through:
- Successful integration with their AWS platform
- Virtual VCEs across their network
- Proved deployment speed and accuracy
- Increased network performance
The customer is excited to move into the next phase of PoC with VeloCloud and AWS and to see how a full network overhaul to give them the network performance they’re in need of. Stay tuned to hear who it is and what the outcome will be!
Have a customer network need? Interested in exploring SD-WAN for your business? We’ll talk your ear off about it, let’s chat!