Proxy Support for Azure Deployment with Avi Vantage
Overview of Proxy Support for Azure Deployment
Starting with release 17.2.13, Avi Vantage supports Azure cloud deployment in a proxy environment. This feature can be used if the Avi Controller has to communicate through a proxy server. During the cloud deployment, Avi Controller makes API calls. With this new feature, API calls are also allowed through the proxy server at the deployment site.
Use case
In an environment where the Avi Controller is behind a proxy server, the proxy configuration option is used.
Configuring Avi Vantage
The proxy support for the Azure cloud on an Avi Vantage can be enabled by using the proxy_configuration
knob under the configure systemconfiguration
option.
This feature supports proxy configuration with the server with basic authentication and without basic authentication too.
The following are the four parameters which are configured while enabling proxy support for the cloud.
- Host: IP address of the proxy server.
- Port: The port number over which the Avi Controller will communicate to the proxy server.
- Username: username of the proxy server (only If the basic authentication is enabled on the proxy server).
- Password: password to access the proxy server (only if the basic authentication is enabled on the proxy server).
Follow the steps mentioned below to enable the proxy support:
Login to the shell prompt of the Avi Controller. Execute the proxy_configuration
command under the configure systemconfiguration
mode, and provide the details of the required parameters for the proxy server as shown below.
[admin:10.1.1.1]: > configure systemconfiguration
Updating an existing object. Currently, the object is:
+----------------------------------+---------------------------------------+
| Field | Value |
+----------------------------------+---------------------------------------+
| uuid | default |
| dns_configuration | |
| server_list[1] | 10.10.0.100 |
| search_domain | |
| ntp_configuration | |
| community | <sensitive> |
| sys_contact | support@avinetworks.com |
| version | SNMP_VER2 |
| ssh_ciphers[1] | aes128-ctr |
| ssh_ciphers[2] | aes256-ctr |
| ssh_ciphers[3] | arcfour256 |
| ssh_ciphers[4] | arcfour128 |
| ssh_hmacs[1] | hmac-sha2-512-etm@openssh.com |
| ssh_hmacs[2] | hmac-sha2-256-etm@openssh.com |
| ssh_hmacs[3] | umac-128-etm@openssh.com |
| ssh_hmacs[4] | hmac-sha2-512 |
| default_license_tier | ENTERPRISE_18 |
+----------------------------------+---------------------------------------+
[admin:10-152-131-93]: systemconfiguration> proxy_configuration
[admin:10-152-131-93]: systemconfiguration:proxy_configuration> host 10.20.1.1
[admin:10-152-131-93]: systemconfiguration:proxy_configuration> port 3128
[admin:10-152-131-93]: systemconfiguration:proxy_configuration> username admin
[admin:10-152-131-93]: systemconfiguration:proxy_configuration> password admin
[admin:10-152-131-93]: systemconfiguration:proxy_configuration> save
[admin:10-152-131-93]: systemconfiguration> save
+----------------------------------+-------------------------------------------+
| Field | Value |
+----------------------------------+-------------------------------------------+
| uuid | default |
| dns_configuration | |
| server_list[1] | 10.10.0.100 |
| search_domain | |
| ntp_configuration | |
| ntp_servers[1] | |
| server | 0.us.pool.ntp.org |
| ntp_servers[2] | |
| server | 1.us.pool.ntp.org |
| ntp_servers[3] | |
| server | 2.us.pool.ntp.org |
| ntp_servers[4] | |
| server | 3.us.pool.ntp.org |
| portal_configuration | |
| enable_https | True |
| redirect_to_https | True |
| enable_http | True |
| sslkeyandcertificate_refs[1] | System-Default-Portal-Cert |
| sslkeyandcertificate_refs[2] | System-Default-Portal-Cert-EC256 |
| use_uuid_from_input | False |
| sslprofile_ref | System-Standard-Portal |
| enable_clickjacking_protection | True |
| allow_basic_authentication | True |
| password_strength_check | False |
| disable_remote_cli_shell | False |
| global_tenant_config | |
| tenant_vrf | False |
| se_in_provider_context | True |
| tenant_access_to_provider_se | True |
| email_configuration | |
| smtp_type | SMTP_LOCAL_HOST |
| from_email | admin@avicontroller.net |
| mail_server_name | localhost |
| mail_server_port | 25 |
| disable_tls | False |
| docker_mode | False |
| snmp_configuration | |
| community | <sensitive> |
| sys_contact | support@avinetworks.com |
| version | SNMP_VER2 |
| proxy_configuration | |
| host | 10.20.1.1 |
| port | 3128 |
| username | admin |
| password | <sensitive> |
+----------------------------------+-------------------------------------------+