Azure Dedicated Management Interface

Overview

Avi Vantage on Microsoft Azure runs Service Engines in any of the following modes:
In-band Management– In this mode Service Engine has only one NIC.
Dedicated Management– In this mode Service Engine has two NICs, one for the management traffic and other for the data traffic in the same virtual network. This configuration will be at the cloud level, SE group level override is not allowed at present. Dedicated Management SEs are supported with basic ALB, standard ALB and multi-AZ mode of the Azure cloud.

SEs are created with one NIC which is used as the management interface as well as the data interface.

In-band Management

This set-up is simple to configure and manage. But, all servers, SEs, and management interface need to be connected.

inband-management.png

Dedicated Management

SEs are created with two NICs, one for the management traffic and the other for the data traffic.

dedicated.png

Cloud takes input for the management network and the data network for the SE.

  • NIC0 is the management network.
  • NIC1 is the data network.

Both the NICs should be in the same virtual network. This mode provides better isolation for the management and data traffic.

Configuring Dedicated Management for New Cloud Deployment

  1. Define the required network topology. Refer to Deployment Topology for Microsoft Azure with Avi Vantage for more details.
  2. Install Avi Controller in Azure cloud. Refer to Installing Avi Controller in Microsoft Azure.
  3. Configure Azure cloud. The following are the necessary attributes for configuring an Azure cloud.
    • Cloud credentials
    • Details about region, zones, etc. where the Service Engines need to be deployed
    • For the dedicated management, configure the data and the management subnet. Data and the management subnet should be in the same virtual network.

dedicated-nic.png

Configuring Dedicated Management for Existing Cloud Deployments

  • Navigate to Infrastructure > Cloud. Select the desired cloud and click on the edit option and enable dedicated management.
  • Choose a management subnet which is in the same VNET.
  • Configure a virtual service

For existing deployments, the change will apply only to the newer SEs created. The existing SEs will keep functioning in the in-band mode.