Initial setup for cloud lab

CiscoDevNet · Sep 17, 2021 · 7c3f9c4 · 7c3f9c4
1 parent 272dc08
commit 7c3f9c4
Show file tree

Hide file tree

Showing 16 changed files with 2,122 additions and 0 deletions.
diff --git a/01-Branch1/branch1.tf b/01-Branch1/branch1.tf
diff --git a/01-Branch1/cloud-init-branch1-r1.user_data b/01-Branch1/cloud-init-branch1-r1.user_data
@@ -0,0 +1,142 @@
+Content-Type: multipart/mixed; boundary="==BOUNDARY=="
+MIME-Version: 1.0
+
+--==BOUNDARY==
+Content-Type: text/cloud-config; charset="us-ascii"
+
+#cloud-config
+vinitparam:
+ - uuid : CSR-BBD516D8-0AD4-4A53-BA09-4FA9CB62259D
+ - org : GCP-Demo-npitaev
+ - vbond : 44.238.253.68
+ - otp : 77f150b93df741dbb3719489e98a90ad
+
+--==BOUNDARY==
+Content-Type: text/cloud-boothook; charset="us-ascii"
+
+#cloud-boothook
+
+hostname Branch4-R1
+!
+system
+ system-ip             10.111.1.11
+ site-id               111
+ organization-name     GCP-Demo-npitaev
+ vbond 44.238.253.68
+!
+!
+vrf definition 10
+ rd 1:10
+ address-family ipv4
+  route-target export 64550:1
+  route-target import 64550:1
+  exit-address-family
+ !
+ address-family ipv6
+  exit-address-family
+ !
+!
+vrf definition Mgmt-intf
+ description Management
+ rd          1:512
+ address-family ipv4
+  route-target export 1:512
+  route-target import 1:512
+  exit-address-family
+ !
+ address-family ipv6
+  exit-address-family
+ !
+!
+interface GigabitEthernet1
+ no shutdown
+ vrf forwarding Mgmt-intf
+ ip address dhcp client-id GigabitEthernet1
+ ip dhcp client default-router distance 1
+ ip mtu    1500
+ mtu           1500
+ negotiation auto
+exit
+!
+interface GigabitEthernet2
+ no shut
+ ip address dhcp client-id GigabitEthernet2
+ ip dhcp client default-router distance 1
+ ip mtu    1500
+ mtu           1500
+ negotiation auto
+!
+!
+interface GigabitEthernet3
+ no shut
+!
+!
+interface Tunnel2
+ no shutdown
+ ip unnumbered GigabitEthernet2
+ no ip redirects
+ ipv6 unnumbered GigabitEthernet2
+ no ipv6 redirects
+ tunnel source GigabitEthernet2
+ tunnel mode sdwan
+exit
+!
+!
+sdwan
+ interface GigabitEthernet2
+  tunnel-interface
+   encapsulation ipsec weight 1
+   no border
+   color default
+   no last-resort-circuit
+   no low-bandwidth-link
+   no vbond-as-stun-server
+   vmanage-connection-preference 5
+   port-hop
+   carrier                       default
+   nat-refresh-interval          5
+   hello-interval                1000
+   hello-tolerance               12
+   allow-service all
+   no allow-service bgp
+   allow-service dhcp
+   allow-service dns
+   allow-service icmp
+   allow-service sshd
+   allow-service netconf
+   allow-service ntp
+   no allow-service ospf
+   no allow-service stun
+   allow-service https
+   no allow-service snmp
+  exit
+ exit
+ appqoe
+  no tcpopt enable
+ !
+ omp      
+  no shutdown
+  send-path-limit  4
+  ecmp-limit       4
+  graceful-restart
+  no as-dot-notation
+  timers
+   holdtime               60
+   advertisement-interval 1
+   graceful-restart-timer 43200
+   eor-timer              300
+  exit
+  address-family ipv4
+   advertise bgp
+   advertise connected
+   advertise static
+  !
+  address-family ipv6
+   advertise bgp
+   advertise connected
+   advertise static
+  !
+ !
+!
+!
+--==BOUNDARY==
diff --git a/01-Branch1/provider.tf b/01-Branch1/provider.tf
@@ -0,0 +1,5 @@
+provider "aws" {
+  alias = "branch1"
+  region = var.aws_branch1_region
+}
+
diff --git a/01-Branch1/vars.tf b/01-Branch1/vars.tf
@@ -0,0 +1,92 @@
+# SD-WAN Branch 1 - consists of SD-WAN router, one WAN emulator (linux VM) and one linux host as app simulation:
+
+variable "aws_branch1_region" {    
+    default = "us-west-2"             # if you change the default region, please also change AMI IDs below
+}
+
+variable "bucket_prefix" {            # use this a prefix in descriptions of ressources, which will be prepended to the name of all ressources. Example "Demo Branch1 Subnet-1 Mgmt"
+    default = "Demo"
+}
+
+variable "ssh_allow_cidr" {           # allow ssh only from Cisco San Jose VPN Cluster
+    default = "128.107.0.0/16"
+}
+
+variable "aws_branch1_az" {    
+    default = "us-west-2b"
+}
+
+variable "aws_ami_id_branch1_r1" {
+  default = "ami-0c1961e24860d740c"   # Cisco-CSR-SDWAN-17.3.2 Marketplace AMI for this region. Please change the AMI if you want to use a different region!
+}
+
+variable "aws_ami_type_branch1_r1" {
+  default = "c5.xlarge"               # please keep in mind, that your AWS instance type needs to support at least 3 NICs.  
+}
+
+variable "aws_branch1_vpc_cidr" {    
+    default = "10.111.0.0/16"
+}
+
+variable "aws_branch1_vpc_subnet1_cidr" {
+    default = "10.111.1.0/24"
+}
+
+variable "aws_branch1_r1_nic1_private_ip" {  
+    default = "10.111.1.11"
+}
+
+variable "aws_branch1_vpc_subnet2_cidr" {
+    default = "10.111.2.0/24"
+}
+
+variable "aws_branch1_r1_nic2_private_ip" {  
+    default = "10.111.2.11"
+}
+
+variable "aws_branch1_vpc_subnet3_cidr" {
+    default = "10.111.3.0/24"
+}
+
+variable "aws_branch1_r1_nic3_private_ip" {  
+    default = "10.111.3.11"
+}
+
+variable "aws_branch1_vpc_subnet4_cidr" {  # WAN Emulator CIDR out to public internet
+    default = "10.111.4.0/24"
+}
+
+variable "aws_ami_id_host1" {
+  default = "ami-00f9f4069d04c0c6e"      # Amazon Linux 2 AMI (HVM), SSD Volume Type (64-bit x86). Please change the AMI if you want to use a different region!
+}
+
+variable "aws_ami_type_host1" {
+  default = "t2.medium"
+}
+
+variable "aws_host1-subnet1_private_ip" {  
+    default = "10.111.1.101"
+}
+
+variable "aws_host1-subnet3_private_ip" {  
+    default = "10.111.3.101"
+}
+
+
+variable "aws_branch1_wanem_nic1_private_ip" {  
+    default = "10.111.1.10"
+}
+
+variable "aws_branch1_wanem_nic2_private_ip" {  
+    default = "10.111.2.10"
+}
+
+variable "aws_branch1_wanem_nic3_private_ip" {  
+    default = "10.111.4.10"
+}
+
+
+# SSH Key File:
+variable "aws_key_pair_name" {
+  default = "aws-key-20-3-setup"   # Please change to your AWS pem ssh key file! It will NOT work with the default value "aws-key-20-3-setup"
+}