Deploy vIONs with (High Availability) HA in Azure
Table of Contents
Deploy vIONs with (High Availability) HA in Azure
Deploy vIONS with HA in Azure using the marketplace solution.
Use the Azure high availability (HA) templates to deploy the vIONs in
Prisma SD-WAN
using the marketplace solution.- Create aResource Groupin the desired region in Azure.Find the Marketplace listing ofPrisma SD-WANvION solution template and selectPrisma SD-WAN vION HA Solution Template.
- Deploy the pair of vIONs by following the steps in the solution template.
- Select the correctSubscription,Resource Group, andRegion.
- Configure the virtual networks required for the HA vIONs.The template creates a newVirtual networkwith six subnets:
- ION 1 Controller
- ION 1 Internet/Public
- ION 1 LAN/Private
- ION 2 Controller
- ION 2 Internet/Public
- ION 2 LAN/Private
If you choose to use an existing virtual network, ensure that the selectedVirtual networkconsists of six subnets.
- Configure the Private IP addresses for the internet or Public of each vION required for the vIONs to reach the controller over the WAN interface.
- Configure the IP address for the Internet/Public subnet and the Gateway.
- Take note of the Internet/Public subnet for each ION.
- For the IP address, assign any address in the subnet other than the first four prefixes in the subnet (Azure uses these and are reserved).
- For the Gateway address, use the first available IP address in the subnet.
- For the DNS address, use a well-known public DNS service (For example, 8.8.8.8 or 1.1.1.1).
- Configure the Availablity Zones orSets.
- When deploying in anAvailability Zone, ensure that the Azure region you are deploying supports zones. If the region does not, you can use anAvailability Set.
- Enter a numerical value for the Zone parameter for each ION. This is typically a numeric value and is a number in the range of 1-3. When you use the same zone number for both vIONs, the vIONs are deployed in the same zone, and there will be no use of an Availability Set.
- SpecifyNoneas the zone value, if there is no Zone support in the region you're deploying or you wish to use an availability set. The vIONs thereby will be deployed in an Availability Set (across different fault or update domains) within the same region.
- Configure the vIONLicense and Secret Keysobtained fromPrisma SD-WANController.
- Configure the vION version. It's recommended to use the default configuration.
- Confirm if all resources are fully deployed and appear in the resource group created.If the zones configured are correct and are supported in Azure, the vIONs will be deployed according to the specified availability zones. You can view and access the vIONs in thePrisma SD-WANportal.It can take a while for the resources to be fully deployed and the vIONs to connect to the controller.
Mark the availability zone asNone, to create the following resource within the resource group.
- If Availability zones are not configured, verify the vIONs deployed across different fault domains by accessing the vION instance overview page in the Azure portal.
