Plan the GCP-NCC CloudBlade Integration
The GCP-NCC CloudBlade provides the automatic
creation, management, and maintenance of an HA pair of Prisma SD-WAN
Data Center virtual ION devices across multiple locations/regions
in GCP. It establishes BGP peering to a GCP Cloud Router from the
Prisma SD-WAN Data Center vIONs and the GPC Transit VPC to advertise
branch prefixes and provide connectivity to compute resources within
the GCP regions.
The CloudBlade automates the following configuration steps required
to establish end-to-end connectivity from the Prisma SD-WAN sites
to the VPCs in GCP.
- Creates an NCC Hub.An NCC Hub is a global resource; however, once a virtual ION is attached to an NCC hub as a spoke, the NCC will be part of that particular virtual ION device’s VPC. All the virtual ION devices are connected to the same NCC hub as spokes.
- Creates three VPCs in GCP (Controller, Internet, and Transit) usingDeployment Manager.
- Controller and Internet VPC Subnets is configured in 255.255.x.0/24 format.
- Transit VPC (Greenfield) Subnet is configured in 10.255.x.0/24 format.
- Deploys two Prisma SD-WAN virtual ION 7K data center devices and the subnet CIDR range for the specific region in the VPC created.
- Creates cloud routers with interfaces for specific regions.A cloud router is part of a region and is attached to the hub (Virtual ION) through BGP peering. In multi-region deployments, multiple virtual ION and cloud routers are deployed across the same VPC in multiple regions (Controller VPC, Internet VPC, and Transit VPC).
- Configures and establishes BGP peering session between the cloud router and the virtual ION 7K.
- Attaches the virtual ION 7k as a spoke to the NCC hub along with the cloud router.
- Configures routing on each VPC.
- Creates a data center site in the Prisma SD-WAN controller and configures the devices (Dual Virtual ION 7Ks) with the site.
- Updates theInterfacesconfiguration for port 1 and port 2 for each device on the cloud controller.
- Creates BGP core peer routing for each device.
