Vpc anywhere (#194)

* Add VPC example

* Rewrite of Softgate installation, Lots of changes

* Finalize the doc

* Corrected spelling typos

* Simplify requirements for softgate installation

* Removed requirements for OS

* Missing link

* Add image with green status

* Fix typos

* REvert changes in installation

* Reverted changes in vpc upstream peering

Co-authored-by: Levon Avagyan <[email protected]>

Author: asaroyan

SoftGate-PRO-installation.rst

@@ -69,4 +69,4 @@ Requires freshly installed Ubuntu Linux 18.04 LTS and internet connectivity conf
 
   user@host:~$ sudo reboot
 
-Once the server boots up you should see its heartbeat going from Critical to OK in **Net→Inventory**, **Telescope→Dashboard**, and the SoftGate color will reflect its health in **Net→Topology**.
+Once the server boots up you should see its heartbeat going from Critical to OK in **Net→Inventory**, **Telescope→Dashboard**, and the SoftGate color will reflect its health in **Net→Topology**.

SoftGate-installation.rst

@@ -88,4 +88,4 @@ Requires freshly installed Ubuntu Linux 22.04 LTS and internet connectivity.
 
   user@host:~$ sudo reboot
 
-Once the server boots up, you should see its heartbeat going from Critical to OK in **Net→Inventory**, **Telescope→Dashboard**, and the SoftGate color will reflect its health in **Net→Topology**.
+Once the server boots up, you should see its heartbeat going from Critical to OK in **Net→Inventory**, **Telescope→Dashboard**, and the SoftGate color will reflect its health in **Net→Topology**.

images/.directory

@@ -0,0 +1,4 @@
+[Dolphin]
+Timestamp=2022,10,20,16,53,15.07
+Version=4
+ViewMode=1

images/sandbox-l4lb-kubeapi.png

@@ -92,4 +92,4 @@ You are welcome to join our `Slack channel <https://netris.io/slack>`_ to get ad
    :maxdepth: 4
    :caption: Lab Scenarios
 
-   onprem-k8s
+   sandbox/Sandbox1/onprem-k8s

images/sandbox-l4lbs.png

@@ -7,7 +7,7 @@ Installing a Netris Controller
 
 You can install the Netris controller almost on any 64-bit Linux host. Netris Controller may or may not be on the same network as the managed network nodes are. In fact if there are multiple Netris managed deployments there’s no need for an individual controller for each deployment.
 
-It doesn’t matter where to host the Netris controller. What matters is that the Netris controller needs to be accessible over the Internet. So you can access the console, and nodes that are going to be managed by Netris need to have access to the Netris controller through their management network interface. 
+It doesn't matter where to host the Netris controller. What matters is that the Netris controller needs to be accessible over the Internet. So you can access the console, and nodes that are going to be managed by Netris need to have access to the Netris controller through their management network interface. 
 
 Linux Host requirements
 
@@ -18,7 +18,7 @@ Linux Host requirements
 
 In this example I am running my Netris controller on an AWS hosted virtual machine (EC2) which has got  a public IP address 54.219.211.71. While it is OK for users and nodes to refer to the Netris Controller through an IP address, I like using a DNS record (this way it will be easier to potentially move Netris Controller somewhere with a different IP address). 
 
-I’m using Cloudflare to create this “example-netris-controller.netris.dev” DNS record to point to the public IP address of my EC2 : 54.219.211.71. 
+I'm using Cloudflare to create this “example-netris-controller.netris.dev” DNS record to point to the public IP address of my EC2 : 54.219.211.71. 
 
 .. image:: images/cloudflare-dns-record.png
     :align: center

images/sandbox-podinfo-prov.png

@@ -24,7 +24,7 @@ There are 2 main types of IP prefixes - allocation and subnet. Allocations are I
    :alt: IPAM Tree View
    :class: with-shadow
 
-   IPAM Tree View
+IPAM Tree View
 
 --------------------------
 
@@ -54,7 +54,7 @@ Add an Allocation
    :class: with-shadow
    :alt: Add a New IP Allocation
 
-   Add Allocation Window
+Add Allocation Window
 
 --------------------------
 
@@ -86,11 +86,11 @@ Add a Subnet
         - *management* - subnet which specifies the out-of-band management IP addresses for Netris hardware (switches and softgates).
         - *load-balancer* - hosts of this subnet are used in L4LB services only. Useful for deploying on-prem kubernetes with cloud-like experience.
         - *nat* - hosts of this subnet or subnet itself can be used to define NAT services.
-        - *inactive* - can’t be used in any services, useful for reserving/documenting prefixes for future use.
+        - *inactive* - can't be used in any services, useful for reserving/documenting prefixes for future use.
 
 .. image:: images/add-subnet.png
-   :align: center
-   :alt: Add a New Subnet
-   :class: with-shadow
+  :align: center
+  :alt: Add a New Subnet
+  :class: with-shadow
 
-   Add Subnet Window
+Add Subnet Window

images/sandbox-podinfo-ready.png

@@ -1,5 +1,5 @@
 .. meta::
-    :description: Layer-3 Load Balancer (Anycast)
+   :description: Layer-3 Load Balancer (Anycast)
 
 .. _l3lb_def:
 
@@ -23,22 +23,22 @@ To configure L3 (Anycast) load balancing:
 #. This will create a service under Services→Load Balancer and permit using the Anycast IP address in multiple ROH instances. 
 
 .. image:: images/add-l3-lb.png
-   :align: center
-   :class: with-shadow
-   :alt: Add a L3 LB
+  :align: center
+  :class: with-shadow
+  :alt: Add a L3 LB
 
-   Example: Adding an Anycast IPv4 address 
+Example: Adding an Anycast IPv4 address 
 
 .. image:: images/list-l3-lb.png
-   :align: center
-   :class: with-shadow
-   :alt: List L3 LBs
+  :align: center
+  :class: with-shadow
+  :alt: List L3 LBs
 
-   Example: Under Services→Load Balancer, you can find the listing of L3 (Anycast) Load Balancers, service statuses, and you can add/remove more ROH instances and/or health checks.
+Example: Under Services→Load Balancer, you can find the listing of L3 (Anycast) Load Balancers, service statuses, and you can add/remove more ROH instances and/or health checks.
 
 .. image:: images/list-l3-lb-detail.png
-   :align: center
-   :class: with-shadow
-   :alt: List L3 LB Details
+  :align: center
+  :class: with-shadow
+  :alt: List L3 LB Details
 
-   Screenshot: L3 (Anycast) Load Balancer Detail
+Screenshot: L3 (Anycast) Load Balancer Detail

images/sandbox3-l4lb-kubeapi.png

@@ -1,6 +1,7 @@
 .. meta::
     :description: Netris Services and Configuration Examples
 
+.. _l4lb_def:
 
 #######################
 L4 Load Balancer (L4LB)
@@ -16,17 +17,17 @@ The IP address pool for L4LB can be defined in the Net→IPAM section by adding
 Example: Adding a load-balancer IP pool assignment.
 
 .. image:: images/add-allocation.png
-   :align: center
-   :class: with-shadow
-   :alt: Add an IP Allocation
+  :align: center
+  :class: with-shadow
+  :alt: Add an IP Allocation
 
 
 Screenshot: Listing of Net→IPAM after adding a load-balancer assignment
 
 .. image:: images/list-subnets.png
-   :align: center
-   :class: with-shadow
-   :alt: List IP Subnets 
+  :align: center
+  :class: with-shadow
+  :alt: List IP Subnets 
 
 
 Consuming L4LB service
@@ -73,11 +74,11 @@ Add new L4 Load Balancer fields are described below:
    :class: with-shadow
    :alt: Request an L4 Load Balancer
 
-   Example: Requesting an L4 Load Balancer service.
+Example: Requesting an L4 Load Balancer service.
 
 .. image:: images/list-l4-load-balancers.png
    :align: center
    :class: with-shadow
    :alt: List L4 Load Balancers
 
-   Example: Listing of L4 Load Balancer services
+Example: Listing of L4 Load Balancer services

images/sandbox3-l4lbs.png

@@ -28,9 +28,10 @@ Example: Declare a basic BGP neighbor
     :class: with-shadow
 
 Example2: Declare BGP neighbor terminated on V-Net. Netris will automatically configure BGP session on the switch closest to the remote IP.    
+
 .. image:: images/add-bgp-basic-2.png
-    :align: center
-    :class: with-shadow
+  :align: center
+  :class: with-shadow
 
 
 ############
@@ -45,7 +46,6 @@ Click Advanced to expand the BGP neighbor add/edit window.
    :widths: 25, 75
    :header-rows: 0
 
-
 --------------------------
 
 BGP Objects
@@ -139,18 +139,20 @@ Located under Net→Routes is a method for describing static routing policies th
 We recommend using the Routes only if BGP is not supported by the remote end. 
 
 | Typical use cases for static routing:
+
 * To connect the switch fabric to an ISP or upstream router in a situation where BGP and dual-homing are not supported. 
 * Temporary interconnection with the old network for a migration. 
 * Routing a subnet behind a VM hypervisor machine for an internal VM network.
 * Specifically routing traffic destined to a particular prefix through an out-of-band management network.
 
 | Add new static route fields description:
+
 * **Prefix** - Route destination to match. 
 * **Next-Hop** - Traffic destined to the Prefix will be routed towards the Next-Hop. Note that static routes will be injected only on units that have the Next-Hop as a connected network.
 * **Description** - Free description.
 * **Site** - Site where Route belongs. 
 * **State** - Administrative (enable/disable) state of the Route. 
-* **Apply to** -  Limit the scope to particular units. It’s typically used for Null routes.
+* **Apply to** -  Limit the scope to particular units. It's typically used for Null routes.
 
 
 Example: Default route pointing to a Next-Hop that belongs to one of V-NETs. 
@@ -201,45 +203,46 @@ Example: Adding NAT IP addresses and NAT IP Address Pools to a SoftGate node.
     :align: center
     :class: with-shadow
 
+
 Defining NAT rules
 ------------------
 NAT rules are defined under Net→NAT.
 
 .. list-table:: NAT Rule Fields
-   :widths: 25 75
-   :header-rows: 1
-
-    * - Name
-      - Unique name
-    * - **State**
-      - State of rule (enabled or disabled)
-    * - **Site** 
-      - Site to apply the rule
-    * - **Action**
-      - *SNAT* - Replace the source IP address with specified NAT IP along with port overloading
-        *DNAT* - Replace the destination IP address and/or destination port with specified NAT IP
-        *ACCEPT* - Silently forward, typically used to add an exclusion to broader SNAT or DNAT rule
-        *MASQUERADE* - Replace the source IP address with the IP address of the exit interface
-    * - **Protocol**
-      - *All* - Match any IP protocol
-        *TCP* - Match TCP traffic and ports
-        *UDP* - Match UDP traffic and ports
-        *ICMP* - Match ICMP traffic
-    * - **Source**
-      - *Address* - Source IP address to match
-        *Port* - Source ports range to match with this value (TCP/UDP)
-    * - **Destination**
-      - *Address* - Destination IP address to match. In the case of DNAT it should be one of the predefined NAT IP addresses
-        *Port* - For DNAT only, to match a single destination port
-        *Ports* - For SNAT/ACCEPT only. Destination ports range  to match with this value (TCP/UDP)
-    * - **DNAT to IP** 
-      - The global IP address for SNAT to be visible on the Public Internet. The internal IP address for DNAT to replace the original destination address with
-    * - **DNAT to Port** 
-      - The Port to which destination Port of the packet should be NAT'd
-    * - **Status**
-      - Administrative state (enable/disable)
-    * - **Comment**
-      - Free optional comment
+  :widths: 25 75
+  :header-rows: 1
+
+  * - Name
+    - Unique name
+  * - **State**
+    - State of rule (enabled or disabled)
+  * - **Site** 
+    - Site to apply the rule
+  * - **Action**
+    - *SNAT* - Replace the source IP address with specified NAT IP along with port overloading
+      *DNAT* - Replace the destination IP address and/or destination port with specified NAT IP
+      *ACCEPT* - Silently forward, typically used to add an exclusion to broader SNAT or DNAT rule
+      *MASQUERADE* - Replace the source IP address with the IP address of the exit interface
+  * - **Protocol**
+    - *All* - Match any IP protocol
+      *TCP* - Match TCP traffic and ports
+      *UDP* - Match UDP traffic and ports
+      *ICMP* - Match ICMP traffic
+  * - **Source**
+    - *Address* - Source IP address to match
+      *Port* - Source ports range to match with this value (TCP/UDP)
+  * - **Destination**
+    - *Address* - Destination IP address to match. In the case of DNAT it should be one of the predefined NAT IP addresses
+      *Port* - For DNAT only, to match a single destination port
+      *Ports* - For SNAT/ACCEPT only. Destination ports range  to match with this value (TCP/UDP)
+  * - **DNAT to IP** 
+    - The global IP address for SNAT to be visible on the Public Internet. The internal IP address for DNAT to replace the original destination address with
+  * - **DNAT to Port** 
+    - The Port to which destination Port of the packet should be NAT'd
+  * - **Status**
+    - Administrative state (enable/disable)
+  * - **Comment**
+    - Free optional comment
 
 
 Example: SNAT all hosts on 10.0.0.0/8 to the Internet using 198.51.100.65 as a global IP. 
@@ -319,11 +322,13 @@ Example: Ping.
     :class: with-shadow
 
 | Looking Glass controls described for the EVPN family.
-* **BGP Summary** - Show brief summary of BGP adjacencies with neighbors, interface names, and EVPN prefixes received. 
+
+* **BGP Summary** - Show brief summary of BGP adjacencies with neighbors, interface names, and EVPN prefixes received.
 * **VNI** - List VNIs learned.
 * **BGP EVPN** - List detailed EVPN routing information optionally for the given route distinguisher. 
 * **MAC table** - List MAC address table for the given VNI.
 
+
 Example: Listing of adjacent BGP neighbors and number of EVPN prefixes received.
 
 .. image:: images/BGP_neighbors_listing.png

images/sandbox3-podinfo-prov.png

@@ -44,15 +44,15 @@ Description of ROH instance fields:
 .. tip:: Many switches can’t autodetect old 1Gbps ports. If attaching hosts with 1Gbps ports to 10Gpbs switch ports, you’ll need to change the speed for a given Switch Port from Auto(default) to 1Gbps. You can edit a port in Net→Switch Ports individually or in bulk.
 
 .. image:: images/ROH-instance.png
-   :align: center
-   :class: with-shadow
-   :alt: ROH Instances
+  :align: center
+  :class: with-shadow
+  :alt: ROH Instances
 
-   Example: Adding an ROH instance.  (Yes, you can use A.B.C.0/32 and A.B.C.255/32)
+Example: Adding an ROH instance.  (Yes, you can use A.B.C.0/32 and A.B.C.255/32)
 
 .. image:: images/ROH-listing.png
-   :align: center
-   :class: with-shadow
-   :alt: ROH Listings
+  :align: center
+  :class: with-shadow
+  :alt: ROH Listings
 
-   Expanded view of ROH listing. BGP sessions are up, and the expected IP is in fact received from the actual ROH server. Traffic stats are available per port.
+Expanded view of ROH listing. BGP sessions are up, and the expected IP is in fact received from the actual ROH server. Traffic stats are available per port.