Deployment into the Azure Cloud#

VOSS Automate can be deployed into the Azure cloud by means of terraform scripts.

Hardware Requirements#

For details on Standard and Modular Topologies, refer to the VOSS Automate Architecture and Hardware Specification Guide and Platform Guide.

Unified or Database Nodes:

VM Size: E4ds_v4 Standard
CPU: 4
RAM: 32
OS disk: 30GB, Premium_LRS
application disk: 50GB, Standard_LRS
backup disk: 55 GB, Standard_LRS
DB disk: 250 GB, Premium_LRS
Total disk size: 385GB

Application Nodes:

VM Size: E4ds_v4 Standard
CPU: 4
RAM: 32
OS disk: 30GB, Premium_LRS
application disk: 50GB, Standard_LRS
Total disk size: 80GB

Web Proxies:

Web Proxies are replaced by an Azure Load Balancer or Application Gateway

Network Communications External to the Cluster#

The following details are all based on the default settings. These can vary depending on the application setup and network design (such as NAT) of the solution, so may need adjustment accordingly. Where a dependent is noted, this is fully dependent on the configuration with no default.

These communications are all related to communications with devices external to the cluster.

Outbound Communications to Devices from the Application/Unified nodes:

Communication	Protocol	Port
Cisco Unified Communications Manager (UCM)	HTTPS	TCP 8443
Cisco Unity Connection (CUXN)	HTTPS	TCP 443
Webex	HTTPS	TCP 443
LDAP directory	LDAP	TCP/UDP 389 and/or 636(TLS/SSL)

VOSS Automate Communications

The cluster contains multiple nodes which can be contained in separate secured networks. Network ports need to be opened on firewalls and/or network security groups to allow inter-node communication – these are described in more detail in the Platform Guide.

All communication between nodes are encrypted.

Communication	Protocol	Port
Database access	Database	TCP 27020 and 27030 bi-directional
Cluster Communications	HTTPS	TCP 8443
Remote Administration	SSH	TCP 22
Web Server Communication	HTTP/HTTPS	TCP 80/443
Simple Network Management Protocol	SNMP	UDP 161 and 162
Network Time Protocol	NTP	UDP 123
Domain Name System	DNS	UDP 53

VOSS Automate Azure Deployment Procedure#

The supplied terraform deployment configuration requires the following:
- Existing resources:
  - Resource group
  - Virtual Network
  - Virtual Network Subnet
  - Disk Encryption Set (Optional if required to have Customer-Managed Keys)
  - App Registration with a role assignment of “Contributor” on the Resource Group to allow terraform to deploy
    - Record “client_id”
    - Record “client_secret”
    - Record “tenant_id”
    - Record “subscription_id”
  - Bastion Server (Required for the initial deployment and Administration Access)
    - Deploy the Bastion Server within the same Virtual Network that Automate will be deployed in.
      - VM Size: 1vCPU, 2GB RAM, 30GB Storage is sufficient
      - OS Type: Ubuntu or Windows
    - Install AZ CLI
      - Windows: https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-windows?tabs=azure-cli
      - Ubuntu: https://learn.microsoft.com/en-us/cli/azure/install-azure-cli-linux?pivots=apt
    - Install Terraform
      - https://developer.hashicorp.com/terraform/install
    - Upload the voss-automate-terraform.zip file to the bastion server and extract it.
Update values.yaml with appropriate information

Ensure that the local file sources are correct in modules/voss-node/provision.tf on line 18 and 47.

provisioner "file" {
   # Windows source path example
   # source      = "C:\\path\\to\\your\\platform-install.iso"
   source      = "~/voss-automate-terraform/files/platform-install.iso"
   destination = "/home/install/platform-install.iso"
}

Deployment Type

The defaults are configured as follows:

Unified:
   Availibility Zone 1
   1x Unified Node

Modular: 2x Application, 3x Database
   Availibility Zone 1
      App Node 1, Database Node 1
   Availibility Zone 2
      App Node 2, Database Node 2
   Availibility Zone 3
      Database Node 3

If the requirement is to deploy more than the defaulted Unified or Application(Modular) Nodes, edit the voss-automate-terraform/modules/voss-deployment/main.tf file.

module "voss-unified-node" {
   count = var.deployment_type == "Unified" ? 1 : 0
}

module "voss-app-node" {
   count = var.deployment_type == "Modular" ? 2 : 0
}

Configure the state backend in main.tf (defaults to a local file) if required

For the terraform deployment, it is recommended to use a screen session.

screen - start a new session
screen -ls - show sessions already available
screen -r [screen PID] - reconnect to a disconnected session

Run terraform
- From the root terraform directory
  - Run: terraform init
  - Run: terraform plan (Validate plan)
    - Default total resources to be created (Example):
      Plan: 11 to add, 0 to change, 0 to destroy. Modular (2 App 3 DB): Plan: 43 to add, 0 to change, 0 to destroy.
  - Run: terraform apply

VOSS Automate Platform Config and Template Install Procedure#

On each of the newly deployed node(s), log in as the platform user, using the password configured in values.yaml (automate_cli_password)

1.1. Run: system reboot. Alternatively you can reset the Virtual Machine from the Azure Portal. This is to ensure all services are running before proceeding with the cluster configuration.
You are now ready to configure the platform and install the template.
- Single Node Cluster Guide:
  
  https://documentation.voss-solutions.com/release_21.4-PB4/html/src/user/install/standalone-installation.html
- Modular Cluster Guide:
  
  https://documentation.voss-solutions.com/release_21.4-PB4/html/src/user/install/modular-multinode-installation.html

On each of the newly deployed node(s), log in as the platform user.

username: platform
password: automate_cli_password (Specified in the values.yaml file)

Deployment into the Azure Cloud

On this page

Deployment into the Azure Cloud#

Hardware Requirements#

Network Communications External to the Cluster#

VOSS Automate Azure Deployment Procedure#

VOSS Automate Platform Config and Template Install Procedure#