Aviatrix FlightPath

This is just a quick post as I’ve been playing with the Aviatrix controller quite a bit recently.

If one of your concerns around Cloud adoption is loss of visibility in the Cloud, then this post is for you.

One of the big advantages of being in the data plane in the cloud is the visibility it provides and opportunities for troubleshooting.

For example, a great tool on the Aviatrix controller is FlightPath.

Since the Aviatrix controller is completely integrated into your Cloud account, it knows your VPCs and endpoints inherently.

Let’s do a simple test.

In a previous post, I outlined deploying a simple hub and spoke network using Terraform. Using that post, you can repeat the same test I have done here below.

This lab deploys 3 VPCs and 2 test machines.

A developer opens a ticket with the following problem:

HTTPS traffic works fine, but HTTP traffic doesn’t pass.

Using FlightPath, I can simply verify connectivity between the 2 EC2 instances.

I begin by selecting the correct AWS region and VPC and then query for the instances available. I do this for both the source and the destination.

As you can see, I immediately see the endpoints in the selected VPC. I simply select the one I wish to test.

The same is true for the destination.

Now I choose the type of connectivity I want to test. In our case, the developer complains he cannot HTTP from one EC2 instance to the other. Well, we can verify and troubleshoot here.

The results are impressive.

Aviatrix can check every route table, NACL, and security group in the path between the two instances and give you a comprehensive report.

As you can see in the output above, there is a problem with a Security Group on the destination VPC.

By simply clicking on the SG ARN link I am taken immediately to the Security Group in question in the AWS console.

Now I simply update the entry.

Problem resolved:

Again, just a short post but it shows the simple power of having visibility in the cloud.

Don’t hesitate to reach out if you would like to see more detailed posts on Cloud network troubleshooting.

Thanks for reading.

0 0 votes

Article Rating

0 Comments

Inline Feedbacks

View all comments

Paul Carvill

20 year veteran of the networking industry currently specialising in Cloud Networking and Security.

Follow @eskimoodigital

CCIE #16661 (R&S, SP)

Disclaimer

I am currently an employee of Aviatrix. All opinions, views and statements are my own and do not reflect that of my employer. Any errors are mine and mine alone. Any ignorance is mine, though I do believe my parents and the public school system should shoulder some of that blame.

Follow @eskimoodigital

Multi Cloud Network Architecture

Building Networking Skills in the age of the Cloud

Multi Cloud Network Architecture

Aviatrix FlightPath

Paul Carvill

Disclaimer

Recent Posts

May 27th 2024. – Here are 5 things I have been reading this weekend.

May 20th 2024. – Here are 5 things I have been reading this weekend.

Aviatrix Distributed Cloud Firewall – Protecting East-West flows in the Cloud

Aviatrix Public IP Address Use in the Control Plane and Data Plane

Cilium CNI for Kubernetes – Free labs!

Google Kubernetes Engine (GKE) 101

Archives

/