This project shows how Nexus Dashboard Orchestrator (NDO) provides consistent network and policy orchestration across AWS and Azure, how Cloud Network Controller normalizes and translates a cloud-like policy model into public cloud native constructs, and how Terraform can be leveraged to automate these operations through the former mso provider.
High Level Diagram
Use Case: Consistent Policy across Multicloud
This code builds a VPC in AWS and a VNet in Azure with dedicated subnets to host a Web application (Web EPG in Cloud Network Controller translates to SG and ASG/NSG respectively). Internet access is also enabled using a contract/filter which translates into proper security rules. Web services can then be deployed either in AWS or Azure, or moved between clouds.
Pre-requisites
- Cloud Network Controller running in AWS and Azure managed by NDO.
- Cloud connectivity between AWS and Azure pre-provisioned and automated by NDO with IPSec and BGP EVPN.
Software
Installation
- Install and set up your terraform environment
- Clone/copy the .tf files (main.tf, variables.tf, data_sources.tf, deployer.tf and provider.tf) onto your terraform runtime environment
- Create an override.tf file with your NDO, AWS, and Azure credentials
- If using workspaces or remote backend, the provider.tf needs to be modified accordingly.
Usage
terraform init
terraform plan
terraform apply
Remarks
This code demonstrates the use of standard terraform modules with a single schema definition and one template stretched across both clouds. The intent is to show a simple scenario to build upon for multiple schema/templates which can be enhanced with more advanced modules on a per use case basis.