Create a Management VPC and Networks using CloudFormation

The CloudFormation service creates the Management VPC, subnet within the Management VPC, and then launches three AWS EC2 instances, two with an Execution Server and one with QualiX. The Execution Servers then need to be configured to access the Quali Server.

To create a Management VPC and the required networks:

  1. Make sure you have the information required for this process, as listed in Required Permissions for AWS Deployment.
  2. As an admin, open your AWS account, and click Management Tools

    >CloudFormation
    .

  3. Click the Create Stack button.
  4. In the Select Template page, select the Specify an Amazon S3 template URL option and enter the template URL. The template URLs are provided in Quali's Download Center for each CloudShell release version.

    • 0_Main_EX.json – for external deployment, where the QualiX instance has a Public IP associated with it
    • 0_Main.json – for internal deployment, where the QualiX instance has only a Private IP associated with it. The Private IP is accessible from the networks that are connected to the Management VPC (such as the network in which the Quali Server resides).
  5. Click Next.
  6. In the Specify Details page, enter a Stack name and fill in the installation parameters.

    VPC CIDR

    The IP range (in CIDR notation) to be used for the Management VPC. Select a class C CIDR (/24).

    Note: The Management VPC will be later connected via VPN with your on-premise network so select an IP range that does not conflict with your other networks.

    ES CIDR The IP range (in CIDR notation) to be used for the Execution Server subnet. Make sure the IP range is within the VPC IP range and does not conflict with the other subnets in the Management VPC (the NAT and Qualix subnets).
    NAT CIDR The IP range (in CIDR notation) to be used for the NAT subnet. Make sure the IP range is within the VPC IP range and does not conflict with the other subnets in the Management VPC (the QualiX and Execution Server subnets).
    Quali CIDR The IP range (in CIDR notation) to be used for the QualiX Server subnets. Make sure the IP range is within the VPC IP range and does not conflict with the other subnets in the Management VPC (the NAT and Execution Server subnets).
    On Premise CIDR The IP range (in CIDR notation) of the private network in which the Quali Server resides (outside of the management VPC).
    VPN Address The public IP address of the router on the network in which Quali Server resides.
    Key Pair The KeyPair to use for all instances that will be created in the Management VPC.
    InstanceType The instance type to be used for the Execution Server and QuailX instances. The minimum recommended instance type is c4.large.
    HighAvailabilityMode

    Use this option if you wish to set up AWS integration in High Availability mode. In this mode, the integration will create two additional execution servers, es-shells-b and es-commands-b that will be used for failover scenarios.

    Important: Before enabling High Availability mode, please take into account that the failover instances will incur additional costs.

    Configure the Execution Servers (created by the CloudFormation process) to work with the Quali Server:
    Username The CloudShell admin user
    Password The CloudShell admin password
    Server IP The IP Address of the Quali Server

    For example:

  7. Click Next.
  8. In the Options page, click Next.

  9. In the Review page, at the bottom, select the I acknowledge that AWS CloudFormation might create IAM resources check box.
  10. Click Create.

    The stack is created.

    Tip: If stack creation fails with the below subscription error, make sure to subscribe to the CentOS 7 Marketplace image and try again.

    Note the Outputs tab at the bottom of the page. You will need this information when you Add an AWS EC2 Cloud Provider Resource.

  11. In the VPC Dashboard, open VPN Connections to see the VPN connection settings:

  12. Next, Connect the Management VPC to Quali Server.