Saucepan

User Tools

Site Tools

Trace: region_codes misc ping response_pages vmware_workstation traffic_generator userid zone_rename install_gitolite grid_join
infoblox_nios:cloud_network_automation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
infoblox_nios:cloud_network_automation [2023/05/13 18:51] bstaffordinfoblox_nios:cloud_network_automation [2025/02/14 18:13] (current) – [Infoblox Cloud Network Automation] bstafford
Line 1: Line 1:
 ====== Infoblox Cloud Network Automation ====== ====== Infoblox Cloud Network Automation ======
 +[[https://docs.infoblox.com/space/nios90/280273510/Configuring+vDiscovery+Jobs|Documentation for DNS - vDiscovery]].
 +
 +[[https://docs.infoblox.com/space/nios90/280758966/Deploying+Cloud+Network+Automation|Documentation for CNA - CP]].
 +
 +[[https://docs.infoblox.com/space/vniosazure/37486690|Create Azure Service Account]].
 +
 +[[https://docs.infoblox.com/space/NAIG/37650904/vDiscovery+on+AWS+VPCs|Create AWS Service Account]].
 +
 +[[https://docs.infoblox.com/space/vniosgcp/35483395|Create GCP Service Account]].
 +
 Cloud Network Automation, which includes two major components: the Grid Master that has a Cloud Network Automation license installed and one or more Cloud Platform Appliances that provide the ability to process API requests. Cloud Network Automation, which includes two major components: the Grid Master that has a Cloud Network Automation license installed and one or more Cloud Platform Appliances that provide the ability to process API requests.
  
Line 5: Line 15:
  
   * Cloud Network Automation license on the Grid Master and Grid Master Candidate. You cannot apply the CNA license on a Grid Member. So long as the GM and GMC appliances are licensed with CNA, you can have any member run the discovery tasks. In fact, you could get away with just licensing the GM. If you only licence the GMC, you will not get the Cloud Tab in the GUI nor will you be able to update NIOS with vDiscovery. If you only licence the GM, you will loose the Cloud tab when (if) you promote the GMC to GM. Testing shows that you "can" install a CNA licence on a non-GM, non-GMC member. However, you don't need to because only the GM "has" to have the license and only the GMC's "should" have the licence in addition to the GM.   * Cloud Network Automation license on the Grid Master and Grid Master Candidate. You cannot apply the CNA license on a Grid Member. So long as the GM and GMC appliances are licensed with CNA, you can have any member run the discovery tasks. In fact, you could get away with just licensing the GM. If you only licence the GMC, you will not get the Cloud Tab in the GUI nor will you be able to update NIOS with vDiscovery. If you only licence the GM, you will loose the Cloud tab when (if) you promote the GMC to GM. Testing shows that you "can" install a CNA licence on a non-GM, non-GMC member. However, you don't need to because only the GM "has" to have the license and only the GMC's "should" have the licence in addition to the GM.
 +  * If you promote a GMC that doesn't have CNA, you will loose access to the cloud tab and vDiscovery for the cloud will only pull basic data. However, the data already pulled still exists on the Grid and can be see in the IPAM metadata. When you promote the original GM back, the Cloud tab becomes visible again.
   * Cloud Platform license on the Cloud Platform Appliances. The license you install on the Grid Master enables the Cloud user interface functions in Grid Manager and Tenant permissions.   * Cloud Platform license on the Cloud Platform Appliances. The license you install on the Grid Master enables the Cloud user interface functions in Grid Manager and Tenant permissions.
   
Line 20: Line 31:
 By default, vDiscovery for GCP has to use Google’s DoH server to resolve names. It cannot use the resolver on NIOS. If NIOS does not allow DoH from NIOS to Internet, it won't work. Infoblox support said that it is possible to specify other DNS in Google service account JSON file generated via GCP console, but they did not inform how to do it (question for GCP support). By default, vDiscovery for GCP has to use Google’s DoH server to resolve names. It cannot use the resolver on NIOS. If NIOS does not allow DoH from NIOS to Internet, it won't work. Infoblox support said that it is possible to specify other DNS in Google service account JSON file generated via GCP console, but they did not inform how to do it (question for GCP support).
  
 +===== Deleting Subnets =====
 +Remember, subnets discovered will not be deleted in NIOS after they are deleted from the cloud.
 ===== Azure ===== ===== Azure =====
 You must copy the client secret in Azure when creating it. The Value corresponds to the Client Secret in NIOS when you configure vDiscovery jobs. If you copy the Secret ID or incorrect Value, the Azure vDiscovery job will fail and return:  If you get it wrong when configuring vDiscovery, you will get HTTP Status Code: 401. [[https://support.infoblox.com/s/article/8916|KB article 8916]]. You must copy the client secret in Azure when creating it. The Value corresponds to the Client Secret in NIOS when you configure vDiscovery jobs. If you copy the Secret ID or incorrect Value, the Azure vDiscovery job will fail and return:  If you get it wrong when configuring vDiscovery, you will get HTTP Status Code: 401. [[https://support.infoblox.com/s/article/8916|KB article 8916]].
infoblox_nios/cloud_network_automation.1684003908.txt.gz · Last modified: by bstafford