Switching Among Controllers Using the Controller Site Selector
Overview
Enterprise customers usually have more than one Avi Vantage deployment and typically use single sign-on (SSO) to log into them. Starting with Avi Vantage 18.2.5, customers can use the Avi ControllerSite
object to first register the individual Controllers in all such deployments and then switch between them in the Avi UI using a simple drop-down menu. Some conditions were relaxed with the advent of release 18.2.6, so be sure to read the appropriate sections below.
Note: The term “Controller sites” is not to be confused with GSLB sites. Instead, in the context of this article, Controller sites are simply Controllers of interest to the Avi UI user.
Controller Sites Configuration
Avi Vantage 18.2.5
Customers are recommended to synchronize the list of sites across all participating Controller sites. This is typically done using a script, Ansible or Terraform to create a primary list of Controller sites. Thereafter, this information is propagated to every Controller deployment using one of the automation methods. For example, to define the trio of Controller sites mentioned in the subsequent “Controller Site Selector Use” section of this article, one would need three JSON payloads to POST to /api/controllersite
. The 3 POSTs would need to be applied to each Controller, for a total of 9 POSTs.
Note: For the drop-down selector to show, it is required to add a Controller site entry for the local Controller.
{
"name": "Earth",
"address": "192.0.2.10"
}, {
"name": "Mars",
"address": "192.0.2.20"
}, {
"name": "Venus",
"address": "192.0.2.30"
}
Avi Vantage 18.2.6+
Customers are recommended to synchronize the list of sites across all participating Controller sites. This is typically done using a script, Ansible or Terraform to create a primary list of Controller sites. Thereafter, this information is propagated to every Controller deployment using one of the automation methods. For example, to define the trio of Controller sites mentioned in the subsequent “Controller Site Selector Use” section of this article, one would need two JSON payloads to POST to each /api/controllersite
. The two POSTs from any given Controller would need to point to the other two. Thus, in our examine, there would be a total of 6 POSTs.
Note: Beginning with version 18.2.6, it no longer required to add the local Controller as a Controller site entry. If there is at least one record, and it doesn’t match the current site, then Avi Vantage automatically shows the current site’s host name (if applicable), or IP address.
From the Earth
site:
{
"name": "Mars",
"address": "192.0.2.20"
}, {
"name": "Venus",
"address": "192.0.2.30"
}
From the Mars
site:
{
"name": "Earth",
"address": "192.0.2.10"
}, {
"name": "Venus",
"address": "192.0.2.30"
}
From the Venus
site:
{
"name": "Earth",
"address": "192.0.2.10"
}, {
"name": "Mars",
"address": "192.0.2.20"
}
Example POST (all releases)
Notes
-
As currently implemented, this feature maps a Controller site to exactly one Controller name and IP address. Thus, for the feature to work with any Controller in a cluster, three local Controller names and corresponding IP addresses must be configured as sites. In the above example, one could envision 3 POSTs as shown below.
{ "name": "Earth", "address": "192.0.2.10" }, { "name": "Earth2", "address": "192.0.2.11" }, { "name": "Earth3", "address": "192.0.2.12" }
- The REST API call
api/controllersite
reveals the set to which the user has thePERMISSION_CONTROLLERSITE
access right. Lack ofPERMISSION_CONTROLLERSITE
hides the Controller site name and drop-down icon from the main menu bar. - Controller sites can only be added/modified through the CRUD call at
/api/controllersite
with X-Avi-Version set in the header. Adding a Controller site to a list of sites requires that at least two fields be given in the payload, name and address. - Site configuration is locally significant, i.e., adding site2 to site1’s list does not automatically result in site1 appearing in site2’s list.
Controller Site Selector Use
- When there is but one Controller site record in the set, just the Controller’s name appears to the left of the circled question mark (help icon).
- On the other hand, if there are multiple records, a V-shaped drop-down icon appears to the left of the help icon.
- Clicking on the drop-down icon reveals the Controller sites within the set to which the user has access.
- Hovering over a particular Controller name,
Venus
, causes it to be highlighted. Clicking confirms the user’s desire to switch to that site.
- After the click, the selected Controller (
Venus
) opens in a new tab, while the previous tab (Earth) remains open in the background. The user is now communicating directly to theVenus
Controller. In this particular case, SSO was in play. Consequently, no login screen was presented by theVenus
Controller; rather, the login was performed automatically, behind the scenes.