Skip to content

How to Deploy a n2x-node in Azure

This article offers a step-by-step guide on setting up a n2x-node in Azure, including creating all the necessary infrastructure within the cloud service provider.

Prerequisites

To complete this tutorial, you must meet the following requirements:

Architecture

This section provides a basic architectural blueprint to guide you through deploying a n2x-node within the Azure cloud environment. This modular design offers versatility and can be reused for various deployment goals, including achieving High Availability (HA) for your n2x.io nodes within your network.

Azure Architecture
Azure Architecture

Step-by-step Guide

Step 1 - Creating and Configuring the Azure VNet

  1. Create a resource group (edge-rg) to include the all resources we will create in the following steps. For more information, see Manage Azure resource groups by using the Azure portal.

    Create Resource Group

  2. Create the Virtual Network (VNet) using the values as described in the following table. For more information, see Virtual Network documentation.

    VNet Settings

    Resource Group Name IP Addresses
    edge-rg edge-vnet 10.0.1.0/24

    Create VNet

  3. Add the subnet in the Vnet as described in the following table. For more information, see Add a Subnet.

    Subnet Settings

    Subnet Name IPv4 address range Starting address Size NAT gateway NSG Route table
    edge-subnet 10.0.1.0/24 10.0.1.0 /28 none none none

    Create Subnet

  4. Create a new route table named edge-rt and associate it with the edge-subnet. Then, add a default route with the destination 0.0.0.0/0 and Internet as Next Hop Type. For more information, see Manage Route Table.

    Create Route Table

  5. Create the Network Interface (NIC) using the values as shown in the following image. For more information, see Manage NICs

    Create NIC

  6. Create the Public IP address using the values as shown in the following image. For more information, see Create a public IP address.

    Create Public IP

    Associate the public IP address with the previously created interface:

    Associate Public IP to NIC

  7. Create a network security group named n2x-node-nsg with minimal inbound and outbound security rules as described in the table below. For more information, see Manage network security groups.

    Rule Source Source Port Range Destination Destination Port Range Protocol Name
    Inbound Any * Any 57775 TCP/UDP allow-tcp-n2x-data-plane-inbound
    Inbound Any * Any 22 TCP allow-ssh-vm-management-inbound
    Outbound Any * Any 443 TCP allow-https-n2x-control-plane-outbound
    Outbound Any * Any 1883 TCP allow-mqtt-n2x-control-plane-outbound
    Outbound Any * Any 57775 TCP/UDP allow-tcp-n2x-data-plane-outbound

    Info

    For direct communication between n2x.io nodes, open inbound connections to ports 57775 TCP/UDP. (See direct connection for details).

    Note

    Open inbound connectivity to ports SSH or RDP (or both) for remote VM management, as needed.

    Create NSG

    Inbound Rules

    Outbound Rules

    Associate the network security group with the previously created interface:

    Associate NSG

Step 2 - Creating a Virtual Machine

Create a Virtual Machine to support the n2x-node with the following configuration:

Note

Please note that this tutorial uses a Linux OS with an Ubuntu 22.04 (Jammy Jellyfish) but you can choose any OS supported by n2x.io and Azure instances.

Create Virtual Machine

Create Virtual Machine

Step 3 - Connecting VM to our n2x.io Network Topology

To connect your VM to the n2x.io network topology, you'll need to:

  1. Add a new connected node to your subnet.
  2. Install the n2x-node agent on the VM.

Step 4 - Verification

Let's confirm that everything is operational:

  1. Check the n2x-node service status on n2x-node-01 using:

    systemctl status n2x-node
    

    Service validation

  2. Verify that the n2x0 interface on n2x-node-01 is active and has an IP address assigned by using the following command:

    ip addr show dev n2x0
    

    Interface validation

  3. (Optional) To verify connectivity within the n2x.io subnet, you can perform a simple test if another node is present. In this example, we'll use test-node-01 which has the IP address 10.254.1.209.

    ping -c 5 10.254.1.209
    

    Connectivity validation

Conclusion

We've provided a comprehensive guide for launching a n2x-node in Azure. Feel free to adapt this foundation to meet your specific needs and implement more complex scenarios.