Riverbed Cloud Services
Deployment Guide
Version 1.0
November 2010
© 2003-2010 Riverbed Technology, Incorporated. All rights reserved.
Riverbed Technology, Riverbed, Steelhead, RiOS, Interceptor, Think Fast, the Riverbed logo, Mazu, Profiler, and Cascade are
trademarks or registered trademarks of Riverbed Technology, Inc. All other trademarks used or mentioned herein belong to their
respective owners.
Apple and Mac are registered trademarks of Apple, Incorporated in the United States and in other countries. Linux is a trademark
of Linus Torvalds in the United States and in other countries. Microsoft, Windows, Vista, Outlook, and Internet Explorer are
trademarks or registered trademarks of Microsoft Corporation in the United States and in other countries. Oracle and JInitiator
are trademarks or registered trademarks of Oracle Corporation in the United States and in other countries. UNIX is a registered
trademark in the United States and in other countries, exclusively licensed through X/Open Company, Ltd. VMware, ESX, ESXi
are trademarks or registered trademarks of VMware, Incorporated in the United States and in other countries. Cisco is a registered
trademark of Cisco Systems, Inc. and its affiliates in the United States and in other countries. EMC, Symmetrix, and SRDF are
registered trademarks of EMC Corporation and its affiliates in the United States and in other countries.
Parts of this product are derived from the following software:
Apache © 2000-2003. The Apache Software Foundation. All rights reserved.
Busybox © 1999-2005 Eric Andersen
ethtool © 1994, 1995-8, 1999, 2001, 2002 Free Software Foundation, Inc
Less © 1984-2002 Mark Nudelman
Libevent © 2000-2002 Niels Provos. All rights reserved.
LibGD, Version 2.0 licensed by Boutell.Com, Inc.
Libtecla © 2000, 2001 by Martin C. Shepherd. All rights reserved.
Linux Kernel © Linus Torvalds
login 2.11 © 1993 The Regents of the University of California. All rights reserved.
md5, md5.cc © 1995 University of Southern California, © 1991-2, RSA Data Security, Inc.
my_getopt.{c,h} © 1997, 2000, 2001, 2002, Benjamin Sittler. All rights reserved.
NET-SNMP © 1989, 1991, 1992 by Carnegie Mellon University. All rights reserved. Derivative Work - 1996, 1998-2000 Copyright
1996, 1998-2000 The Regents of the University of California. All rights reserved.
OpenSSH © 1983, 1990, 1992, 1993, 1995, 1993 The Regents of the University of California. All rights reserved.
pam © 2002-2004 Tall Maple Systems, Inc. All rights reserved.
pam-radius © 1989, 1991 Free Software Foundation, Inc.
pam-tacplus © 1997-2001 by Pawel Krawczyk
sscep © 2003 Jarkko Turkulainen. All rights reserved.
ssmtp © GNU General Public License
syslogd © 2002-2005 Tall Maple Systems, Inc. All rights reserved.
Vixie-Cron © 1988, 1990, 1993, 1994 by Paul Vixie. All rights reserved.
Zile © 1997-2001 Sandro Sigalam © 2003 Reuben Thomas. All rights reserved.
This product includes software developed by the University of California, Berkeley (and its contributors), EMC, and Comtech
AHA Corporation. This product is derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm.
For detailed copyright and license agreements or modified source code (where required), see the Riverbed Technical Support site
at
https://support.riverbed.com. Certain libraries were used in the development of this software, licensed under GNU Lesser
General Public License, Version 2.1, February 1999. For a list of libraries, see the Riverbed Technical Support at
https://support.riverbed.com. You must log in to the support site to request modified source code.
Other product names, brand names, marks, and symbols are registered trademarks or trademarks of their respective owners.
The content of this manual is furnished on a RESTRICTED basis and is subject to change without notice and should not be
construed as a commitment by Riverbed Technology, Incorporated. Use, duplication, or disclosure by the U.S. Government is
subject to restrictions set forth in Subparagraphs (c) (1) and (2) of the Commercial Computer Software Restricted Rights at 48 CFR
52.227-19, as applicable. Riverbed Technology, Incorporated assumes no responsibility or liability for any errors or inaccuracies
that may appear in this book.
Riverbed Technology
199 Fremont Street
San Francisco, CA 94105
Phone: 415.247.8800
Fax: 415.247.8801
Web: http://www.riverbed.com
Part Number
712-00072-01
Contents
Preface.........................................................................................................................................................1
About This Guide ..........................................................................................................................................1
Audience ..................................................................................................................................................1
Document Conventions .........................................................................................................................1
Cloud Resource Requirements.....................................................................................................................2
Upgrading................................................................................................................................................2
Additional Resources ....................................................................................................................................3
Release Notes ..........................................................................................................................................3
Riverbed Documentation ......................................................................................................................3
Online Documentation...........................................................................................................................3
Riverbed Support Knowledge Base .....................................................................................................4
Contacting Riverbed......................................................................................................................................4
Internet .....................................................................................................................................................4
Technical Support ...................................................................................................................................4
Professional Services ..............................................................................................................................4
Documentation........................................................................................................................................4
Chapter 1 - Overview of Riverbed Cloud Services ..................................................................................5
Cloud Services Overview .............................................................................................................................5
Types of Cloud Services.........................................................................................................................5
Riverbed Cloud Services Overview ............................................................................................................6
Riverbed Cloud Services Features .......................................................................................................7
Amazon Web Services Integration ..............................................................................................................7
Supported Deployment Modes ...................................................................................................................8
Basic Deployment Steps..............................................................................................................................10
Chapter 2 - Using the Riverbed Cloud Portal......................................................................................... 13
Overview of the Riverbed Cloud Portal...................................................................................................13
Using the Riverbed Cloud Portal ..............................................................................................................14
Connecting to the Riverbed Cloud Portal.........................................................................................14
Riverbed Cloud Services Deployment Guide
iii
Contents
The Home Page.....................................................................................................................................15
Navigating in the Riverbed Cloud Portal .........................................................................................16
Getting Help ..........................................................................................................................................18
Basic Steps to Configure the Riverbed Cloud Portal ..............................................................................18
Managing Account Information ................................................................................................................19
Managing Licenses ......................................................................................................................................20
Obtaining License Details....................................................................................................................21
Provisioning the Cloud Steelhead......................................................................................................24
Viewing Appliance Summary and AWS Details..............................................................................26
Managing Security Groups ........................................................................................................................31
Managing Riverbed Appliances ................................................................................................................34
Upgrading Your Software ...................................................................................................................35
Managing Optimization Groups ...............................................................................................................35
Updating Optimization Groups .........................................................................................................37
Viewing Reports...........................................................................................................................................41
Viewing Discovered Appliances Report ...........................................................................................41
Viewing Event History Report ...........................................................................................................42
Obtaining Support .......................................................................................................................................43
Configuring Cloud Steelheads...................................................................................................................43
Chapter 3 - Using the Discovery Client .................................................................................................. 45
Overview of the Discovery Client .............................................................................................................45
Installing the Discovery Client on Windows Server...............................................................................46
Installing the Discovery Client on Linux Server .....................................................................................48
Configuring the Discovery Client .............................................................................................................49
Configuring Discovery Client on Windows .....................................................................................49
Configuring Transparency Modes.............................................................................................................52
Chapter 4 - Using the Amazon Public and Private Clouds ................................................................... 53
Overview of the Amazon Public Cloud ...................................................................................................53
Overview of the Amazon Private Cloud..................................................................................................54
Appendix A - Provisioning an AWS Cloud Steelhead Manually ........................................................... 55
Basic Provisioning Steps .............................................................................................................................55
Creating the EBS Volume............................................................................................................................55
Creating the Configuration Volume...................................................................................................55
Creating the Datastore Volume...........................................................................................................56
Selecting the AMI.........................................................................................................................................56
Launching an EC2 Instance ........................................................................................................................56
Example..................................................................................................................................................57
iv
Riverbed Cloud Services Deployment Guide
Contents
Attaching the EBS Volume..........................................................................................................................57
Configuring the Cloud Steelhead..............................................................................................................57
Managing the Cloud Steelhead..................................................................................................................58
Stopping the Cloud Steelhead ............................................................................................................58
Starting the Cloud Steelhead ..............................................................................................................58
Deprovisioning the Cloud Steelhead.................................................................................................58
Index .......................................................................................................................................................... 59
Riverbed Cloud Services Deployment Guide
v
Contents
vi
Riverbed Cloud Services Deployment Guide
Preface
Welcome to the Riverbed Cloud Services Deployment Guide. Read this preface for an overview of the
information provided in this guide and the documentation conventions used throughout, cloud resource
requirements, and contact information. This preface includes the following sections:
“About This Guide” on page 1
“Cloud Resource Requirements” on page 2
“Additional Resources” on page 3
“Contacting Riverbed” on page 4
About This Guide
The Riverbed Cloud Services Deployment Guide describes how to manage Riverbed cloud services in the
Amazon cloud. It describes how to install and configure cloud software using the Riverbed Cloud Portal,
how to start the Cloud Steelhead appliance (Cloud Steelhead), how to use the virtual private cloud and the
public cloud, and how to deploy cloud software using Amazon Web Services (AWS).
Audience
This guide is written for storage and network administrators familiar with administering and managing
WANs using common network protocols such as TCP, CIFS, HTTP, FTP, and NFS. It assumes you are
familiar with virtualization.
Document Conventions
This manual uses the following standard set of typographical conventions.
o
Convention
Meaning
italics
Within text, new terms and emphasized words appear in italic typeface.
boldface
Within text, CLI commands and GUI controls appear in bold typeface.
Riverbed Cloud Services Deployment Guide
1
Preface
Cloud Resource Requirements
Convention
Meaning
Courier
Code examples appear in Courier font. For example:
login as: admin
Riverbed Steelhead
Last login: Wed Jan 20 13:02:09 2010 from 10.0.1.1
amnesiac > enable
amnesiac # configure terminal
<>
Values that you specify appear in angle brackets. For example:
interface <ipaddress>
Optional keywords or variables appear in brackets. For example:
[]
ntp peer <addr> [version <number>]
Required keywords or variables appear in braces. For example:
{}
{delete <filename> | upload <filename>}
The pipe symbol represents a choice to select one keyword or variable to the left or right of
the symbol. (The keyword or variable can be either optional or required.) For example:
|
{delete <filename> | upload <filename>}
Cloud Resource Requirements
The following are the minimum cloud resource requirements for each Cloud Steelhead model. To run a
Cloud Steelhead model, you must ensure that you have at least the minimum level of resources on the
server you lease from the cloud provider.
New Model
Bandwidth
Connections
Total Elastic Block
Store (EBS) Volume
Size *
Minimum Amazon
Target
CSH-250-H
2mbps
200
440GB
m1.small
CSH-550-H
4mbps
600
440GB
m1.large
CSH-1050-M
10mbps
1300
460GB
m1.large
CSH-1050-H
20mbps
2300
460GB
m1.large
CSH-2050-L
45mbps
2500
460GB
m1.large
* The total EBS volume size is the volume used by the datastore (400 GB for all models) and RiOS software.
Upgrading
Riverbed cloud services enable you to upgrade easily to a higher versions of Cloud Steelheads. You can
always upgrade your current Cloud Steelhead model to any higher model available.
If the upgrade does not require a change from an m1.small to an m1.large AWS instance (you are not
upgrading the Cloud Steelhead model CSH-250-H), you do not need to perform any steps to upgrade. The
Cloud Steelhead automatically detects the upgrade license the next time it connects to the Riverbed Cloud
Portal and you must just restart services at this time.
2
Riverbed Cloud Services Deployment Guide
Additional Resources
Preface
If you are upgrading the Cloud Steelhead model CSH-250-H to some other model and you must change
your AWS instance from an m1.small to an m1.large instance, you must deprovision the Cloud Steelhead
and provision it again. For details, see “Provisioning the Cloud Steelhead” on page 24 and “Viewing
Appliance Summary and AWS Details” on page 26. The Riverbed Cloud Portal creates the appropriate
instance size and provides the license to the Cloud Steelhead.
Additional Resources
This section describes resources that supplement the information in this guide. It includes the following
sections:
“Release Notes,” next
“Riverbed Documentation” on page 3
“Online Documentation” on page 3
“Riverbed Support Knowledge Base” on page 4
Release Notes
The following release notes supplement the information in this manual. It is available on the Riverbed
Support site at https://support.riverbed.com.
Online File
Purpose
<product>_<version_number>
<build_number>.pdf
Describes the product release and identifies fixed problems,
known problems, and workarounds. This file also provides
documentation information not covered in the manuals or
that has been modified since publication.
Please examine this file before you begin the installation and configuration process. It contains important
information about this release of the Steelhead appliance.
Riverbed Documentation
For a complete list of Riverbed documentation, log in to the Riverbed Support Web site located at
https://support.riverbed.com.
The Riverbed user documentation set is periodically updated with new information. To access the most
current version, log in to the Riverbed Support site located at https://support.riverbed.com.
Online Documentation
The Riverbed documentation set is periodically updated with new information. To access the most current
version of Riverbed documentation and other technical information, consult the Riverbed Support site
located at https://support.riverbed.com.
Riverbed Cloud Services Deployment Guide
3
Preface
Contacting Riverbed
Riverbed Support Knowledge Base
The Riverbed Knowledge Base is a database of known issues, how-to documents, system requirements, and
common error messages. You can browse titles or search for key words and strings.
To access the Riverbed Knowledge Base, log in to the Riverbed Support site located at
https://support.riverbed.com.
Contacting Riverbed
This section describes how to contact departments within Riverbed.
Internet
You can find out about Riverbed products through our Web site at http://www.riverbed.com.
Technical Support
If you have problems installing, using, or replacing Riverbed products contact Riverbed Support or your
channel partner who provides support. To contact Riverbed Support, please open a trouble ticket at
https://support.riverbed.com or call 1-888-RVBD-TAC (1-888-782-3822) in the United States and Canada
or +1 415 247 7381 outside the United States.
Professional Services
Riverbed has a staff of professionals who can help you with installation assistance, provisioning, network
redesign, project management, custom designs, consolidation project design, and custom coded solutions.
To contact Riverbed Professional Services go to http://www.riverbed.com or email
[email protected].
Documentation
We continually strive to improve the quality and usability of our documentation. We appreciate any
suggestions you may have about our online documentation or printed materials. Send documentation
comments to [email protected].
4
Riverbed Cloud Services Deployment Guide
CHAPTER 1
Overview of Riverbed Cloud
Services
This chapter describes Riverbed cloud services. It includes the following sections:
“Cloud Services Overview” on page 5
“Riverbed Cloud Services Overview” on page 6
“Amazon Web Services Integration” on page 7
“Supported Deployment Modes” on page 8
“Basic Deployment Steps” on page 10
Cloud Services Overview
Cloud computing is a technology that uses the Internet and central remote servers to host data and
applications. Cloud computing enables you to use applications without hardware installation and access
your files from any computer with Internet access. It centralizes storage, memory, and data processing.
Types of Cloud Services
There are three types of cloud services:
Public Cloud - A virtual data center outside your company’s firewall. A service provider delivers
resources to companies (on demand) over the Internet. For example, Amazon Web Services, Google
Apps., and Salesforce.com are public cloud solutions. They centralize all of their services in a few data
centers around the world, and deliver global services (at acceptable performance) from these locations.
Due to thin-provisioning and virtualization, these vendors can present a seemingly limitless data
center infrastructure at a low monthly cost.
Private Cloud - A virtual data center inside your company’s firewall or a private space dedicated to
your company within a cloud provider’s data center. Your company manages applications and
infrastructure independently from a central location. Private cloud services take the fundamental
business and delivery model for public vendors and scale it down to delivering the computing
capacity for an individual enterprise. For enterprises that have tens of thousands or hundreds of
thousands of employees, they can cost-effectively provide the type of instant, seemingly endless
computing and storage capacity that public vendors have.The private cloud model overcomes issues of
availability, security, and lock-in, and also deals with invested data center costs.
Hybrid Cloud - A combination of public and private clouds.
Riverbed Cloud Services Deployment Guide
5
Overview of Riverbed Cloud Services
Riverbed Cloud Services Overview
Regardless of whether you choose the public cloud, the private cloud, or a mix of the two to deliver IT for
your business, you must ensure that the end product is optimized for the speed that your own users need.
Riverbed cloud services solve the problem of making cloud services deliver LAN-like performance to
distributed end users, whether you delivering private cloud services or public cloud services, Riverbed
cloud services provide the cost and management benefits of cloud services along with the performance
needed to unleash the potential of the cloud.
Riverbed Cloud Services Overview
This section provides an overview of the Riverbed cloud services system and its components. Figure 1-1
shows an overview of Riverbed cloud services.
Figure 1-1. Riverbed Cloud Services
The Riverbed cloud services system consists of the following components:
Riverbed Cloud Portal - An always-on, always available web portal that enables you to log on to
deploy and manage software in the cloud. The portal handles licensing, deployment, server discovery,
and provisioning of your software. For details, see Chapter 2, “Using the Riverbed Cloud Portal.”
Amazon Cloud - Amazon’s cloud solution. For details, see “Amazon Web Services Integration,” next.
Cloud Steelhead Appliance - The Riverbed Steelhead solution for the cloud. The Cloud Steelhead
accelerates application performance and data transfer over the WAN, overcoming bandwidth and
geographical limitations to improve productivity and enable global collaboration.
6
Riverbed Cloud Services Deployment Guide
Amazon Web Services Integration
Overview of Riverbed Cloud Services
Discovery Client - A software package that you download from the Riverbed Support site and install
on the client or server in the cloud that is optimized. The Discovery Client provides auto-discovery,
transparency, failure detection, and load balancing. For details, see Chapter 3, “Using the Discovery
Client” .
Customer Branch or Data Center - Your branch office or data center that contains a physical or virtual
Steelhead to optimize data. For details, see the Riverbed Deployment Guide.
You must first provision the Cloud Steelhead using the Riverbed Cloud Portal. During provisioning, the
portal creates the required resources in your target cloud and then launches the Cloud Steelhead. After the
Cloud Steelhead has booted, it contacts the portal and retrieves the licensing information. If the Cloud
Steelhead can retrieve a valid license from the portal, the Steelhead in the data center or branch office and
the Cloud Steelhead can then optimize connections between the client and the server.
Riverbed Cloud Services Features
Riverbed cloud services provide:
WAN optimization - Obtain the benefits of Riverbed WAN optimization to reduce application
response times and data usage for cloud files and applications.
Flexibility - Store your data in the cloud or at your data center and the Steelhead optimizes access to it.
Quick deployment - Provision cloud services using the Riverbed Cloud Portal.
Simplified management - Simplify on-going management of your Cloud Steelheads with tools to
automatically update them, direct traffic to appropriate Cloud Steelheads, and ensure Cloud
Steelheads are licensed and optimizing regardless of software and hardware changes.
Amazon Web Services Integration
The Cloud Steelhead v1.0 is integrated with Amazon Web Services (AWS) to provide cloud services.
Riverbed supports Amazon’s public cloud solution, the Elastic Compute Cloud (EC2), and the Beta version
of its private cloud, the Virtual Private Cloud (VPC)
The following are the major geographical Data Centers (called Regions) in Amazon:
US-East (the original one, located in Virginia),
US-West (located in Northern California)
EU (located in Ireland)
Asia Pacific (located in Singapore)
All regions are set up to communicate freely with each other. Your own physical proximity to the region and
the resulting latency determines which region you use.
During provisioning, you select a region and then select a zone in the region. Zones are physical sites that
Amazon provides, which are racked and ready to supply additional computing power to the region they
are assigned to. You can choose any zone in which to deploy the Cloud Steelhead. Cloud Steelheads
communicate through IPs and there are no traffic restrictions between zones.
After you select a region and a zone, you can launch a cloud appliance from an Amazon Machine Instance
(AMI), which is a pre-packaged virtual appliance stored in the Amazon cloud. Riverbed creates Cloud
Steelhead AMIs for use in AWS. These AMIs are stored in Amazon’s Simple Storage Solution (S3) cloud
storage.
Riverbed Cloud Services Deployment Guide
7
Overview of Riverbed Cloud Services
Supported Deployment Modes
To launch a Cloud Steelhead appliance, you select the appliance corresponding to the required RiOS release
and the AWS cloud launches an EC2 instance. Cloud Steelheads also require at least two Elastic Block Store
(EBS) volumes, which are attached to the EC2 instance at launch time. The Cloud Steelhead uses this
volume to store its configuration. The Riverbed Cloud Portal automates much of this process, enabling you
to provision a Cloud Steelhead with minimal effort.
EC2 instances are transient (they only exist as long as the Cloud Steelhead is running). EBS volumes provide
a way to retain data through moves and restarts. You can back up EBS volumes to Amazon S3 storage if you
want to maintain copies.
Supported Deployment Modes
Riverbed cloud services support the following client-server deployments:
Figure 1-2 shows a deployment in which the server-side servers are behind a Steelhead in a network
address translated (NATed) environment.
Figure 1-2. Servers in the Cloud Behind a Steelhead in a NATed Environment
WAN
Figure 1-3 shows a deployment in which the servers in the cloud are behind a Steelhead. In this case, the
network does not have NAT; for example, when you use an Amazon Virtual Private Cloud (VPC).
Figure 1-3. Servers in the Cloud Behind a Steelhead
WAN
8
Riverbed Cloud Services Deployment Guide
Supported Deployment Modes
Overview of Riverbed Cloud Services
Figure 1-4 shows a deployment in which the clients in the cloud are behind a Steelhead. In this case, the
network does not have NAT; for example, when you use an Amazon VPC. In this deployment, you must
use a Discovery Client in the network. For details, see Chapter 3, “Using the Discovery Client.”
Figure 1-4. Clients in the Cloud Behind a Steelhead
WAN
Note: Riverbed cloud services do not support clients in the cloud in a NATed environment.
Riverbed Cloud Services Deployment Guide
9
Overview of Riverbed Cloud Services
Basic Deployment Steps
Basic Deployment Steps
Figure 1-5 shows the basic steps to deploy a Cloud Steelhead.
Figure 1-5. Basic Deployment Steps
The following table lists the deployment tasks:
Task
Reference
1.
Obtain license for the cloud appliance.
“Managing Licenses” on page 20
2.
Provision the Cloud Steelhead on the Riverbed
Cloud Portal.
Chapter 2, “Using the Riverbed Cloud Portal.”
3.
Configure the Cloud Steelhead.
“Configuring Cloud Steelheads” on page 43
10
Riverbed Cloud Services Deployment Guide
Basic Deployment Steps
Task
Overview of Riverbed Cloud Services
Reference
4.
Decide whether you will use the Discovery
Client. If you are using the Discovery Client, go
to step 5; otherwise, go to step 7.
5.
Install and configure the Discovery Client on
the cloud server.
Chapter 3, “Using the Discovery Client.”
6.
Configure optimization group on the portal.
“Managing Optimization Groups” on page 35
7.
If you are not using the Discovery Client,
configure the client-side Steelhead appliance
in-path rules to point to the Cloud Steelhead
for server.
Steelhead Management Console User’s Guide
8.
If your network is NATed, go to step 9.
9.
If you are not using the Discovery Client,
configure the Cloud Steelhead for public or
private IP address mapping.
Riverbed Cloud Services Deployment Guide
“Configuring Cloud Steelheads” on page 43
11
Overview of Riverbed Cloud Services
12
Basic Deployment Steps
Riverbed Cloud Services Deployment Guide
CHAPTER 2
Using the Riverbed Cloud Portal
This chapter describes how to use the Riverbed Cloud Portal. It includes the following sections:
“Overview of the Riverbed Cloud Portal” on page 13
“Using the Riverbed Cloud Portal” on page 14
“Basic Steps to Configure the Riverbed Cloud Portal” on page 18
“Managing Account Information” on page 19
“Managing Licenses” on page 20
“Managing Security Groups” on page 31
“Managing Riverbed Appliances” on page 34
“Managing Optimization Groups” on page 35
“Viewing Reports” on page 41
“Obtaining Support” on page 43
“Configuring Cloud Steelheads” on page 43
Overview of the Riverbed Cloud Portal
The Riverbed Cloud Portal enables you to manage cloud appliances through a Web interface. The Riverbed
Cloud Portal v1.0 enables you to:
manage cloud licenses you purchased from Riverbed.
manage cloud Steelhead appliances.
manage optimization groups (groups that contain cloud Steelheads and virtual servers running in the
Amazon cloud).
obtain information about your account.
request a new license.
generate and view reports on discovered appliances and event history.
obtain support.
The Riverbed Cloud Portal v1.0 supports the Amazon public cloud.
Riverbed Cloud Services Deployment Guide
13
Using the Riverbed Cloud Portal
Using the Riverbed Cloud Portal
Using the Riverbed Cloud Portal
The following section describes how to connect to and navigate in the Riverbed Cloud Portal. It includes
the following sections:
“Connecting to the Riverbed Cloud Portal” on page 14
“The Home Page” on page 15
“Navigating in the Riverbed Cloud Portal” on page 16
“Getting Help” on page 18
Connecting to the Riverbed Cloud Portal
After you request a Riverbed Cloud Portal account, the administrator sends you an email with the URL of
the Riverbed Cloud Portal and your user name (usually your email address). Go to the URL and select a
password.
To connect to the Riverbed Cloud Portal
1. Enter the Riverbed Cloud Portal URL (http://cloudportal.riverbed.com) in the location box of your
Web browser.
The Riverbed Cloud Portal appears, displaying the Login page.
Figure 2-1. Login Page
2. In the Email text box, type your email address.
3. In the Password text box, type the password you assigned when you first logged into the Riverbed
Cloud Portal.
4. Click Log In to display the Home page.
14
Riverbed Cloud Services Deployment Guide
Using the Riverbed Cloud Portal
Using the Riverbed Cloud Portal
If you do not remember your password, click I’ve forgotten my password to display the Reset Password
page.
Figure 2-2. Reset Password Page
Type your email address and click Reset Password. The system emails a link to you. Click the link to
go to a page where you can change your password.
The Home Page
The Home page provides a dashboard view into the system. It displays:
Riverbed Appliances - Lists the Riverbed appliances that are currently provisioned. In the Riverbed
Cloud Portal v1.0, this page lists Cloud Steelheads. Click the name of an appliance for more details.
Optimization Groups - Displays the optimization groups you configured. Click an optimization group
name for details.
Portal News - Displays the last three news stories published by Riverbed employees to the portal.
Riverbed Cloud Services Deployment Guide
15
Using the Riverbed Cloud Portal
Using the Riverbed Cloud Portal
Recent Events - Describes various events and activity that occurred in your company. For example,
user xyz launched a particular appliance or shut it down or a list of licenses granted to the company.
Figure 2-3. The Home Page
Navigating in the Riverbed Cloud Portal
You navigate to the tools and reports available to you in the Riverbed Cloud Portal using menus.
To display menus
1. Move cursor over the Manage and Reports menus to display the submenus. For example, move cursor
over the Reports menu to display the submenus Discovered Appliances and Event History. The menu
item that is currently active is highlighted.
2. To navigate to a page, slide your mouse down to the submenu item you want to display and click the
menu name. For example, under Manage > Licenses, click Licenses to display the page.
16
Riverbed Cloud Services Deployment Guide
Using the Riverbed Cloud Portal
Using the Riverbed Cloud Portal
Figure 2-4 shows the Riverbed Cloud Portal menus.
Figure 2-4. Menus
The following table summarizes the menus.
Menu
Submenus
Home
Displays the Home page.
Manage
Licenses - Displays a list of all licenses allotted. You can view the active and inactive licenses on this
page.
Riverbed Appliances - Provides information on the Riverbed appliances (such as Cloud
Steelheads) provisioned.
Optimization Groups - Enables you to configure Cloud Steelhead groups.
Account Info - Displays information about your account and settings for your company.
Request New License - Enables you to request a new license from Riverbed.
Reports
Discovered Appliances - Enables you to view a report of all discovered appliances.
Event History - Enables you to view all events that have occurred for your company account.
Support
Displays online help and documentation, portal news, software downloads, and contact
information for Riverbed Support.
Printing Pages and Reports
You can print the Riverbed Cloud Portal pages and reports using the print option on your Web browser.
To print pages and reports
Choose File > Print in your Web browser to open the Print dialog box.
Riverbed Cloud Services Deployment Guide
17
Using the Riverbed Cloud Portal
Basic Steps to Configure the Riverbed Cloud Portal
Getting Help
The Support page provides the following options:
Help - Displays browser-based online help.
News - Displays news stories published to the Riverbed Cloud Portal by Riverbed employees.
Downloads - Displays a list of software downloaded along with the Riverbed Cloud Portal.
Cloud Support - Displays Riverbed Support information.
Downloading Documentation
The Riverbed Support Site contains PDF versions of the Riverbed Cloud Services Deployment Guide, Steelhead
Management Console User’s Guide and the Riverbed Command-Line Interface Reference Manual.
To download the PDF versions of the Documentation
1. Click Support in the menu bar to display the Support page.
2. You must be registered on the Riverbed Support site to download the documentation. Click one of the
following links:
To register on the Riverbed Support site:
https://support.riverbed.com/account/registration/register.htm
If you are registered on the Riverbed Support site:
https://support.riverbed.com/docs/index.htm
3. Go to the PDF document.
4. Click the document name to download the document.
Logging Out
In the menu bar on the upper-right corner of the screen, click logout to end your session.
Basic Steps to Configure the Riverbed Cloud Portal
The following table describes the basic steps to configure the Riverbed Cloud Portal.
Task
Reference
1. Log in to the Riverbed Cloud Portal website
using your email address as your login ID,
and the password provided by Riverbed.
“Connecting to the Riverbed Cloud Portal” on page 14
2. Enter the AWS credentials that Amazon
assigned to your company.
“Managing Account Information” on page 19
3. View and manage the licenses allocated to
your company.
“Managing Licenses” on page 20
4. Click the serial number of a license to
launch a Cloud Steelhead.
“Managing Licenses” on page 20
18
Riverbed Cloud Services Deployment Guide
Managing Account Information
Using the Riverbed Cloud Portal
Task
Reference
5. Verify that the license features (such as the
Cloud Steelhead model) are what you need,
then click Provision.
“Provisioning the Cloud Steelhead” on page 24
6. Select Manage > Riverbed Instances to
check running Cloud Steelheads.
“Managing Riverbed Appliances” on page 34
Managing Account Information
The Manage Account Info page provides information and options about the current authenticated user’s
account. It also enables you to update the user’s company cloud security credentials.
To manage account information
1. Choose Manage > Account Info to display Manage Account Info page.
Figure 2-5. Manage Account Information Page
The Manage Account Info page provides the account user’s name, email address, and company.
2. Under Personal Information, click Change Password to change the user’s password in the Change
Password dialog box.
Figure 2-6. Change Password Dialog Box
3. Type the old password, new password, confirm the new password, and click Change Password.
Riverbed Cloud Services Deployment Guide
19
Using the Riverbed Cloud Portal
Managing Licenses
4. Under Amazon Web Services, click Update Account Credentials to display the AWS Security
Credentials dialog box.
Figure 2-7. Update AWS Security Credential Page
5. Type an account number, access key ID, and secret access key from the Security Credentials page of your
AWS account, and click Add.
The Riverbed Cloud Portal displays Account Info page.
Managing Licenses
The Manage Licenses page displays the status of all licenses that Riverbed allocated to you. In this page,
you can view which licenses are active or unused and plan to use them.
Note: When a license expires, the system automatically restarts services.
To manage licenses
1. Choose Manage > Licenses to display the Manage Licenses page.
Figure 2-8. Manage Licenses Page
20
Riverbed Cloud Services Deployment Guide
Managing Licenses
Using the Riverbed Cloud Portal
2. Complete the configuration as described in the following table.
Parameter
Description
Serial Number
The license serial number. This is also the appliance serial number if there
is an appliance using the license.
Click the serial number for more details on the license.
Type
The type of license. For the Riverbed Cloud Portal v1.0, this is always a
Steelhead.
Ranking License
The most superior licensed feature (allows more connections, has higher
bandwidth, or other enhanced functionality) associated with the license. A
license consists of many features. For example, if you first purchased a
CSH-250-H license and then upgraded to CSH-550-H, the highest ranking
license feature is CSH-550-H.
State
The current state of the license. It has one of the following values:
• Unprovisioned - The license is not used.
• Unknown - The Riverbed Cloud Portal cannot determine the state of
the license, probably due to an error.
• Not Running - The license is attached to a Riverbed appliance (Cloud
Steelhead), but the appliance is not running.
• Running - The license is attached to a Riverbed appliance (Cloud
Steelhead), and the appliance is running.
• Stopping - The license is attached to a Riverbed appliance (Cloud
Steelhead), but the appliance is in the process of being stopped.
• Starting - The license is attached to a Riverbed appliance (Cloud
Steelhead), but the appliance is in the process of starting.
• Missing - The license is attached to a Riverbed appliance (Cloud
Steelhead), but the appliance is missing. This usually occurs when the
appliance is deleted by tools other than the Riverbed Cloud Portal. If
the license is in the Missing state, deprovision the appliance to release
the license and provision it again. For details, see “Provisioning the
Cloud Steelhead” on page 24.
Version
The software version of RiOS running on the appliance. This is applicable
only if the license has been provisioned.
Obtaining License Details
You can obtain more details on the license such as the license state, product type, client ID, one time token,
one time token state, and last checkout in the License Details page.
Riverbed Cloud Services Deployment Guide
21
Using the Riverbed Cloud Portal
Managing Licenses
To obtain details on a license
1. Click the serial number in the license table to display the License Details page.
Figure 2-9. License Details Page
2. Click the Details tab to display the following license details.
Parameter
Description
License Serial Number
The license serial number. This is also the appliance serial number if there is
an appliance using the license.
State
Current state of the license. For details, see the license table in “Managing
Licenses” on page 20. Click the state to change its value and update the
appliance. When you click the state, the Appliance Summary page appears.
For details, see “Viewing Appliance Summary and AWS Details” on page 26.
Product Type
For the Riverbed Cloud Portal v1.0, this is always a Steelhead.
Client ID
The internal license ID that you can use to debug the license client running on
the virtual appliance.
One Time Token
Value that you enter in the Cloud Steelhead to activate the license when you
provision the Cloud Steelhead manually. If you use the Riverbed Cloud
Portal provisioning system, it enters the token in the Cloud Steelhead
automatically. You must enter the token only when you manually provision
the Cloud Steelhead without using the Riverbed Cloud Portal.
One Time Token State
Displays the status of the one-time token and the date and time it expires.
Appliance Software Version
Displays the software version of the Cloud Steelhead.
Last Checkout
Displays the date and time when the Cloud Steelhead last checked out the
license.
22
Riverbed Cloud Services Deployment Guide
Managing Licenses
Using the Riverbed Cloud Portal
3. Click the Features tab to display the License Features page.
Figure 2-10. License Features Page
The License Features page displays the following.
Parameter
Description
Feature Name
Specifies the feature name such as CSH-250-L.
Start Date
Specifies the date and time on which the feature was installed.
End Date
Specifies the date and time until which the feature is valid.
4. Click the Event Log to display the Event Log page for the license.
Figure 2-11. License Event Log Page
5. In the license event log page, complete the configuration as described in the following table.
Riverbed Cloud Services Deployment Guide
23
Using the Riverbed Cloud Portal
Managing Licenses
Control
Description
Level
Select the minimum severity level for the event log messages. The
log contains all messages with this severity level or higher. Select
one of the following levels from the drop-down list:
• Critical - Conditions that affect the functionality of the
appliance.
• Error - Conditions that probably affect the functionality of the
appliance.
• Warning - Conditions that could affect the functionality of the
appliance, such as authentication failures.
• Notice - Normal but significant conditions, such as a
configuration change.
• Informational - Informational messages that provide general
information about system operations.
• Debug - Messages that help you debug a failure.
Records
Specify the maximum number of records to display. The default
value is 20.
Timestamp
Date and time at which the event occurred. Click the arrow to sort
this column in descending order.
IP Address
IP address of the client machine that initiated the action.
User
Name of the user who performed the action.
Log Level
Severity level of the log message.
Message
Log message that describes the action that occurred.
Provisioning the Cloud Steelhead
If a license is unused, you can provision a Cloud Steelhead using the license from the Manage Licenses
page.
To provision a Cloud Steelhead
1. Choose Manage > Licenses to display the Manage Licenses page.
24
Riverbed Cloud Services Deployment Guide
Managing Licenses
Using the Riverbed Cloud Portal
2. Click the Provision button in the last column of the license table to display the Launch Cloud Steelhead
dialog box.
Figure 2-12. Launch Cloud Steelhead Dialog Box
3. In the Launch Steelhead dialog box, complete the configuration as described in the following table.
Control
Description
Appliance Name
Type the name of the Cloud Steelhead.
Description
Type a description of the Cloud Steelhead you are provisioning.
Version
Select a software version from the drop-down list.
Optimization Group
Select an optimization group in which the Cloud Steelhead should
be a member.
Region
Select the region closest to you from the drop-down list. The choices
are US East and US West.
Availability Zone
Select a zone in which the Cloud Steelhead is provisioned from the
drop-down list. For example, for the Amazon US East cloud, you
can choose us-east-1a, us-east-1b, us-east-1c, or us-east-1d.
Zones are physical sites that Amazon provides, which are racked
and ready to supply additional computing power to the region they
are assigned to. You can choose any zone to deploy the Cloud
Steelhead. Cloud Steelheads communicate through IP addresses
and there are no traffic restrictions between zones (or costs for data
passing between zones).
Riverbed Cloud Services Deployment Guide
25
Using the Riverbed Cloud Portal
Managing Licenses
Control
Description
Subnet
Select a subnet for the Virtual Private Cloud (VPC) IP address from
the drop-down menu. Subnets are segments of a VPC's IP address
space. The subnets enable you to separate the isolated resources
(such as Amazon EC2 instances) in the VPC based on security and
operational requirements. If you create more than one subnet in a
VPC, they are attached to each other by a logical router, in a star
topology. For details on VPC, see Chapter 4, “Using the Amazon
Public and Private Clouds.”
If you do not select a subnet, the system provisions the Cloud
Steelhead in the public AWS cloud.
Key Pair
Select an SSH key pair in your Amazon account for the Cloud
Steelhead.
Note: You must select a Key Pair or specify an Admin Password or
do both.
Admin Password
Specify a password for the Cloud Steelhead administrator.
Confirm Admin Password
Confirm the administrator password entered in the previous field.
Network Access
Click the checkbox Allow network access from my location to
enable other Steelheads and computers at your location to access the
Cloud Steelhead.
4. Click Provision to provision the Cloud Steelhead; click Cancel to cancel your settings.
After provisioning completes, the Cloud Steelhead automatically restarts and displays the Appliance
Summary page.
Viewing Appliance Summary and AWS Details
The Appliance Summary page displays the name, description, state, license, and version of the appliance.
To view the appliance summary
1. Provision a Cloud Steelhead using the Launch Steelhead Instance dialog box. For details, see
“Provisioning the Cloud Steelhead” on page 24. Specify all the parameters in the Launch Steelhead
Instance dialog box and click Provision.
The Appliance Summary page appears if the provisioning is successful; otherwise, an error message
appears.
or
If you have already provisioned the appliance, choose Manage > Riverbed Appliances and click the
name of the appliance in the Manage Riverbed Appliances page to display the Appliance Summary
page.
26
Riverbed Cloud Services Deployment Guide
Managing Licenses
Using the Riverbed Cloud Portal
Figure 2-13. Appliance Summary Page
2. Click the Summary tab and complete the configuration as described in the following table.
Parameter
Description
Name
Name of the Cloud Steelhead provisioned. To change the name,
type a new name in the text field and click Update Appliance.
Description
Description of the appliance you entered in the provisioning dialog.
To change the description, type a new description in the text field
and click Update Appliance.
State
The current state of the cloud appliance. It has one of the following
values:
• Unknown - The Riverbed Cloud Portal cannot determine the
state of the appliance, probably due to an error.
• Not Running - The appliance is not running.
• Running - The appliance is running.
• Stopping - The appliance is in the process of being stopped.
• Starting - The appliance is in the process of starting.
• Missing - The appliance is missing. This usually occurs when
the appliance is deleted by tools other than the Riverbed Cloud
Portal.
License
License number of the appliance.
Version
Appliance version you selected in the provisioning dialog.
Management Console
Link to the Cloud Steelhead Management Console. It displays Not
Available until you provision a Cloud Steelhead.
Click the Configure Network Access link to go to the Security
Group page. For details, see “Managing Security Groups” on
page 31.
Update Appliance
Updates the appliance with the changes you make to its name,
description, and version.
Start Appliance
Starts the appliance in the cloud. This button is enabled only if the
appliance is not running.
Riverbed Cloud Services Deployment Guide
27
Using the Riverbed Cloud Portal
Managing Licenses
Parameter
Description
Stop Appliance
Stops the appliance in the cloud. This button is enabled only if the
instance is running.
Deprovision Appliance
Deprovisions the appliance. Deletes the configuration volume and
all datastore volumes. The license is then available for reuse. This
button is enabled only if the instance is not running. You cannot
undo this operation.
3. Click AWS Details to display the AWS Details page.
Figure 2-14. AWS Details Page
The AWS Details page displays the following.
Parameter
Description
Uptime
Duration for which the Cloud Steelhead has been running.
Creation Time
Time at which the Cloud Steelhead was created.
28
Riverbed Cloud Services Deployment Guide
Managing Licenses
Using the Riverbed Cloud Portal
Parameter
Description
Zone
Zone in which the Cloud Steelhead is provisioned.
Zones are physical sites that Amazon provides, which are racked
and ready to supply additional computing power to the region they
are assigned to. You can choose any zone to deploy the Cloud
Steelhead. Cloud Steelheads communicate through IP addresses
and there are no traffic restrictions between zones (or costs for data
passing between zones).
Key Pair
Key pair in your Amazon account for the Cloud Steelhead.
Security Group
Security group to which the Cloud Steelhead belongs. For details,
see “Managing Security Groups” on page 31.
Subnet
Subnet for the VPC IP address.
Last known Instance ID
The last known EC2 instance ID associated with the Cloud
Steelhead.
Instance Type
The type of EC2 instance launched when the Cloud Steelhead is
started. For example, m1.small.
Architecture
The Cloud Steelhead architecture type—i386 (32-bit) or x86_64 (64bit).
Public IP Address
The current public IP address of the Cloud Steelhead.
Public DNS Name
The public DNS (Domain Name Server) name of the Cloud
Steelhead.
Private IP Address
The current private (cloud vendor) IP address of the Cloud
Steelhead.
Private DNS Name
The internal DNS name of the Cloud Steelhead.
Configuration Volume
The (cloud vendor-specific) volume used to store the appliance
configuration and log files.
• EBS Volume ID - Elastic Block Store volume ID.
• Size - Size of the volume.
Datastore Volume
The Elastic Block Store (EBS) volume used to store the Cloud
Steelhead datastore. Some Cloud Steelhead models do not use a
dedicated EBS volume for the datastore, so this entry might be
missing in their instance details.
• EBS Volume ID - Elastic Block Store volume ID.
• Size - Size of the volume.
4. Click the AWS Console tab to display the output of the virtual serial console connected to the EC2
instance.
Riverbed Cloud Services Deployment Guide
29
Using the Riverbed Cloud Portal
Managing Licenses
5. Click the Event Log tab to display the Event Log page for the appliance.
Figure 2-15. Appliance Event Log Page
6. In the appliance event log page, complete the configuration as described in the following table.
Control
Description
Level
Select the minimum severity level for the event log messages. The
log contains all messages with this severity level or higher. Select
one of the following levels from the drop-down list:
• Critical - Conditions that affect the functionality of the
appliance.
• Error - Conditions that probably affect the functionality of the
appliance.
• Warning - Conditions that could affect the functionality of the
appliance, such as authentication failures.
• Notice - Normal but significant conditions, such as a
configuration change.
• Informational - Informational messages that provide general
information about system operations.
• Debug - Messages that help you debug a failure.
Records
Specify the maximum number of records to display. The default
value is 20.
Timestamp
Date and time at which the event occurred. Click the arrow to sort
this column in descending order.
IP Address
IP address of the client machine that initiated the action.
User
Name of the user who performed the action.
Log Level
Severity level of the log message.
Message
Log message that describes the action that occurred.
30
Riverbed Cloud Services Deployment Guide
Managing Security Groups
Using the Riverbed Cloud Portal
Managing Security Groups
The Manage Security Groups page enables you to manage the AWS security group for the Cloud Steelhead.
Correctly configured security groups are critical for a node in an optimization group to contact its peers
during the discovery process and for optimization to work. The Riverbed Cloud Portal automates many
steps in the security group configuration.
For example, consider a configuration in which Cloud Steelhead1, Cloud Steelhead2, and Cloud Server A
are members (nodes) of the same optimization group. The Riverbed Cloud Portal provisions Cloud
Steelhead1 and creates a security group Security Group1 automatically during provisioning.
Figure 2-16. Security Groups Example
Initially, Security Group1 does not let Cloud Steelhead2 or Cloud Server A access Cloud Steelhead1.
However, after each node in the optimization group communicates with the Riverbed Cloud Portal and
transmits its IP address, the portal automatically adds rules to Security Group1 so that the group allows
access to Cloud Steelhead1 from the node. Such rules that the Riverbed Cloud Portal adds to a security
group are called Discovery Service Rules.
To complete the configuration you must also add your own rules because:
You can configure and manage a Cloud Steelhead only if its security group allows connections from
outside AWS on ports 22, 80, and 443.
Steelheads outside the AWS cloud must access ports 7800 and 7810 of the Cloud Steelhead for
optimizing the connections.
Rules that you manually add to the security group are called Custom Rules. These rules are not added to the
security group for the Discovery Service and are not tracked by the Riverbed Cloud Portal.
The Riverbed Cloud Portal ensures that Discovery Service Rules are automatically added to the security
group whenever you restart the appliance. Even if you delete a Discovery Service Rule using a third-party
tool such as the AWS user interface, the portal adds it back when you restart the appliance.
To remove a Discovery Service Rule, you must delete it from the Riverbed Cloud Portal by clicking delete
in the Discovery Service Rule table (described in the following section).
You can add or delete Custom Rules through the Riverbed Cloud Portal, which adds or deletes the rules
from the security group immediately. But, if you subsequently delete a Custom Rule from the security
group using a third-party tool such as Elasticfox, the Riverbed Cloud Portal does not ensure that the rule is
re-applied when you start the appliance. The Custom Rules table simply reflects what is currently
configured for the security group in the Amazon cloud at the time you visit the page on the Riverbed Cloud
Portal.
Riverbed Cloud Services Deployment Guide
31
Using the Riverbed Cloud Portal
Managing Security Groups
For optimization to work, you must add rules to the Cloud Server security group to allow traffic from the
Cloud Steelhead to reach the server TCP ports used by the application you want to optimize.
When the Discovery Client is installed on the server, you must enable access to the UDP source port 7801
and destination port 7801 from the Cloud Steelhead on the server’s security group.
To manage security groups
1. Click the name of the security group in the AWS Details page or click Configure Network Access in the
Appliance Summary page to display the Security Groups page. For details, see “Viewing Appliance
Summary and AWS Details” on page 26.
Figure 2-17. Managing Security Groups
Under Discovery Service Rules, the following fields appear.
Field
Description
Protocol
Protocol used to communicate with the portal. For example, TCP,
UDP, or ICMP.
FromPort
Starting value of the range of ports that the source IP address is
allowed to access on the Cloud Steelhead.
ToPort
Ending value of the range of ports that the source IP address is
allowed to access on the Cloud Steelhead.
Source
IP address of the source node.
Policy
Rule policy for access to the Cloud Steelhead such as Allow or
Deny.
delete
Click to delete the Discovery Service Rule from the Riverbed Cloud
Portal and AWS.
32
Riverbed Cloud Services Deployment Guide
Managing Security Groups
Using the Riverbed Cloud Portal
Under Custom Rules, the following fields appear.
Field
Description
Protocol
Protocol used to communicate with the portal. For example, TCP,
UDP, or ICMP.
FromPort
Starting value of the range of ports that the source IP address is
allowed to access on the Cloud Steelhead.
ToPort
Ending value of the range of ports that the source IP address is
allowed to access on the Cloud Steelhead.
Source
IP address of the source node.
Policy
Rule policy for access to the Cloud Steelhead such as Allow or
Deny. The default value is Allow.
delete
Click to delete the Custom Rule from the Riverbed Cloud Portal and
AWS.
Add Custom Rule
Displays the controls to add a custom rule to the security group.
2. Click Add Custom Rule to display the Add Custom Rule dialog box.
Figure 2-18. Add Custom Rule Dialog Box
3. Complete the configuration as described in the following table.
Control
Description
Protocol
Select a protocol (TCP, UDP, or ICMP) from the drop-down menu.
FromPort
Specify the starting value of the range of ports that the source IP
address is allowed to access on the Cloud Steelhead.
ToPort
Specify the ending value of the range of ports that the source IP
address is allowed to access on the Cloud Steelhead.
Source IP
Specify the IP address of the source node.
Get My Host Address
Click to automatically enter your host machine IP address in the
Source IP field.
Add
Adds the custom rule that you specify to the AWS security group for
the Cloud Steelhead.
Cancel
Cancels the operation.
Riverbed Cloud Services Deployment Guide
33
Using the Riverbed Cloud Portal
Managing Riverbed Appliances
Managing Riverbed Appliances
You can display information on Riverbed appliances (Cloud Steelheads) in the cloud in the Manage
Riverbed Appliances page.
To manage Riverbed appliances
1. Choose Manage > Riverbed Appliances to display the Manage Riverbed Appliances page.
Figure 2-19. Manage Riverbed Appliances Page
The Manage Riverbed Appliances page displays the following parameters.
Parameter
Description
Name
Name of the appliance. This name is specific to the Riverbed Cloud Portal.
Click the name for more details on the appliance.
This column does not appear if you view the appliance in the cloud
vendor’s management tool such as Amazon because the vendor might not
support such metadata.
Cloud
The cloud on which the appliance is running. For example, Amazon Web
Services.
License
The license that the appliance is using. Click the license name for more
details about the license. For details, see “Obtaining License Details” on
page 21.
State
The current state of the appliance. It has one of the following values:
• Unknown - The Riverbed Cloud Portal cannot determine the state of
the appliance, probably due to an error.
• Not Running - The appliance is not running.
• Running - The appliance is running.
• Stopping - The appliance is in the process of being stopped.
• Starting - The appliance is attached to a Riverbed appliance (Cloud
Steelhead), but the appliance is in the process of starting.
• Missing - The appliance is missing. This usually occurs when the cloud
appliance is deleted by tools other than the Riverbed Cloud Portal.
Uptime
34
The duration for which the appliance has been running.
Riverbed Cloud Services Deployment Guide
Managing Optimization Groups
Using the Riverbed Cloud Portal
Parameter
Description
Creation Time
The time at which the appliance was provisioned.
Description
The description you entered when you created the appliance.
Upgrading Your Software
You can upgrade or revert to a backup version of the software on your appliance in the Appliance Summary
page.
To upgrade or revert software versions
1. Choose Manage > Riverbed Appliances.
2. Click the name of the appliance in the Name column to display the Appliance Summary page. For
details, see “Viewing Appliance Summary and AWS Details” on page 26.
3. Click Stop Appliance to stop the appliance from running.
The State changes to Stopping and then to Not Running.
4. Select a new software version from the Version drop-down menu.
5. Click Start Appliance.
The appliance starts with the new software version you selected.
Note: You cannot revert to a software version that you did not run before. For example, if you loaded software versions
2, 3, and 5 on the appliance and the current software version is 5, you cannot revert to version 4. To revert to version 4,
you must revert to version 3 and then upgrade to version 4.
Managing Optimization Groups
You configure Cloud Steelhead and virtual server groups in optimization groups in the Manage
Optimization Groups page. For example, if you configure a server and a Cloud Steelhead in the same
optimization group, then the Cloud Steelhead in the group accelerates and optimizes all access to the server.
You can configure multiple Cloud Steelheads in the same optimization group. In this case, the system uses
load balancing to determine which Cloud Steelhead is used for optimization. Riverbed cloud services v1.0
provide the following load balancing policies:
Priority - Selects a Cloud Steelhead for load balancing until its connection count exceeds the maximum
limit and then moves on to the next available Cloud Steelhead. When the first Cloud Steelhead’s load
decreases below the maximum limit, it is available again. This is the default mode.
Round Robin - Selects a Cloud Steelhead and then another (using the round-robin method) for load
balancing. Use the Round Robin mode only if the connection rate is high and you need more than one
Cloud Steelhead to handle the load.
Riverbed Cloud Services Deployment Guide
35
Using the Riverbed Cloud Portal
Managing Optimization Groups
To manage optimization groups
1. Choose Manage > Optimization Groups to display the Optimization Groups page.
Figure 2-20. Manage Optimization Groups Page
The Optimization Groups page displays the following parameters.
Parameter
Description
Name
Name of the optimization group. This name is specific to the Riverbed
Cloud Portal. Click the name for more details on the group.
Description
Description of the group.
Add New Optimization Group
Displays a dialog box to create a new optimization group.
2. Click the Add New Optimization Group button in the Optimization Groups page to display the Add
New Optimization Group dialog box.
Figure 2-21. Add New Optimization Group Dialog Box
3. Complete the configuration as described in the following table.
Parameter
Description
Group Name
Specify the name of the optimization group.
Description
Specify a description for the optimization group.
36
Riverbed Cloud Services Deployment Guide
Managing Optimization Groups
Using the Riverbed Cloud Portal
Parameter
Description
Load Balance Policy
Choose one of the following load balance policies from the dropdown list:
• Priority - Selects a Cloud Steelhead for load balancing until its
connection count exceeds the maximum limit and then moves on
to the next available Cloud Steelhead. When the first Cloud
Steelhead’s load decreases below the maximum limit, it is
available again. This is the default mode.
• Round Robin - Selects a Cloud Steelhead and then another
(using the round-robin method) for load balancing. Use the
Round Robin mode only if the connection rate is high and you
need more than one Cloud Steelhead to handle the load.
Create
Creates a new optimization group with the parameters you specify.
Cancel
Cancels the operation.
Updating Optimization Groups
You can update the group name, Steelhead load balance policy, and description in the Optimization Groups
Details page.
To update an optimization group
1. Select Manage > Optimization Groups.
2. Click a group name to display the Optimization Group Summary page for the group.
Figure 2-22. Optimization Group Summary Page
Riverbed Cloud Services Deployment Guide
37
Using the Riverbed Cloud Portal
Managing Optimization Groups
3. Click the Summary tab to display the following parameters.
Parameter
Description
Group Name
Type the name of the optimization group.
Load Balance Policy
Choose one of the following load balance policies from the dropdown list:
• Priority - Selects a Cloud Steelhead for load balancing until its
connection count exceeds the maximum limit and then moves on
to the next available Cloud Steelhead. When the first Cloud
Steelhead’s load decreases below the maximum limit, it is
available again. This is the default mode.
• Round Robin - Selects a Cloud Steelhead and then another
(using the round-robin method) for load balancing. Use the
Round Robin mode only if the connection rate is high and you
need more than one Cloud Steelhead to handle the load.
Description
Type a description for the optimization group.
Modify Optimization Group
Displays a dialog box to update the optimization group with the
parameters you specify.
Delete Group
Deletes the optimization group and all of its members.
4. Click Modify Optimization Group to display the Update Optimization Group dialog box.
Figure 2-23. Update Optimization Group Dialog Box
5. Complete the configuration as described in the following table.
Parameter
Description
Group Name
Type the name of the optimization group.
Load Balance Policy
Choose one of the following load balance policies from the dropdown list:
• Priority - Selects a Cloud Steelhead for load balancing until its
connection count exceeds the maximum limit and then moves on
to the next available Cloud Steelhead. When the first Cloud
Steelhead’s load decreases below the maximum limit, it is
available again. This is the default mode.
• Round Robin - Selects a Cloud Steelhead and then another
(using the round-robin method) for load balancing. Use the
Round Robin mode only if the connection rate is high and you
need more than one Cloud Steelhead to handle the load.
Description
38
Type a description for the optimization group.
Riverbed Cloud Services Deployment Guide
Managing Optimization Groups
Using the Riverbed Cloud Portal
Parameter
Description
Update
Updates the optimization group with the parameters you specify.
Cancel
Cancels the operation and closes the dialog box.
6. Click the Group Members tab to display the following parameters.
Parameter
Description
Name
Optimization group member name. Click this name to view details
such as the name, priority, client ID, client key, public IP address,
and internal IP address of the member.
Type
Type of the appliance such as Cloud Steelhead.
Public IP
Current public IP address of the optimization appliance.
Internal IP
Current internal (cloud vendor) IP address of the optimization
appliance.
7. In the Group Members page, click Add Steelhead to display the Add Steelhead dialog box.
Figure 2-24. Add Steelhead Dialog Box
8. Complete the configuration as described in the following table.
Parameter
Description
Steelhead
Select a Steelhead appliance from the drop-down list to add to the
optimization group.
Priority
Type the priority in which the Cloud Steelhead should be selected
for optimization. Priority is applicable only to Cloud Steelhead
appliances. A larger numerical value signifies a higher priority.
Add
Adds the new optimization appliance.
Cancel
Cancels the operation and closes the dialog box.
9. In the Group Members page, click Add Server to display the Add Server dialog box.
Figure 2-25. Add Server Dialog Box
Riverbed Cloud Services Deployment Guide
39
Using the Riverbed Cloud Portal
Managing Optimization Groups
10. Complete the configuration as described in the following table.
Parameter
Description
Name
Select a server from the drop-down list to add to the optimization
group.
Type
Select one of the following server types from the drop-down list:
• Linux Server
• Windows Server
Add
Adds the new optimization appliance.
Cancel
Cancels the operation and closes the dialog box.
11. Click the Event Log tab to display the Event Log page for the optimization group.
Figure 2-26. Optimization Group Event Log
12. Complete the configuration as described in the following table.
Control
Description
Level
Select the minimum severity level for the event log messages. The
log contains all messages with this severity level or higher. Select
one of the following levels from the drop-down list:
• Critical - Conditions that affect the functionality of the
appliance.
• Error - Conditions that probably affect the functionality of the
appliance.
• Warning - Conditions that could affect the functionality of the
appliance, such as authentication failures.
• Notice - Normal but significant conditions, such as a
configuration change.
• Informational - Informational messages that provide general
information about system operations.
• Debug - Messages that help you debug a failure.
Records
40
Specify the maximum number of records to display. The default
value is 20.
Riverbed Cloud Services Deployment Guide
Viewing Reports
Using the Riverbed Cloud Portal
Control
Description
Timestamp
Date and time at which the event occurred. Click the arrow to sort
this column in descending order.
IP Address
IP address of the client machine that initiated the action.
User
Name of the user who performed the action.
Log Level
Severity level of the log message.
Message
Log message that describes the action that occurred.
Viewing Reports
You can view the following reports from the Reports menu:
“Viewing Discovered Appliances Report,” next
“Viewing Event History Report” on page 42
Viewing Discovered Appliances Report
The Discovered Appliances report page displays the list of appliances deployed and operational. It displays
the following details for the appliance: optimization group, name, public IP address, internal IP address,
and appliance type.
To view Discovered Appliances report
Choose Reports > Discovered Appliances to display the Discovered Appliances page.
Figure 2-27. Discovered Appliances Page
Riverbed Cloud Services Deployment Guide
41
Using the Riverbed Cloud Portal
Viewing Reports
The Discovered Appliances page displays the following columns:
Column
Description
Group
Optimization group that contains the appliance.
Name
Name of the discovered appliance.
Public IP
Current public IP address of the discovered appliance
Internal IP
Current internal (cloud vendor) IP address of the discovered
appliance.
Type
Type of the appliance such as Cloud Steelhead or server.
Viewing Event History Report
The Event History report displays all of the events that occurred for a particular company. This page enables
multiple end users in the same company to view all events pertaining to their company. It describes events
such as creation and deletion of users and optimization groups, registration of Discovery Clients, and the
registration, provisioning, and deprovisioning of Cloud Steelheads.
To view the Event History report
Choose Reports > Event History to display the Event History page.
Figure 2-28. Event History Page
The Event History page displays the following columns:
Column
Description
Date
Date on which the event occurred
User
Name of the user who performed the action.
Description
Description of the event such as:
Created Optimization group ‘group1’
42
Riverbed Cloud Services Deployment Guide
Obtaining Support
Using the Riverbed Cloud Portal
Obtaining Support
The Support menu provides the following options.
Choose
For
Support > Help
Help on the Riverbed Cloud Portal.
Support > News
Relevant news stories published on the Riverbed Cloud Portal by
Riverbed employees.
Support > Downloads
Downloading software used along with the Riverbed Cloud Portal.
For example, you can download the Discovery Client code used on
virtual servers optimized by a Cloud Steelhead.
Support > Cloud Support
Riverbed Support contact information
Configuring Cloud Steelheads
You configure the Cloud Steelhead in different ways based on whether or not you are using the Riverbed
Cloud Portal.
If you are using the Riverbed Cloud Portal, configure the Cloud Steelhead as follows:
Configure the Discovery Client to communicate with the Cloud Steelhead. For details, see Chapter
3, “Using the Discovery Client.” If you are using the Riverbed Cloud Portal and the Discovery
Client, you do not need to configure anything on the Cloud Steelhead.
_____ or _____
If you are not using a Discovery Client, configure in-path rules on the remote Steelhead to point to
the Cloud Steelhead. In-path rules are used only when a connection is initiated. Because connections
are usually initiated by clients, in-path rules are configured for the initiating, or client-side
Steelhead. In-path rules determine Steelhead behavior with SYN packets. Also, if your network has
a NAT, you must configure public and private address mapping on the Cloud Steelhead. For
details, see Steelhead Management Console User’s Guide.
If you are not using the portal, configure the Cloud Steelhead as follows:
Check whether your network is NATed. If it is, configure the Cloud Steelhead for private or public
address mapping; otherwise, configure out-of-path rules. In an out-of-path deployment, the Steelhead
appliance is not in the direct path between the client and the server. Servers see the IP address of the
server-side Steelhead appliance rather than the client IP address, which might impact security policies.
For details, see Steelhead Management Console User’s Guide.
Riverbed Cloud Services Deployment Guide
43
Using the Riverbed Cloud Portal
44
Configuring Cloud Steelheads
Riverbed Cloud Services Deployment Guide
CHAPTER 3
Using the Discovery Client
This chapter describes how to use the Riverbed Discovery Client. It includes the following sections:
“Overview of the Discovery Client” on page 45
“Installing the Discovery Client on Windows Server” on page 46
“Installing the Discovery Client on Linux Server” on page 48
“Configuring the Discovery Client” on page 49
“Configuring Transparency Modes” on page 52
Overview of the Discovery Client
The Discovery Client is a software package that you download from the Riverbed Cloud Portal and install
on the client or server in the cloud that is optimized.
When a client Steelhead connects to a server in the cloud, the Discovery Client redirects any auto-discovery
probe request to a Cloud Steelhead in its optimization group. Then, the client Steelhead discovers and starts
peering and optimizing with the Cloud Steelhead. After the auto-discovery process completes, the
connection is terminated locally with the Steelheads without going over the WAN.
When a client in the cloud connects to a server, the Discovery Client redirects any TCP connection to a Cloud
Steelhead in its optimization group. Then, the Cloud Steelhead sends an auto-discovery probe, discovers
the remote Steelhead, and starts peering and optimizing with it.
The Discovery Client provides the following features:
Optimization - The Discovery Client enables you to intercept (and optimize) inbound and outbound
connections from the cloud.
Auto-discovery - The Discovery Client enables Steelheads to automatically find Cloud Steelheads and
to optimize traffic through them. Auto-discovery relieves you of having to manually configure the
Steelhead appliances with fixed target rules to find the remote Cloud Steelhead.
Transparency - The Discovery Client enables the application on the server to continue to send and
receive data from the same client IP address (as if there was no Steelhead) so that logging, reporting, or
any feature that uses the IP address continues to work the same as before you configured the Steelhead.
Failure detection - The Discovery Client detects Cloud Steelhead failures and connectivity issues to the
Cloud Steelhead so that traffic can be passed through instead of being redirected to the failed Cloud
Steelhead.
Riverbed Cloud Services Deployment Guide
45
Using the Discovery Client
Installing the Discovery Client on Windows Server
Load balancing - The Discovery Client redirects all traffic to the Steelhead you select. If there are
multiple Steelheads in the group, the Discovery Client uses the Round Robin or Priority loadbalancing method to select a Steelhead. When the primary Steelhead is unavailable or over-loaded, it
redirects all new connections to the next Steelhead on the list.
Figure 3-1 shows an overview of the Discovery Client.
Figure 3-1. Discovery Client Overview
In Figure 3-1, the Discovery Client enables the client-side Steelhead and the server-side Steelhead in the
cloud to discover each other.
When the client connects to the server, the client-side Steelhead sends an auto-discovery probe to the server.
The Discovery Client redirects the auto-discovery probe to the Cloud Steelhead. The Cloud Steelhead sends
an auto-discovery probe response back to the Discovery Client, which sends it to the client-side Steelhead.
After the client-side Steelhead receives the probe response, it starts peering with the Cloud Steelhead to
intercept and optimize the connection from the client to the server.
The Discovery Client running on the server machine provides transparency by NATing packets between
the server-side Steelhead and the server to seem as if they are between the client and the server. Similarly,
it provides transparency for the client-side Steelhead in the cloud. The Discovery Client NATs outer
connection packets, between the client-side Steelhead in the cloud and the client in the cloud, on the client
machine to seem as if they are between the server and the client.
Installing the Discovery Client on Windows Server
You can download the Discovery Client from the Riverbed Cloud Portal and install it on a Windows server.
The Discovery Client supports the following Windows servers:
Windows server 2003 R2 - 32 bit and 64 bit
Windows server 2008 - 32 bit and 64 bit
Note: Riverbed does not support the Steelhead Mobile Client and the Discovery Client on the same Windows computer.
46
Riverbed Cloud Services Deployment Guide
Installing the Discovery Client on Windows Server
Using the Discovery Client
To install the Discovery Client on a Windows server
1. Connect to the Riverbed Cloud Portal and log in. For details, see “Connecting to the Riverbed Cloud
Portal” on page 14.
2. Choose Support > Downloads and click Download next to the Discovery Client package you want.
3. Log into the Windows server and double-click the executable file to display the Discovery Client
Installation Wizard.
Figure 3-2. Discovery Client Installation Wizard
4. Click Next to display the Discovery Client Installation Warning message.
Figure 3-3. Discovery Client Installation Warning
When you install, uninstall, or upgrade the Discovery Client on the Windows server, there is a
temporary loss of network connectivity. You should save your work and close any Windows program
that might be affected by the disruption before you continue.
5. Click Cancel to quit the program, or click Next to continue with the installation.
Riverbed Cloud Services Deployment Guide
47
Using the Discovery Client
Installing the Discovery Client on Linux Server
6. Read and accept the license agreement and click Next.
7. Select a folder in which the Discovery Client should be installed and click Next.
Figure 3-4. Select Destination Folder
8. Click Finish.
The Discovery Client starts automatically and the Riverbed icon appears on the system tray. If the icon
appears gray, it signifies that the Discovery Client service is just starting or has failed to start. If the
Discovery Client does not start, reboot the system and check that it starts after rebooting.
Installing the Discovery Client on Linux Server
After you download the Discovery Client from the Riverbed Cloud Portal, you can install it on a Linux
server.
The Discovery Client supports the follows Linux servers:
Centos 5.0, 5.2, 5.3, and 5.4 - 32 bit and 64 bit
Linux Ubuntu 8.04 and 10.04 - 32 bit and 64 bit
Linux Fedora (Fedora core 8) - 32 bit and 64 bit
To install the Discovery Client on a Linux server
1. Connect to the Riverbed Cloud Portal and log in. For details, see “Connecting to the Riverbed Cloud
Portal” on page 14.
2. Choose Support > Downloads and click Download next to the Discovery Client package you want.
3. Copy the downloaded tar file (Discovery Client package) to the Linux server and log into the server as
the root user.
4. Uncompress the tar file and extract its contents by entering the following command on the Linux
command line:
tar zxvf <filename>.tar.gz
48
Riverbed Cloud Services Deployment Guide
Configuring the Discovery Client
Using the Discovery Client
5. Follow the steps in the README file to install the Discovery Client on the Linux server.
Configuring the Discovery Client
You can configure the Discovery Client using the Riverbed Cloud Portal.
To configure the Discovery Client
1. Log in to the Riverbed Cloud Portal.
2. Choose Support > Downloads and click Download next to the Discovery Client package you want.
3. Install the Discovery Client package on your Windows or Linux server. For details, see “Installing the
Discovery Client on Windows Server” on page 46 or “Installing the Discovery Client on Linux Server”
on page 48.
4. Choose Manage > Optimization Groups in the Riverbed Cloud Portal to display the Manage
Optimization Groups page.
5. In the Manage Optimization Groups page, add a new optimization group or select an existing
optimization group to add the Discovery Client. For details, see “Managing Optimization Groups” on
page 35.
6. Add Cloud Steelheads and virtual servers to the optimization group. For details, see “Updating
Optimization Groups” on page 37.
7. Click the Group Members tab and click the name of the optimization group to display the optimization
group details page.
When you add a Cloud Steelhead or a virtual server to the optimization group, the portal
automatically generates a client ID and client key that identifies it. During provisioning, the portal
automatically enters the client ID and client key in the Cloud Steelhead. Copy the client ID and client
key from the optimization group member details page.
To associate a virtual server running the Discovery Client with the Cloud Steelhead in the same
optimization group, you must enter the Client ID and Client Key manually using the Discovery Client
Windows user interface or the Linux configuration script. For details, see “Configuring Discovery
Client on Windows” on page 49 or the README file on the Linux server.
The Cloud Steelhead and the virtual server use the Client ID and Client Key to identify themselves
when communicating with the Riverbed Cloud Portal. By default, the Discovery Client establishes
communication with the Riverbed Cloud Portal. However, if you are using a different portal, you must
configure the Discovery Client to communicate with your portal. If you are not using a portal at all,
configure this in the Discovery Client. For details, see the online help in the Discovery Client Windows
interface or the README file on the Linux server.
Configuring Discovery Client on Windows
You can configure the Discovery Client on Windows by updating the portal or Steelhead settings based on
the discovery mode you choose.
1. Log into your Windows server and double-click the Riverbed Discovery Client icon in the system tray.
Riverbed Cloud Services Deployment Guide
49
Using the Discovery Client
Configuring the Discovery Client
2. Click the Settings tab in the Discovery Client to display the Settings page.
Figure 3-5. Discovery Client Settings Page
50
Riverbed Cloud Services Deployment Guide
Configuring the Discovery Client
Using the Discovery Client
3. Click Configure to display the Configure Discovery Client page.
Figure 3-6. Configure Discovery Client—Use Riverbed Portal
The default Use Riverbed Portal mode is automatically selected.
4. Click Edit to display the Riverbed Portal Configuration dialog box.
Figure 3-7. Riverbed Portal Configuration Dialog Box
5. Specify the following parameters in the Riverbed Portal Configuration dialog box.
Parameter
Description
Client ID
Copy and paste the client ID from the Riverbed Cloud Portal.
Client Key
Copy and paste the client key from the Riverbed Cloud Portal
6. Click OK to apply your changes, or Cancel to cancel the operation and close the dialog box.
Riverbed Cloud Services Deployment Guide
51
Using the Discovery Client
Configuring Transparency Modes
Configuring Transparency Modes
The Discovery Client in the server provides transparency modes for client connections. You configure the
transparency mode in the Cloud Steelhead and it transmits it to the Discovery Client. The modes are:
Safe transparent - If the client is behind a NAT device, the client connection to the application server is
non-transparent—the application server sees the connection as a connection from the Cloud Steelhead
IP address and not the client IP address. All connections from a client that is not behind a NAT device
are transparent and the server sees the connection as a connection from the client IP address instead of
the Cloud Steelhead IP address.
Restricted transparent - All client connections are transparent with the following restrictions:
–
If the client connection is from a NATed network, the application server sees the private IP address
of the client.
–
You can use this mode only if there is no conflict between the private IP address ranges (there are
no duplicate IP addresses) and ports.
This is the default mode.
52
Non-transparent - All client connections are non-transparent—the application server sees the
connections from the server-side Steelhead IP address and not the client IP address. Riverbed
recommends that you use this mode as the last option.
Riverbed Cloud Services Deployment Guide
CHAPTER 4
Using the Amazon Public and Private
Clouds
This chapter provides an overview of the Amazon public and private clouds. It includes the following
section:
“Overview of the Amazon Public Cloud” on page 53
“Overview of the Amazon Private Cloud” on page 54
Overview of the Amazon Public Cloud
Figure 4-1 shows a network using the Amazon public cloud. Amazon Elastic Compute Cloud (EC2) is a web
service that enables you to launch and manage server instances in Amazon's data centers using APIs or
tools and utilities. You can use Amazon EC2 server instances at any time, for as long as you need, and for
any legal purpose. For details on Amazon EC2, go to http://docs.amazonwebservices.com.
In this network, a Steelhead connects to the WAN through a NATed router. On the other side of the WAN,
there is another NATed router that connects to the Cloud Steelhead and server. This network supports client
connection only on the side where the customer is located.
You can access the instances launched in the public EC2 from any location on the Internet.
Figure 4-1. Amazon Public Cloud Network
Riverbed Cloud Services Deployment Guide
53
Using the Amazon Public and Private Clouds
Overview of the Amazon Private Cloud
Overview of the Amazon Private Cloud
Figure 4-2 shows a network using the Amazon Virtual Private Cloud (VPC). Amazon VPC is a simple
service that enables you to use your own isolated resources (such as EC2 instances) within the AWS cloud,
and then connect those resources directly to your own data center using industry-standard encrypted IPsec
VPN connections. Amazon VPC provides end-to-end network isolation by using an IP address range that
you specify, and routing all network traffic between your VPC and your data center through the VPN
connection. This allows you to leverage your pre-existing security infrastructure, such as firewalls and
intrusion detection systems, to inspect network traffic going to and from a VPC.
You create an Amazon VPC by first defining its IP address space. The IP addresses in this address space are
private and form a network that is isolated at a packet-routing level from any other network, including the
Internet.
You then create subnets, which are segments of a VPC's IP address space. These let you separate the isolated
resources (such as Amazon EC2 instances) in the VPC based on security and operational requirements. If
you create more than one subnet in a VPC, they are attached to each other by a logical router, in a star
topology.
To connect to a VPC, you create a VPN connection, which is a VPN tunnel between a VPC and a data center,
home network, or co-location facility. You configure your existing network to route all VPC-bound traffic
to the customer gateway that anchors your end of the VPN connection.
With a VPN connection established, you can launch Amazon EC2 instances into a VPC’s subnets; with the
appropriate security policy, these instances now appear on your existing network.
VPC traffic bound for the Internet is routed over the VPN to your existing network, where it can be
examined by pre-existing network security services, such as firewalls and intrusion detection systems,
before exiting your existing network perimeter to the Internet. This is particularly valuable if you are using
specialized network appliances and software to enforce security policies.
For details on Amazon VPC, go to http://docs.amazonwebservices.com.
In the network shown in Figure 4-2, there is no NAT device between your network and the Amazon VPC.
This network supports client and server on either side.
You can access instances launched in a VPC only from the corporate network connected to the VPN.
Figure 4-2. Amazon Virtual Private Cloud Network
54
Riverbed Cloud Services Deployment Guide
APPENDIX A
Provisioning an AWS Cloud
Steelhead Manually
This appendix describes how to provision a Cloud Steelhead in the AWS cloud without using the Riverbed
Cloud Portal. You can choose a third-party tool such as ElasticFox to provision a Cloud Steelhead. For
Amazon AWS, EC2, and VPC documentation, go to http://aws.amazon.com/documentation/.
Basic Provisioning Steps
The following table lists the provisioning tasks.
Task
Reference
1.
Create the Elastic Block Store (EBS) volume
using a third-party tool such as ElasticFox
“Creating the EBS Volume” on page 55
2.
Select the Amazon Machine Image (AMI).
“Selecting the AMI” on page 56
3.
Launch an EC2 instance.
“Launching an EC2 Instance” on page 56
4.
Attach the EBS volume to the instance.
“Attaching the EBS Volume” on page 57
5.
Configure the Cloud Steelhead.
“Configuring the Cloud Steelhead” on page 57
6.
Control the Cloud Steelhead.
“Managing the Cloud Steelhead” on page 58
Creating the EBS Volume
The Elastic Block Store (EBS) volume consists of the Configuration Volume and the Datastore Volume.
Creating the Configuration Volume
You create at least one EBS volume for the Cloud Steelhead. The volume that the Cloud Steelhead uses for
its configuration and logs is called Configuration Volume.
Riverbed Cloud Services Deployment Guide
55
Provisioning an AWS Cloud Steelhead Manually
Selecting the AMI
The following table lists the size requirements for the Configuration Volume.
Model
EBS Volume Size
CSH-250-H
10GB
All other models
30GB
Creating the Datastore Volume
If you want to store the datastore of the Cloud Steelhead in EC2 transient storage, then you do not need to
create any EBS volumes other than the Configuration Volume. This configuration, called the Local
Datastore, provides the transient storage with the EC2 Instance as standard—there are no extra AWS
charges. However, the disadvantage of the Local Datastore mode is that the Cloud Steelhead reverts to the
cold state whenever you terminate the Cloud Steelhead EC2 instance.
Storing the datastore volume on an EBS volume overcomes this disadvantage. But EBS storage, while lowcost, is not free and will incur extra AWS charges. If you want to store the datastore on a persistent EWS
volume, you must create a second volume that is 400GB in size. This configuration is known as Persistent
Datastore. You must create the datastore zone within the same availability zone as the Configuration
Volume.
You must also choose the Linux device node to which you want to attach the volume. You can choose any
device node that the AWS cloud supports for EBS volume attachment except /dev/sdk because it is
reserved for use by the Configuration Volume. /dev/sdm is a good choice for the datastore volume.
Selecting the AMI
Choose the AMI you want to launch based on the following factors:
Cloud Steelhead software version you want to run.
Cloud Steelhead model you want to provision.
AWS Region in which you want to provision.
After you determine these factors, contact Riverbed Technical Support (at https://support.riverbed.com)
for the correct AMI ID. You must provide your AWS credentials to Riverbed Technical Support to ensure
that you can use your AWS account credentials to launch the AMI.
Launching an EC2 Instance
After you obtain the AMI ID, launch an EC2 instance using the AMI in the same availability zone as the
Configuration Volume. Specify a Security Group, Key Pair, and VPC depending on your configuration in
the AWS cloud.
Cloud Steelhead AMIs support the following EC2 launch parameters.
Parameter
Purpose
lshost
Fully qualified domain name of the licensing server.
rvbd_dshist
Fully qualified domain name of the discovery server.
56
Riverbed Cloud Services Deployment Guide
Attaching the EBS Volume
Provisioning an AWS Cloud Steelhead Manually
Parameter
Purpose
password
A password in hashed form. The system sets the hash value as the
password for the admin account during the first boot of the Cloud
Steelhead. It ignores the value during subsequent boots.
lott
One-time token used to redeem the license.
ds
The device node in which the datastore EBS volumes appear.
If you are using an EBS datastore, all of these parameters are mandatory; otherwise, they are optional.
Example
For example, if you want to launch a Cloud Steelhead with the following settings:
Setting
Example value
Licensing server
cloudportal.riverbed.com
Discovery server
discovery.riverbed.com
Password
thepassword that in hashed form is $1$xcuHq/$a/
qZ8zGpzy.NHsKjJ8Yla.
One-time-token
fefe96dc-5154-48bc-96a6-db87219a7a15
EBS datastore node
/dev/sdm
Enter the following EC2 launch parameters in the tool (such as ElasticFox) which you use to provision the
Cloud Steelhead:
lshost=cloudportal.riverbed.com
rvbd_dshost=discovery.riverbed.com
lott=fefe96dc-5154-48bc-96a6-db87219a7a15
ds=/dev/sdm
passwd=$1$xcuHq/$a/qZ8zGpzy.NHsKjJ8Yla.
You can enter the parameters in any order, but each parameter must be on a separate line and appear only
once.
Attaching the EBS Volume
After the EC2 instance state is Running, attach the Configuration Volume using /dev/sdk as the device
node.
If you are using a Persistent Datastore, attach the datastore volume using the node specified through the
launch parameters.
Configuring the Cloud Steelhead
After the Cloud Steelhead has fully started, you might need further configuration.
If you did not specify the licensing server, discovery server, and one-time-token through the EC2 launch
parameters, you must specify them using the Cloud Steelhead CLI. For details, see Riverbed Command-Line
Interface Reference Manual.
Riverbed Cloud Services Deployment Guide
57
Provisioning an AWS Cloud Steelhead Manually
Managing the Cloud Steelhead
Managing the Cloud Steelhead
You can stop, start, or deprovision the Cloud Steelhead in the AWS cloud.
Stopping the Cloud Steelhead
To stop the Cloud Steelhead, simply stop the associated EC2 instance.
Starting the Cloud Steelhead
To start the Cloud Steelhead, launch a new EC2 instance using the same AMI and launch parameters and
re-attach the Configuration Volume to /dev/sdk. If your Cloud Steelhead uses a persistent datastore, you
must also attach the Datastore Volume to the selected device node.
Deprovisioning the Cloud Steelhead
To deprovision the Cloud Steelhead, stop the EC2 instance and delete the configuration volume and all
datastore volumes.
58
Riverbed Cloud Services Deployment Guide
Index
A
About this guide 1
Account information, managing 19
Add New Optimization Group dialog
box 36
Admin Password 26
Amazon cloud 6
Amazon Machine Instance 7
selecting 56
Amazon public cloud 53
Amazon regions 7
Amazon Virtual Private Cloud, overview 54
Amazon Web Services 7
AMI. See Amazon Machine Instance
Appliance
cloud 34
deprovisioning 28
description 35
license 34
name 34
starting 27
state 34
stopping 28
updating 27
uptime 34
Appliance name 25
Appliance Summary page, viewing 26
Architecture 29
Auto-discovery 45
Availability zone 25
AWS Details page, viewing 28
AWS. See Amazon Web Services
C
Change password 19
Client ID 22
Cloud 34
Cloud resource requirements 2
Cloud services
overview 5
types of 5
Cloud Steelhead 6
configuring 43
configuring manually 57
creation time 28
deprovisioning 58
description 25, 27
key pair 29
Riverbed Cloud Services Deployment Guide
license 27
managing 58
name 25, 27
private DNS name 29
private IP address 29
provisioning 24
provisioning manually 55
public DNS name 29
public IP address 29
security groups 29
starting 58
state 27
stopping 58
uptime 28
version 25, 27
zone 25, 29
Configuration Volume 55
Configuration volume 29
Configuring
Cloud Steelheads 43
Discovery Client 49
Riverbed Cloud Portal 18
transparency modes 52
Contacting Riverbed 4
Creation time 28
Custom Rules 31
adding 33
deleting 33
Customer branch 7
D
Data center 7
Datastore Volume 56
Datastore volume 29
Delete Group 38, 39
Deployment
basic steps 10
supported 8
Deprovision Appliance 28
Deprovisioning, Cloud Steelhead 58
Description, Cloud Steelhead 25, 27
Description, Riverbed appliance 35
Discovered Appliances report 41
viewing 41
Discovery Client 7
configuring 49
installing on Linux server 48
installing on Windows server 46
59
Index
overview 45
Discovery Service Rules 31
deleting 32
Document conventions 1
Documentation, contacting 4
Downloading, software 43
ds 57
E
EBS Volume 55
attaching 57
EBS. Elastic Block Store
EC2
instance, launching 56
launch parameters 57
EC2. See Elastic Compute Cloud
Elastic Block Store 8, 55
Elastic Compute Cloud 7, 53
Event History report, viewing 42
F
Failure detection 45
FromPort 32, 33
G
Get My Host Address 33
Group 42
H
Home page 15
Hybrid clouds 5
I
In-path rules 43
Installing
Discovery Client on Linux server 48
Discovery Client on Windows server 46
Instance type 29, 42
Internal IP 42
K
Key pair 26, 29
Knowledge base, accessing 4
L
Last checkout 22
Last known Instance ID 29
Launch Steelhead Instance dialog box 25
Launching, EC2 instance 56
License 27, 34
managing 20
obtaining details 21
serial number 21, 22
type 21
Load balancing 46
Logout 18
lott 57
lshost 56
M
Managing
account information 19
licenses 20
optimization groups 35
Riverbed appliances 34
security groups 30
60
Manual provisioning, Cloud
Steelhead 55
Menus
displaying 16
summary of 17
N
Name, discovered appliance 42
Name, Riverbed appliance 34
Non-transparent mode 52
O
Obtaining Support 43
One time token 22
state 22
Online documentation, accessing 3
Optimization 45
Optimization group 15
adding new 36
deleting 38, 39
description 36, 38
managing 35
name 36
updating 37
Optimization group member
name 39
Out-of-path rules 43
P
Password
changing 19
EC2 instance 57
Policy 32, 33
Portal news 15
Printing pages and reports 17
Priority 36
Private clouds 5
Private DNS name 29
Private IP address 29
Product type 22
Professional services, contacting 4
Protocol 33
Protocol, Custom Rules 33
Protocol, Discovery Service Rules 32
Provisioning steps, manual 55
Provisioning, Cloud Steelhead 24
Public clouds 5
Public DNS name 29
Public IP address 29, 42
R
Ranking license 21
Recent events 16
Region 7, 25
Release notes 3
Reports, viewing 41
Restricted transparent mode 52
Riverbed appliances 15
managing 34
Riverbed Cloud Portal 6
configuring 18
connecting to 14
navigating 16
using 14
Riverbed cloud services, features 7
Index
Index
Riverbed Support, contacting 43
Round Robin 35, 37, 38
rvbd_dshist 56
S
Safe transparent mode 52
Security groups 29
managing 30
Software, upgrading 35
Source IP 33
Source node 32, 33
SSH key pair 26
Start Appliance 27
Starting
Cloud Steelhead 58
State, Cloud Steelhead 27
State, license 21, 22
State, Riverbed appliance 34
Steelhead load balance policy
Priority 36
Round Robin 35, 37, 38
Stop Appliance 28
Stopping, Cloud Steelhead 58
Subnet 26, 29
Support
downloading 43
help 43
news 43
obtaining 43
System, logging out of 18
T
Technical support, contacting 4
ToPort 32, 33
Transparency 45
Transparency modes, configuring 52
U
Update Appliance 27
Updating optimization groups 37
Upgrading software 35
Uptime 28, 34
V
Version, Cloud Steelhead 25, 27
Version, RiOS 21
Viewing
Discovered Appliances report 41
Event History report 42
reports 41
Virtual Private Cloud 7, 54
subnet 26
VPC. See Virtual Private Cloud
Z
Zone, Amazon 7, 29
Zone, availability 25
Riverbed Cloud Services Deployment Guide
61
Index
62
Index
© Copyright 2026 Paperzz