{"id":13014,"date":"2020-01-20T10:52:44","date_gmt":"2020-01-20T10:52:44","guid":{"rendered":"http:\/\/stblog.lunaeme.com\/?p=13014"},"modified":"2023-09-20T15:45:25","modified_gmt":"2023-09-20T15:45:25","slug":"vyos-ha-in-aws","status":"publish","type":"post","link":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/","title":{"rendered":"VyOS HA in AWS"},"content":{"rendered":"

TL;DR<\/h2>\n

This post shows how to solve a recurrent problem when using highly-available virtual routers in AWS: floating IPs.<\/p>\n

This approach uses a python script for the new master router to claim an EC2 Secondary private IP in the failovering transition.<\/p>\n

<\/p>\n

Motivation<\/h2>\n

For certain AWS architectures we need to deploy a managed virtual router (EC2 instance) to handle tunneling termination, BGP sessions, NATing, etc. In a production environment, High Availability for these network functions is clearly a must, so the services have a minimal impact in case one of the routers fails.<\/p>\n

I\u2019ve chosen VyOS<\/a> for this scenario since it is an open-sourced fork of Vyatta<\/a>. VyOS is an Operating System for network appliances with multiple capabilities such as routing, firewalling, vpn, vxlan, BGP peering, etc., which allows it to be used in projects with managed infrastructure. It is worth mentioning its easy-to-use command-line interface and extensive documentation.<\/p>\n

Another added complexity we can find in these kinds of deployments is the fact that AWS does not support<\/a> multicast traffic.<\/p>\n

Architecture<\/h2>\n

A specific problem I\u2019ve faced when designing a solution with managed routers in AWS was a NATed outgoing traffic from the on-premises private environment with the BGP sessions.<\/p>\n

To replicate this scenario, I\u2019ve set up a first tunnel against AWS infrastructure, and a second one between an on-premise VyOS router (shown without HA to simplify the diagram) and the highly-available AWS counterpart.<\/p>\n

 \"\"<\/span><\/p>\n

VIPA in AWS<\/h2>\n

For a regular active\/passive cluster configuration like this one, we will need, apart from the routers\u2019 IPs, a virtual IP address to float between them in a failover scenario.<\/p>\n

AWS doesn\u2019t provide this kind of floating IPs, but all the IPs in the VPC range must be assigned to an EC2 instance.<\/p>\n

To solve this problem, I\u2019ve created a script (vrrp-master.py) to be configured in both routers, which will claim (reassign to self) the IP designed as VIPA during failovering.<\/p>\n

This script manages the VIPA assignment automatically, so any manual assignment of this IP is strictly discouraged in order to avoid any human error (like forgetting to allow re-assignation).<\/p>\n

Considerations<\/h2>\n

Because this script uses the boto3<\/a> python module (Amazon Web Services SDK for Python), we must install it in the VyOS router:<\/p>\n

echo \"deb http:\/\/ftp.de.debian.org\/debian\/ jessie main contrib non-free\" > \/etc\/apt\/sources.list\napt-get update && apt-get -y install python-pip && pip install boto3\n<\/pre>\n
Since there is already a private connectivity between the on-premise facilities and AWS (using a Customer Gateway attached to a Transit Gateway), we don’t want to assign a public IP to the EC2 instances. Therefore, we create an EC2 VPC Endpoint (e.g. com.amazonaws.eu-central-1.ec2<\/em>) making sure that the “Private DNS Name” is enabled, so that the endpoint will be resolved as a VPC private IP.<\/p>\n
Currently, the STS (Security Token Service) only allows the creation of a VPC Endpoint for the Oregon region (com.amazonaws.us-west-2.sts<\/em>), so if we want to use STS roles in another region, routers must have internet access (not really an option for production environments). To overcome this, we created a user with the following policy directly attached (limited to the “vyos-ha” user and VPC \u201cvpc-0a6f6a161f5ae1fc2\u201d):<\/p>\n
{\n   \"Version\": \"2012-10-17\",\n   \"Statement\": [\n    \t{\n           \"Sid\": \"VisualEditor0\",\n           \"Effect\": \"Allow\",\n           \"Action\": [\n           \"ec2:DescribeAddresses\",\n           \"ec2:DescribeInstances\",\n           \"ec2:AssignPrivateIpAddresses\"\n           ],\n           \"Resource\": \"*\",\n           \"Condition\": {\n            \t\"StringEquals\": {\n                 \"aws:username\": \"vyos-ha\",\n                 \"aws:SourceVpc\": \"vpc-0a6f6a161f5ae1fc2\"\n            \t}\n           }\n    \t}\n   ]\n}\n<\/pre>\n
Cluster<\/h2>\n
According to the VyOS website, this is the recommended method since it allows us to have a service as a cluster’s resource, associated with the VIPA.<\/p>\n
Unfortunately, the available VyOS version in the AWS Marketplace doesn’t allow unicast traffic in this mode:<\/p>\n
vyos@vyos-1# set cluster interface eth0 peer 100.80.33.249\n  Configuration path: cluster interface eth0 [peer] is not valid\n  Set failed\n[edit]\nvyos@vyos-1#\n<\/pre>\n
VRRP<\/h2>\n
Luckily, unicast traffic for VRRP is implemented<\/a> for the VyOS version in AWS.<\/p>\n
Here is the VRRP configuration for both routers:<\/p>\n
set high-availability vrrp group vyos-aws vrid 10\nset high-availability vrrp group vyos-aws interface eth0\nset high-availability vrrp group vyos-aws virtual-address \/\nset high-availability vrrp group vyos-aws priority 200\nset high-availability vrrp group vyos-aws no-preempt\nset high-availability vrrp group vyos-aws peer-address \nset high-availability vrrp group vyos-aws hello-source-address \nset high-availability vrrp group vyos-aws transition-script master \"\/config\/scripts\/vrrp-master.py \"<\/pre>\n
Verifying the configuration<\/h2>\n
To check the VRRP status we can use this command: <\/span><\/p>\n
vyos@vyos-1$ show vrrp\nName  \tInterface  \tVRID  State\tLast Transition\n--------  -----------  ------  -------  -----------------\nvyos-aws  eth0         \t10  MASTER   6s\nvyos@vyos-1$\n<\/pre>\n
To test the failover, we can restart the MASTER node:<\/p>\n
vyos@vyos-1$ reboot backup\nAre you sure you want to reboot this system? [y\/N] y<\/pre>\n
Once the master node is powered off, the slave will become the new master and the mentioned script will claim the VIPA to the EC2 VPC Endpoint:<\/p>\n
\"\"<\/p>\n
When the previous stage finishes, the VIPA (100.80.33.100 in the example) will show up configured as the Secondary IP from the eth0 NIC:<\/span><\/p>\n
\"\"
\nThis can be verified listing the eth0 interface within the router:<\/span><\/p>\n
vyos@vyos-2# ip address list eth0\n2: eth0: <broadcast,multicast,up,lower_up>mtu 1300 qdisc mq state UP group default qlen 1000\n\tlink\/ether 0a:bf:ab:a6:ff:68 brd ff:ff:ff:ff:ff:ff\n\tinet 100.80.33.158\/24 brd 100.80.33.255 scope global eth0\n   \tvalid_lft forever preferred_lft forever\n\tinet 100.80.33.100\/24 scope global secondary eth0\n   \tvalid_lft forever preferred_lft forever\n\tinet6 fe80::8bf:abff:fea6:ff68\/64 scope link\n   \tvalid_lft forever preferred_lft forever\nvyos@vyos-2#<\/broadcast,multicast,up,lower_up><\/pre>\n
In the AWS console, we can also see the VIPA at the new MASTER\u2019s \u201cSecondary private IP\u201d field (EC2 instance, Description tab):<\/p>\n
\"\"<\/p>\n
vrrp-master.py<\/h2>\n
You can use this simple script to claim the VIPA (it must be scp\u2019ed to both nodes with exec permissions).<\/p>\n
#!\/usr\/bin\/python\n\nimport boto3\nimport os,sys\nfrom botocore.exceptions import ClientError\n\ndef reassign_addr(nic, ip):\n  try:\n    print(\"Assigning IP \", ip,\" to NIC \", nic[\"NetworkInterfaceId\"])\n    response = ec2client.assign_private_ip_addresses(\n      NetworkInterfaceId = nic[\"NetworkInterfaceId\"],\n      AllowReassignment = True,\n      PrivateIpAddresses = [\n        ip,\n      ],\n    )\n    print(response)\n  except ClientError as e:\n    print(e)\n\ndef get_iface(instance):\n  if instance.get(\"NetworkInterfaces\", False):\n\t# VyOS instance have only one NIC\n\treturn instance[\"NetworkInterfaces\"][0]\n\ndef get_instance(response, instance_id):\n  for reservation in response[\"Reservations\"]:\n    for instance in reservation[\"Instances\"]:\n      if instance[\"InstanceId\"] == instance_id:\n        return instance\n\nif len(sys.argv) != 5:\n  print(\"This script expects the VIPA as argument.\")\n  sys.exit(2)\nvipa = sys.argv[1]\n\n# Set credentials and config files path\n\nos.environ[\"AWS_SHARED_CREDENTIALS_FILE\"] = \"\/root\/.aws\/credentials\"\nos.environ[\"AWS_CONFIG_FILE\"] = \"\/root\/.aws\/config\"\n\nsession = boto3.session.Session()\nec2client = session.client('ec2', region_name = 'eu-central-1')\nresponse = ec2client.describe_instances()\n\nwith open('\/run\/cloud-init\/.instance-id', 'r') as instance_file:\n  my_instance_id=instance_file.read().replace('\\n', '')\n\ninstance = get_instance(response, my_instance_id)\niface = get_iface(instance)\nreassign_addr(iface, vipa)\n<\/pre>\n
Conclusions<\/h2>\n
We’ve seen how to get around an AWS limitation when deploying a highly-available VyOS router.<\/p>\n
Since AWS doesn\u2019t provide floating IPs, the VIPA failover is done using the python\u2019s SDK and a user with a restrictive policy. We couldn\u2019t use STS since the VPC Endpoint is not available outside Oregon\u2019s region and communication with routers directly from the internet is unacceptable.<\/p>\n
Unfortunately, we cannot use the VyOS cluster mode since it is currently not supported in the latest AWS AMI version, so we have opted to use VRRP unicast instead.<\/p>\n
Both routers were deployed with the VyOS AMI, so we need to install the boto3 module beforehand. This can be done connecting them to an Internet Gateway (test) or downloading the packages from a private and secured packages repository (prod).<\/p>\n
That\u2019s all for now, I hope you\u2019ve enjoyed it and if you have any trouble testing or deploying this architecture, feel free to leave a question in the comments section.<\/p>\n
[\/et_pb_text][\/et_pb_column][et_pb_column type=”1_4″][et_pb_sidebar area=”sidebar-1″ orientation=”left” remove_border=”off” background_layout=”light” show_border=”on” \/][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"
Discover how to solve the recurrent problem of floating IPs when using highly-available virtual routers in AWS. This approach will show how the new master router can claim an EC2 Secondary private IP in the failovering transition.<\/p>\n","protected":false},"author":1,"featured_media":13513,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[686],"tags":[534],"ppma_author":[795],"yoast_head":"\nNetworks - VyOS - AWS<\/title>\n<meta name=\"description\" content=\"Discover how to solve the recurrent problem of floating IPs when using highly-available virtual routers in AWS. This approach will show how the new master router can claim an EC2 Secondary private IP in the failovering transition.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"VyOS HA in AWS\" \/>\n<meta property=\"og:description\" content=\"Discover how to solve the recurrent problem of floating IPs when using highly-available virtual routers in AWS. This approach will show how the new master router can claim an EC2 Secondary private IP in the failovering transition.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/\" \/>\n<meta property=\"og:site_name\" content=\"Stratio\" \/>\n<meta property=\"article:published_time\" content=\"2020-01-20T10:52:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-09-20T15:45:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.stratio.com\/blog\/wp-content\/uploads\/2020\/01\/VyOS-HA-in-AWS.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1300\" \/>\n\t<meta property=\"og:image:height\" content=\"820\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Stratio\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@stratiobd\" \/>\n<meta name=\"twitter:site\" content=\"@stratiobd\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Stratio\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/\"},\"author\":{\"name\":\"Stratio\",\"@id\":\"https:\/\/www.stratio.com\/blog\/#\/schema\/person\/d0377b199cd052b17e15c9ba44c45ab7\"},\"headline\":\"VyOS HA in AWS\",\"datePublished\":\"2020-01-20T10:52:44+00:00\",\"dateModified\":\"2023-09-20T15:45:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/\"},\"wordCount\":920,\"publisher\":{\"@id\":\"https:\/\/www.stratio.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.stratio.com\/blog\/wp-content\/uploads\/2020\/01\/VyOS-HA-in-AWS.jpg\",\"keywords\":[\"Cloud\"],\"articleSection\":[\"Product\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/\",\"url\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/\",\"name\":\"Networks - VyOS - AWS\",\"isPartOf\":{\"@id\":\"https:\/\/www.stratio.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.stratio.com\/blog\/wp-content\/uploads\/2020\/01\/VyOS-HA-in-AWS.jpg\",\"datePublished\":\"2020-01-20T10:52:44+00:00\",\"dateModified\":\"2023-09-20T15:45:25+00:00\",\"description\":\"Discover how to solve the recurrent problem of floating IPs when using highly-available virtual routers in AWS. This approach will show how the new master router can claim an EC2 Secondary private IP in the failovering transition.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#primaryimage\",\"url\":\"https:\/\/www.stratio.com\/blog\/wp-content\/uploads\/2020\/01\/VyOS-HA-in-AWS.jpg\",\"contentUrl\":\"https:\/\/www.stratio.com\/blog\/wp-content\/uploads\/2020\/01\/VyOS-HA-in-AWS.jpg\",\"width\":1300,\"height\":820},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.stratio.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"VyOS HA in AWS\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.stratio.com\/blog\/#website\",\"url\":\"https:\/\/www.stratio.com\/blog\/\",\"name\":\"Stratio Blog\",\"description\":\"Corporate blog\",\"publisher\":{\"@id\":\"https:\/\/www.stratio.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.stratio.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.stratio.com\/blog\/#organization\",\"name\":\"Stratio\",\"url\":\"https:\/\/www.stratio.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.stratio.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/stratio.com\/blog\/wp-content\/uploads\/2020\/06\/stratio-web-logo-1.png\",\"contentUrl\":\"https:\/\/stratio.com\/blog\/wp-content\/uploads\/2020\/06\/stratio-web-logo-1.png\",\"width\":260,\"height\":55,\"caption\":\"Stratio\"},\"image\":{\"@id\":\"https:\/\/www.stratio.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/stratiobd\",\"https:\/\/es.linkedin.com\/company\/stratiobd\",\"https:\/\/www.youtube.com\/c\/StratioBD\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.stratio.com\/blog\/#\/schema\/person\/d0377b199cd052b17e15c9ba44c45ab7\",\"name\":\"Stratio\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.stratio.com\/blog\/#\/schema\/person\/image\/bb38888f58c2bb664646155f78ae6ccc\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e3387ad00609f34a56d6796400eb8191?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e3387ad00609f34a56d6796400eb8191?s=96&d=mm&r=g\",\"caption\":\"Stratio\"},\"description\":\"Stratio guides businesses on their journey through complete #DigitalTransformation with #BigData and #AI. Stratio works worldwide for large companies and multinationals in the sectors of banking, insurance, healthcare, telco, retail, energy and media.\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Networks - VyOS - AWS","description":"Discover how to solve the recurrent problem of floating IPs when using highly-available virtual routers in AWS. This approach will show how the new master router can claim an EC2 Secondary private IP in the failovering transition.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/","og_locale":"en_US","og_type":"article","og_title":"VyOS HA in AWS","og_description":"Discover how to solve the recurrent problem of floating IPs when using highly-available virtual routers in AWS. This approach will show how the new master router can claim an EC2 Secondary private IP in the failovering transition.","og_url":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/","og_site_name":"Stratio","article_published_time":"2020-01-20T10:52:44+00:00","article_modified_time":"2023-09-20T15:45:25+00:00","og_image":[{"width":1300,"height":820,"url":"https:\/\/www.stratio.com\/blog\/wp-content\/uploads\/2020\/01\/VyOS-HA-in-AWS.jpg","type":"image\/jpeg"}],"author":"Stratio","twitter_card":"summary_large_image","twitter_creator":"@stratiobd","twitter_site":"@stratiobd","twitter_misc":{"Written by":"Stratio","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#article","isPartOf":{"@id":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/"},"author":{"name":"Stratio","@id":"https:\/\/www.stratio.com\/blog\/#\/schema\/person\/d0377b199cd052b17e15c9ba44c45ab7"},"headline":"VyOS HA in AWS","datePublished":"2020-01-20T10:52:44+00:00","dateModified":"2023-09-20T15:45:25+00:00","mainEntityOfPage":{"@id":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/"},"wordCount":920,"publisher":{"@id":"https:\/\/www.stratio.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#primaryimage"},"thumbnailUrl":"https:\/\/www.stratio.com\/blog\/wp-content\/uploads\/2020\/01\/VyOS-HA-in-AWS.jpg","keywords":["Cloud"],"articleSection":["Product"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/","url":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/","name":"Networks - VyOS - AWS","isPartOf":{"@id":"https:\/\/www.stratio.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#primaryimage"},"image":{"@id":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#primaryimage"},"thumbnailUrl":"https:\/\/www.stratio.com\/blog\/wp-content\/uploads\/2020\/01\/VyOS-HA-in-AWS.jpg","datePublished":"2020-01-20T10:52:44+00:00","dateModified":"2023-09-20T15:45:25+00:00","description":"Discover how to solve the recurrent problem of floating IPs when using highly-available virtual routers in AWS. This approach will show how the new master router can claim an EC2 Secondary private IP in the failovering transition.","breadcrumb":{"@id":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#primaryimage","url":"https:\/\/www.stratio.com\/blog\/wp-content\/uploads\/2020\/01\/VyOS-HA-in-AWS.jpg","contentUrl":"https:\/\/www.stratio.com\/blog\/wp-content\/uploads\/2020\/01\/VyOS-HA-in-AWS.jpg","width":1300,"height":820},{"@type":"BreadcrumbList","@id":"https:\/\/www.stratio.com\/blog\/vyos-ha-in-aws\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.stratio.com\/blog\/"},{"@type":"ListItem","position":2,"name":"VyOS HA in AWS"}]},{"@type":"WebSite","@id":"https:\/\/www.stratio.com\/blog\/#website","url":"https:\/\/www.stratio.com\/blog\/","name":"Stratio Blog","description":"Corporate blog","publisher":{"@id":"https:\/\/www.stratio.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.stratio.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.stratio.com\/blog\/#organization","name":"Stratio","url":"https:\/\/www.stratio.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.stratio.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/stratio.com\/blog\/wp-content\/uploads\/2020\/06\/stratio-web-logo-1.png","contentUrl":"https:\/\/stratio.com\/blog\/wp-content\/uploads\/2020\/06\/stratio-web-logo-1.png","width":260,"height":55,"caption":"Stratio"},"image":{"@id":"https:\/\/www.stratio.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/stratiobd","https:\/\/es.linkedin.com\/company\/stratiobd","https:\/\/www.youtube.com\/c\/StratioBD"]},{"@type":"Person","@id":"https:\/\/www.stratio.com\/blog\/#\/schema\/person\/d0377b199cd052b17e15c9ba44c45ab7","name":"Stratio","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.stratio.com\/blog\/#\/schema\/person\/image\/bb38888f58c2bb664646155f78ae6ccc","url":"https:\/\/secure.gravatar.com\/avatar\/e3387ad00609f34a56d6796400eb8191?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e3387ad00609f34a56d6796400eb8191?s=96&d=mm&r=g","caption":"Stratio"},"description":"Stratio guides businesses on their journey through complete #DigitalTransformation with #BigData and #AI. Stratio works worldwide for large companies and multinationals in the sectors of banking, insurance, healthcare, telco, retail, energy and media."}]}},"authors":[{"term_id":795,"user_id":1,"is_guest":0,"slug":"stratioadmin","display_name":"Stratio","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/e3387ad00609f34a56d6796400eb8191?s=96&d=mm&r=g","0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/posts\/13014"}],"collection":[{"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/comments?post=13014"}],"version-history":[{"count":92,"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/posts\/13014\/revisions"}],"predecessor-version":[{"id":13514,"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/posts\/13014\/revisions\/13514"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/media\/13513"}],"wp:attachment":[{"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/media?parent=13014"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/categories?post=13014"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/tags?post=13014"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.stratio.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=13014"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}