Skip to main content
McAfee Enterprise MVISION Cloud

Deploy GCP POP in new Infrastructure

Prerequisites

Before the POP Deployment, ensure that the following are completed:

  • Create GCP Storage bucket with required permissions. 
  • Upload Infrastructure.tarPoPDeployment.tar to the GCP storage bucket. 
  • Create Compute engine Service Account for POP services with storage access. 
  • Create the Public key to access the POP instance which will be deployed.

Deploying a POP 

Once you've finished the prerequisites, you can deploy the POP.

The following are configured as part of the POP deployment:

  • VPC Network (Virtual Private Cloud Network): A virtual network dedicated to the account.  
  • Subnet: Subnet within Virtual Network to configure POP infrastructure. 
  • NAT (Network Address Translation) Gateway: GCP service to provide outbound internet connectivity for subnet in VPC network. 
  • VM Instances: Virtual server to run the application with the given virtual machine size, username and authentication type. 
  • Internal Load balancers: To route incoming traffic across multiple targets. Firewall rules are added. 
  • File Store: File storage account to store logs of POP services present in virtual machine and Auto scaling groups within and across multiple Availability zones 
  • Autoscaling: To provide and manage the load-balanced secondary virtual machine instances based on Node parameter. 

Step 1 : Download the POP Deployment Package 

  1. Log in to MVISION Cloud.
  2. Go to Service Management > Google Cloud Platform and then choose a registered GCP account.
  3. In the Overview section, click Deploy New POP.
  4. Click Download Deployment package and download the package.

The downloaded POP Deployment package contains the installation files to deploy the POP and the required artifacts for the POP to communicate with MVISION Cloud. The Package is valid for seven days after it is downloaded from MVISION Cloud.

clipboard_eab31f07a22d63da94b3fd9c7378513b2.png

 

Step 2: Deploy the required Infrastructure through the Azure ARM template

The Infrastructure.tar is part of the POP Deployment Package (PopDeployment.tar), and contains the deployment script (deploy-prereq-pop.sh) to deploy the POP.

To create a GCP profile to bring up a POP:

  1. Execute the following command:

    sudo gcloud config set project <PROJECT-ID> 
     
  2. Copy the deployment script located in Infrastructure.tar using the following command:

    gsutil cp <path to deploy-prereq-pop.sh> deploy.sh 
     

     
  3. Copy the stored public key using the following command where key.txt is the public key present in the required GCP format:

     gsutil cp <path to key.txt> key.txt 
     
  4. Execute the following command with the respective values:

    bash deploy.sh --popname=<PoP_Name>  --zone= <ZONE> --region= <REGION> --account<Service Account Email> --infrapackage=<Infrastructure.tar path> --poppackage=<PoPDeployment.tar path> --nodes=1 --key-location="key.txt location" 
     

After launching the deployment, it takes about 20 minutes to deploy the POP. Your account updates in the POP Management page. 

clipboard_e21981382b804a02298273ae0682dad65.png

  • Was this article helpful?