Clustering lets you group multiple ASA Virtuals together as a single logical device. A cluster provides
all the convenience of a single device (management, integration into a network) while achieving the increased
throughput and redundancy of multiple devices. You can deploy ASA Virtual Clusters in a public
cloud using Amazon Web Services (AWS). Only routed firewall mode is supported.
From release 9.22 onwards, Cluster deployment in multiple availability zones is supported.
Clone the repository 'cisco-asav' to your local environment. Navigate to - cisco-asav/cluster/aws for the required content
The cluster_layer.zip can be created on an Amazon Linux VM, with Python 3.9 installed. We recommed
creating an EC2 instance using Amazon Linux 2023 AMI or use AWS Cloudshell, which runs the latest version of Amazon Linux.
For creating the cluster-layer.zip file, you need to first create requirements.txt file that consists of the python library package details and then run the shell script.
(1) Create the requirements.txt file by specifying the python package details.
$ cat requirements.txt
pycryptodome
paramiko
requests
scp
jsonschema
cffi
zipp
importlib-metadata(2) Run the following commands to create cluster_layer.zip file.
$ pip3 install --platform manylinux2014_x86_64
--target=./python/lib/python3.9/site-packages
--implementation cp --python-version 3.9 --only-binary=:all:
--upgrade -r requirements.txt
$ zip -r cluster_layer.zip ./pythonNOTE: If you encounter a dependency conflict during installation, such as for packages urllib3 or cryptography, it is recommended that you include the conflicting packages along with their recommended versions in the requirements.txt file. After that, you can run the installation again to resolve the conflict.
(3) Copy the resultant cluster_layer.zip file to the directory 'lambda-python-files' present in the cloned repository.
A make.py file can be found in the cloned repository top directory. Running this will Zip the python files into Zip
files and copy to a "target" folder.
In order to do these tasks, the Python3 environment should be available.
Run to create zip files
python3 make.py build <br>Run to clean
python3 make.py clean <br>All 3 Zip files need to be uploaded to AWS S3 bucket in a further step.
Go to "CloudFormation" on AWS Console.
- Click on "Create stack" and select "With new resources(standard)"
- Select "Upload a template file", Click on "Choose file" and select "infrastructure.yaml" from target folder.
- Click on "Next", Read all the Parameter's Label & instructions carefully. Add/Update Template parameters according to your requirement.
- Click "Next" and "Create stack"
- Once deployment is complete, go to "Outputs" and note S3 "BucketName".
- Go to S3, Open S3 bucket which is deployed using infra template. Upload previously-created "cluster_layer.zip, "configure_asav_cluster.zip" & "lifecycle_asav_cluster.zip" to the S3 Bucket
Go to "CloudFormation" on AWS Console.
- Click on "Create stack" and select "With new resources(standard)"
- Select "Upload a template file", Click on "Choose file" and select "deploy_asav_clustering.yaml" from target folder.
- Click on "Next", Read all the Parameter's Label & instructions carefully. Add/Update/Select Template parameters according to your requirement.
- Click "Next" and "Create stack"
- Lambda functions will configure cluster.