Added AWS/Azure HA deployment documentation for and modified titles of AWS, Azure, GCP deployment pages (#1668)

* Added documentation pages for AWS/Azure HA deployment and modified pages AWS,Azure,GCP

* Update docs/installation/cloud/azure-ha.rst

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

docs/installation/cloud/aws-ha.rst

@@ -0,0 +1,154 @@
+##########
+VyOS High Availability (HA) Deployment on AWS
+##########
+
+This document describes how to deploy VyOS in a High Availability (HA) configuration on AWS using Terraform and a VPC Route Server to provide sub-second failover.
+
+Why Use HA on AWS?
+------------------
+
+This solution helps organizations achieve **high availability** routing with dynamic connectivity to multiple AWS VPCs or hybrid environments.
+
+Key Advantages:
+
+- Utilizes **AWS VPC Route Server** to manage BGP routes dynamically.
+
+- Deploys two VyOS EC2 instances as BGP peers connected to the Route Server. Although both participate, one is typically preferred as the next-hop.
+
+- Employs **Bidirectional Forwarding Detection (BFD)** for rapid failure detection.
+
+- On failure:
+
+  - Withdraws the failed peer’s routes from the RIB.
+
+  - Recomputes the optimal path in the FIB.
+
+  - Updates VPC route tables to point to the active instance.
+
+- Enables **sub-second failover** (< 1 s), outperforming AWS API-based route table failover.
+
+This architecture supports:
+
+- Cloud edge routing with failover.
+
+- Hybrid cloud resiliency.
+
+- Rapid recovery during instance crashes, upgrades, or network disruptions.
+
+- Continuity for mission-critical operations.
+
+HA Architecture Diagram
+------------------------
+
+.. figure:: /_static/images/cloud-aws-ha-architecture.png
+   :alt: VyOS HA topology diagram
+
+Terraform Automation
+--------------------
+
+To streamline and standardize the process, we developed a Terraform project that automates the deployment of VyOS in High Availability (HA) mode on AWS.
+
+This Terraform project automates the deployment of:
+
+- Two VyOS instances in HA mode.
+
+- VPC Route Server.
+
+- Transit Gateway.
+
+- A Transit VPC and a Data VPC containing a test Amazon Linux EC2 instance for connectivity validation.
+
+To integrate with existing AWS infrastructure:
+
+- Remove the Data VPC, its subnets, and EC2 test instance.
+
+- Update `main.tf`, `network.tf`, `transit_gateway.tf`, `variables.tf`, and `outputs.tf` accordingly.
+
+Prerequisites
+-------------
+
+AWS Environment:
+
+- Active AWS account with permissions for EC2, VPC, Transit Gateway, Route Server, and IAM (for keypair and role management).
+
+Local Environment:
+
+- AWS CLI installed: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
+
+- Terraform installed: https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
+
+Set AWS credentials in your shell:
+
+.. code-block:: none
+
+  export AWS_ACCESS_KEY_ID="<AWS_ACCESS_KEY_ID>"
+  export AWS_SECRET_ACCESS_KEY="<AWS_SECRET_ACCESS_KEY>"
+  export AWS_SESSION_TOKEN="<AWS_SESSION_TOKEN>"
+  export AWS_DEFAULT_REGION="<AWS_REGION>"  # e.g., us-east-1
+
+Obtain VyOS AMI ID and Owner ID:
+
+Subscribe to VyOS via AWS Marketplace. Then run:
+
+.. code-block:: none
+
+  aws ec2 describe-images \
+    --owners aws-marketplace \
+    --filters "Name=product-code,Values=8wqdkv3u2b9sa0y73xob2yl90" \
+    --query 'Images[*].[ImageId,OwnerId,Name]' \
+    --output table
+
+Alternatively, set the `vyos_ami_id` variable directly in `variables.tf`.
+
+Generate an SSH keypair (or use the included demo key):
+
+.. code-block:: none
+
+  ssh-keygen -b 2048 -t rsa -m PEM -f keys/vyos_custom_key.pem
+  chmod 400 keys/vyos_custom_key.pem
+
+Usage
+-----
+
+Configure variables in `variables.tf`, including instance type, region, and `vyos_ami_id`.
+
+Terraform Workflow:
+
+.. code-block:: none
+
+  terraform init
+  terraform fmt
+  terraform validate
+  terraform plan
+  terraform apply
+
+On completion, run:
+
+.. code-block:: none
+
+  terraform output
+
+This displays the management IP and connectivity test results.
+
+To clean up:
+
+.. code-block:: none
+
+  terraform destroy
+
+Management
+----------
+
+SSH into VyOS:
+
+.. code-block:: none
+
+  ssh vyos@<vyos_public_ip> -i keys/vyos_custom_key.pem
+
+
+GitHub Repository
+-----------------
+
+You can clone or download the Terraform project and use them in your environment:
+
+https://github.com/vyos/vyos-automation/tree/main/Terraform/AWS/ha-instances-with-configs

docs/installation/cloud/aws.rst

@@ -1,5 +1,5 @@
 ##########
-Amazon AWS
+VyOS Deployment on AWS
 ##########
 
 
@@ -601,6 +601,8 @@ Connect to the VyOS instance
  .. code-block:: none
 
    ssh -i vyos-keypair.pem vyos@35.152.131.62
+
+
    
 
 Deployment of VyOS Instance and Required Resources via CloudFormation Template
@@ -621,6 +623,23 @@ https://github.com/vyos/vyos-automation/tree/main/CloudFormation
 
 
 
+Deployment of VyOS Instance and Required Resources via Terraform
+========
+
+These Terraform projects automate the deployment of a VyOS instance on AWS, configuring essential components such as:
+
+- VPC
+- Public and private subnets
+- Internet Gateway
+- Route Tables
+- Elastic IPs
+- Security Groups
+
+You can download or clone these templates from the GitHub repository and use them in your environment:
+
+https://github.com/vyos/vyos-automation/tree/main/Terraform/AWS/
+
+
 Amazon CloudWatch Agent Usage
 -----------------------------
 

docs/installation/cloud/azure-ha.rst

@@ -0,0 +1,152 @@
+##########
+VyOS High Availability (HA) Deployment on Azure
+##########
+
+
+This document describes how to deploy VyOS in a High Availability (HA) configuration on Azure using Terraform and Azure Route Server to provide sub-second failover.
+
+Why Use HA on Azure?
+--------------------
+
+This module provides a robust, repeatable foundation for building **resilient network architectures** in Azure. By combining VyOS routing features with Terraform and Azure-native services, it enables:
+
+- Rapid deployment of cloud edge routers.
+
+- Full control over BGP route advertisement and filtering.
+
+- Realistic HA and disaster recovery simulations.
+
+- Seamless integration with hybrid or multi-cloud infrastructure.
+
+The architecture includes:
+
+- Two VyOS routers in a Transit VNet, configured with BGP.
+
+- Azure Route Server for dynamic route distribution.
+
+- Site-to-Site VPN connections to a simulated on-premises VyOS router.
+
+- An Ubuntu VM for connectivity and routing validation.
+
+- A Data VNet for testing and diagnostics.
+
+Key Features
+------------
+
+- **High Availability**: Dual VyOS routers for redundancy and failover.
+
+- **Dynamic Routing**: BGP-based routing via Azure Route Server.
+
+- **Hybrid Connectivity**: Site-to-Site VPN integration with a simulated on-prem VyOS.
+
+- **Testing Environment**: Includes Ubuntu VM for verification and diagnostics.
+
+- **Modular & Flexible**: Easily configurable via variables.
+
+HA Architecture Diagram
+-----------------------
+
+.. figure:: /_static/images/cloud-azure-ha-architecture.png
+   :alt: VyOS HA topology diagram
+
+This deployment architecture simulates a real-world enterprise network scenario for testing and validation purposes.
+
+Terraform Automation
+--------------------
+
+To streamline and standardize the process, we developed a Terraform project that automates the deployment of VyOS in High Availability (HA) mode on Azure.
+
+This Terraform project automates the deployment of:
+
+- Two VyOS instances in HA mode.
+
+- Azure Route Server.
+
+- A Transit VNet and a Data VNet containing a test Ubuntu VM for connectivity validation.
+
+Prerequisites
+-------------
+
+Ensure you have:
+
+- Active Azure subscription:
+
+.. code-block:: none
+
+   az account set --subscription "<subscription ID or name>"
+
+- Azure CLI installed:
+
+  https://learn.microsoft.com/en-us/cli/azure/install-azure-cli
+
+- Logged in with Azure credentials:
+
+.. code-block:: none
+
+   az version
+   az login
+
+- Azure Resource Group (RG) created:
+
+.. code-block:: none
+
+   az group create --name demoResourceGroup --location westus
+   az group list
+   az group show --name demoResourceGroup
+
+- Terraform installed:
+
+  https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
+
+- SSH key generated:
+
+.. code-block:: none
+
+   ssh-keygen -t rsa -b 4096 -f keys/vyos_custom_key.pem
+   chmod 400 keys/vyos_custom_key.pem
+
+Usage
+-----
+
+All variables are defined in ``variables.tf``. Adjust them to match your environment.
+
+Terraform Workflow:
+
+.. code-block:: none
+
+  terraform init
+  terraform fmt
+  terraform validate
+  terraform plan
+  terraform apply
+
+On completion, run:
+
+.. code-block:: none
+
+  terraform output
+
+This displays the management IP and connectivity test results.
+
+To clean up:
+
+.. code-block:: none
+
+  terraform destroy
+
+Management
+----------
+
+SSH into VyOS:
+
+.. code-block:: none
+
+  ssh adminuser@<vyos_public_ip> -i keys/vyos_custom_key.pem
+
+
+GitHub Repository
+-----------------
+
+You can clone or download the Terraform project and use them in your environment:
+
+https://github.com/vyos/vyos-automation/tree/main/Terraform/Azure/azure-ha-deployment-with-configs

docs/installation/cloud/azure.rst

@@ -1,5 +1,5 @@
 ##########
-Microsoft Azure
+VyOS Deployment on Azure
 ##########
 
 

docs/installation/cloud/gcp.rst

@@ -1,5 +1,5 @@
 #####################
-Google Cloud Platform
+VyOS Deployment on Google Cloud Platform
 #####################
 
 This guide provides step-by-step instructions for deploying a VyOS instance with two NICs and the required resources on Google Cloud Platform (GCP).
@@ -126,8 +126,8 @@ Step 3: Create VPC Networks and Subnets
 .. figure:: /_static/images/cloud-gcp-vpc-03.png
 
 .. figure:: /_static/images/cloud-gcp-vpc-04.png
-
+   
-4. Add firewall rules to allow specific network traffic from the Internet. By default all incoming traffic from outside a network is blocked.
+4. Add firewall rules to allow specific network traffic from the Internet if needed. By default, all incoming traffic from outside the network is blocked. Typically, a VyOS deployment from the GCP Marketplace configures this automatically, ensuring that SSH access is enabled after deployment.
 
 .. figure:: /_static/images/cloud-gcp-vpc-05.png
 
@@ -224,7 +224,7 @@ Step 4: Deploy VyOS instance from Marketplace
       - set interfaces ethernet eth1 address 'dhcp'
       - set interfaces ethernet eth1 dhcp-options no-default-route
 
-For more information, please visit the official VyOS documentation:
+For more information, please visit the documentation:
 
 https://docs.vyos.io/en/stable/automation/cloud-init.html#module-vyos-userdata
 

docs/installation/cloud/index.rst

@@ -8,6 +8,8 @@ Running VyOS in Cloud Environments
    :caption: Content
 
    aws
+   aws-ha
    azure
+   azure-ha
    gcp
-   oracel
+   oracle