Instantiating an HA SBC Instance in AWS

In this section:

Overview of Manual Launch of SBC HA Instance in AWS

To do a manual launch of an HA SBC instance, perform the following steps:

Create a VPC for use in the deployment. Refer to Create a VPC for the SBC SWe.
Create Internet Gateway for use in the deployment. Refer to Create an Internet Gateway for SBC SWe.
Create Key Pairs for Linux shell access and Administrator access. Refer to Create Key Pairs for the SBC SWe.
Create Subnets for use in the deployment. Refer to Create Subnets for the SBC SWe.
Create Security Groups for use in the deployment. Refer to Create Security Groups for SBC SWe.
Update or create Route tables for the newly created subnets. Refer to Create Route Tables for SBC SWe.
Create a placement group for the SBC deployment. Refer to Create Placement Groups.
Create a Policy and Role for the SBC instance. Refer to Create an Identity and Access Management (IAM) Role for SBC SWe.
Allocate EIP (Elastic IPs) used for external access to the SBC. See Allocate Elastic IPs (EIPs).
Create Network Interfaces to associate private IP interfaces to the created subnets. See Create Network Interfaces.
Associate Elastic IPs to the Private IPs created during Network Interface creation. See Associate an Elastic IP Address to Private IPs.
Launch the Active HA SBC instance using the EC2 console. See Launch an HA SBC Instance Pair from EC2.
Launch the Standby HA SBC instance using the EC2 console. See Launch Standby SBC Instance.

Allocate Elastic IPs (EIPs)

Create Elastic IPs (EIP) in advance as follows:

two EIPs for use with MGT0 of each of the SBC instances (1 EIP for each SBC instance in the HA pair)
one EIP for MGT0 secondary IP of ACTIVE SBC
one EIP for PKT0 of the HA SBC instance pair (if required per customer deployment)
one EIP for PKT1 network interfaces (if required per customer deployment)

To create an Elastic IP for the Management (MGT0) interface, perform the following steps:

Navigate to the EC2 Management Console
Select NETWORK & SECURITY > Elastic IPs
The Elastic IPs page displays.
Click Allocate new address.
The Allocate new address page displays.
Click the radio button next to IPv4 address pool > Amazon pool unless you have a private IPv4 address pool pre-defined by Amazon.
Click Allocate to complete the creation.
Assign your IP address a name tag by hovering the mouse over the "Name" field in the Network interface list and click on the pencil, then type in a name.
Repeat to allocate Elastic IPs for the 2nd SBC instance's MGT0 and PKT0 and/or PKT1 if required per customer networking needs.

Create Network Interfaces

Create network interfaces for HA0, MGT0, PKT0, and PKT1 of each of the SBC Instances in the HA pair to be able to route IP packets to/from the subnets created in the prior step. To instantiate the SBC SWe HA instance, add a secondary IP address to MGT0, PKT0, and PKT1 network interfaces.

To create a network interface for HA0, perform the following steps:

Navigate to EC2 Management Console.
Select NETWORK & SECURITY > Network Interfaces.
The Network Interface page displays.
Click Create Network Interface.
The Create Network Interface displays.
In the Create Network Interface screen:
1. Enter the network interface description such as HA0.
2. Select the Subnet and Security groups from the drop-down list.
3. Click Yes, Create.
  
  The new network interface displays in the list.
By default, the network interface does not have a name. Name it by hovering the mouse over the "Name" field in the Network interface list and click on the pencil. The user will be prompted to enter a name.
Repeat steps 3 through 4 to create network interfaces for MGT0, PKT0, and PKT1 of the active SBC instance.
Repeat steps 3 through 4 to create network interfaces for the HA0, MGT0, PKT0, and PKT1 interfaces of the standby SBC instance.

Add Secondary IP Addresses to MTG0, PKT0, PKT1 Network Interfaces

To instantiate the SBC SWe HA instance, add a secondary IP address to the MGT0, PKT0, and PKT1 network interfaces that will be associated with the active SBC SWe instance.

Caution

When the switch-over occurs, the secondary IP address and the EIP address (associated with these Secondary IPs) move to the new active instance's corresponding interfaces.

To add a secondary IP address:

Right-click the network interface and select Manage Private IP Addresses.
The Manage Private IP Addresses window displays.
Click Assign new IP.
Enter the secondary IP address.

Note

By default, if you do not enter a secondary IP address, the IP address gets auto-assigned.
Click Yes, Update.
The attached address displays.

Associate an Elastic IP Address to Private IPs

Associate an elastic IP (EIP) address to MGT0 private primary IP and secondary private IP addresses.

Based on the network requirement, associate EIPs to secondary IP addresses of PKT0 and PKT1 network interfaces if those networks require external access.

To associate an elastic IP address to MTG0 of the active SBC instance:

Right-click the network interface and select Associate Address.
The Associate Elastic IP Address screen displays.
Click the Address drop-down list and select an elastic IP address from the list.
Click the Associate to Private IP Address drop-down list and select the private IP address.
Click Associate Address.
Repeat for MGT0 of the Standby SBC instance and PKT0 and PKT1 network interfaces as required.

Launch an HA SBC Instance Pair from EC2

To launch the SBC HA instance pair from the AWS EC2 control panel, do the following:

While logged into the target AWS account, click the Services drop-down list.
The Services list is displayed.
From the left pane click EC2.

The EC2 Dashboard page displays.
From the left pane under Images click AMIs. The AMI ID page displays.

Choose an AMI ID

This account may own the SBC AMI ID, or it may be a private image.

If this account owns the AMI, select Owned by me from the drop-down next to the search bar.
If this account does not own the AMI, select Private images from the drop-down next to the search bar.
In the search bar, enter the AMI ID of the image and press enter. The AMI entered displays.
Select the AMI ID and click Launch.

The Choose an Instance Type page displays.

Choose an Instance Type

Note

Ribbon recommends m5.xlarge or higher instance type if this instance type is available in your zone. Use c5.2xlarge instance type or higher to handle more calls with transcoding.

Select an instance type that meets the requirements.
Click Next: Configure InstanceDetails.
The Configure Instance Details page displays. The page is quite long and has a scroll bar at right.

Configure the Active SBC Instance

Select the Network (VPC) and Management Subnet from the list.
This creates the mgt0 network interface and attaches as eth0.
Select the checkbox Add instance to Placement group and click on the radio button next to Add to a new placement group. There is an option to give the placement group a name.

Note

A placement group ID is a logical grouping of instances within a single Availability Zone. The choices are "cluster" or "spread". This is an optional field and can be blank.
Select the IAM role that was created earlier in the procedure.
Scroll down and select Tenancy from the list.

Note

Dedicated instances have dedicated hardware isolated at host hardware level from the non-dedicated instances and instances that belong to other AWS accounts.
It accepts shared, for instances running on shared hardware, or dedicated or dedicated host, for instances running on single-tenant hardware.
Scroll down to Network interfaces and expand the section.
Choose to auto-assign a Public IP address by selecting New network interface next to the eth0 device or Select the mtg0 Network Interface that was allocated in a prior step from the drop-down.
Click Advanced Details section to expand.

Note

If the CERole parameter in user data is Active/Standby, it represents the HA userdata format. Otherwise, it represents the standalone userdata format.
In the User data section select As text.

Enter the user data corresponding to the ACTIVE SBC instance per the following format:

Format of Userdata for HA Instances

{
 "CERole" : "<ACTIVE | STANDBY>",
 "ReverseNatPkt0" : "<True | False>",
 "ReverseNatPkt1" : "<True | False>",
 "ALT_Mgt0_00" : "LOGICAL_MGMT_IP",
 "ALT_Pkt0_00" : "VIP1",
 "ALT_Pkt1_00" : "VIP2",
 "CEName" : "<CEName>",
 "SystemName" : "<SystemName>",
 "PeerCEName" : "<PeerCEName>",
 "PeerCEHa0IPv4Address" : "<PeerCEHa0IPv4Address>",
 "ClusterIp" : "<PeerCEHa0IPv4Address>"
 "SbcPersonalityType" : "isbc",
 "SbcHaMode"          : "1to1",
 "IAM_ROLE"             : "<AWS IAM Role Name>",
 "AdminSshKey"          : "<public key>",
 "ThirdPartyCpuAlloc" : "<vcpu>", 
 "ThirdPartyMemAlloc" : "<mb>"
}

Format of Userdata for Active HA Instance

{
 "CERole" : "ACTIVE",
 "ReverseNatPkt0" : "<True | False>",
 "ReverseNatPkt1" : "<True | False>",
 "ALT_Mgt0_00" : "LOGICAL_MGMT_IP",
 "ALT_Pkt0_00" : "VIP1",
 "ALT_Pkt1_00" : "VIP2",
 "CEName" : "<CEName>",
 "SystemName" : "<SystemName>",
 "PeerCEName" : "<PeerCEName>",
 "PeerCEHa0IPv4Address" : "<PeerCEHa0IPv4Address>",
 "ClusterIp" : "<PeerCEHa0IPv4Address>"
 "SbcPersonalityType" : "isbc",
 "SbcHaMode"          : "1to1",
 "IAM_ROLE"             : "<AWS IAM Role Name>",
 "AdminSshKey"          : "<public key>",
 "ThirdPartyCpuAlloc" : "<vcpu>", 
 "ThirdPartyMemAlloc" : "<mb>"
}

Example of Userdata for HA Active Unit

{
 "CERole" : "ACTIVE",
 "ReverseNatPkt0" : "False",
 "ReverseNatPkt1" : "False",
 "ALT_Mgt0_00" : "LOGICAL_MGMT_IP",
 "ALT_Pkt0_00" : "VIP1",
 "ALT_Pkt1_00" : "VIP2",
 "CEName" : "vsbc1",
 "SystemName" : "vsbcSystem",
 "NodeName" : "SD-test-HA-510A654",
 "PeerCEName" : "vsbc2",
 "PeerCEHa0IPv4Address" : "10.54.20.133",
 "ClusterIp" : "<PeerCEHa0IPv4Address>"
 "SbcPersonalityType" : "isbc",
 "SbcHaMode"          : "1to1",
 "IAM_ROLE"             : "SWe",
 "AdminSshKey"          : "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCJnrFMr/RXJD3rVLMLdkJBYau+lWQ+F55Xj+KjunVBtw/zXURV38QIQ1zCw/GDO2CZTSyehUeiV0pi2moUs0ZiK6/TdWTzcOP3RCUhNI26sBFv/Tk5MdaojSqUc2NMpS/c1ESCmaUMBv4F7PfeHt0f3PqpUsxvKeNQQuEZyXjFEwAUdbkCMEptgaroYwuEz4SpFCfNBh0obUSoX5FNiNO/OyXcR8poVH0UhFim0Rdneo7VEH5FeqdkdGyZcTFs7A7aWpBRY3N8KUwklmNSWdDZ9//epEwgaF3m5U7XMd4M9zHURF1uQ/Nc+aiyVId9Mje2EU+nh6npaw/tEOPUiC1v",
 "ThirdPartyCpuAlloc" : "0", 
 "ThirdPartyMemAlloc" : "0"
}

Do not change the values entered for ALT_Mgt0_00, ALT_Pkt0_00, ALT_Pkt1_00.

ALT_Mgt0_00 - Renames the first alternate IP for management port as "LOGICAL_MGMT_IP".
ALT_Pkt0_00 - Renames the first alternate IP for PKT0 port as "VIP1".
ALT_Pkt0_01 - Renames the first alternate IP for PKT1 port as "VIP2".

Format of Userdata for Standby HA Instance

{
 "CERole" : "STANDBY",
 "ReverseNatPkt0" : "<True | False>",
 "ReverseNatPkt1" : "<True | False>",
 "ALT_Mgt0_00" : "LOGICAL_MGMT_IP",
 "ALT_Pkt0_00" : "VIP1",
 "ALT_Pkt1_00" : "VIP2",
 "CEName" : "<CEName>",
 "SystemName" : "<SystemName>",
 "PeerCEName" : "<PeerCEName>",
 "PeerCEHa0IPv4Address" : "<PeerCEHa0IPv4Address>",
 "ClusterIp" : "<PeerCEHa0IPv4Address>"
 "SbcPersonalityType" : "isbc",
 "SbcHaMode"          : "1to1",
 "IAM_ROLE"             : "<AWS IAM Role Name>",
 "AdminSshKey"          : "<public key>",
 "ThirdPartyCpuAlloc" : "<vcpu>", 
 "ThirdPartyMemAlloc" : "<mb>"
}

Example of Userdata for Standby HA Unit

{
 "CERole" : "STANDBY",
 "ReverseNatPkt0" : "False",
 "ReverseNatPkt1" : "False",
 "ALT_Mgt0_00" : "LOGICAL_MGMT_IP",
 "ALT_Pkt0_00" : "VIP1",
 "ALT_Pkt1_00" : "VIP2",
 "CEName" : "vsbc2",
 "SystemName" : "vsbcSystem",
 "NodeName" : "SD-test-HA-510A654",
 "PeerCEName" : "vsbc1",
 "PeerCEHa0IPv4Address" : "10.54.20.218",
 "ClusterIp" : "<PeerCEHa0IPv4Address>"
 "SbcPersonalityType" : "isbc",
 "SbcHaMode"          : "1to1",
 "IAM_ROLE"             : "SWe",
 "AdminSshKey"          : "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCJnrFMr/RXJD3rVLMLdkJBYau+lWQ+F55Xj+KjunVBtw/zXURV38QIQ1zCw/GDO2CZTSyehUeiV0pi2moUs0ZiK6/TdWTzcOP3RCUhNI26sBFv/Tk5MdaojSqUc2NMpS/c1ESCmaUMBv4F7PfeHt0f3PqpUsxvKeNQQuEZyXjFEwAUdbkCMEptgaroYwuEz4SpFCfNBh0obUSoX5FNiNO/OyXcR8poVH0UhFim0Rdneo7VEH5FeqdkdGyZcTFs7A7aWpBRY3N8KUwklmNSWdDZ9//epEwgaF3m5U7XMd4M9zHURF1uQ/Nc+aiyVId9Mje2EU+nh6npaw/tEOPUiC1v",
 "ThirdPartyCpuAlloc" : "0", 
 "ThirdPartyMemAlloc" : "0"
}

Do not change the values entered for ALT_Mgt0_00, ALT_Pkt0_00, ALT_Pkt1_00.

ALT_Mgt0_00 - Renames the first alternate IP for management port as "LOGICAL_MGMT_IP".
ALT_Pkt0_00 - Renames the first alternate IP for PKT0 port as "VIP1".
ALT_Pkt0_01 - Renames the first alternate IP for PKT1 port as "VIP2".

The following table gives descriptions of Userdata Parameters:

Userdata Parameter Description

Parameter	Length	Format	Description
CERole	N/A	ACTIVE / STANDBY	Assigned role of SBC instance. Allowed Value: Active Standby
ReverseNatPkt0 / ReverseNatPkt1	Reverse NAT flag for Pkt0 and Pkt1	True / False (default)	Values: True: To consider FIPV4 entity using the value provided in the dictionary False: To configure FIPV4 using SMM rules, and ignore the FIPV4 value provided here
CEName	64	string	This specifies the actual CE name of the SBC instance. For more information, refer to System and Instance Naming in SBC SWe N:1 and Cloud-Based Systems. CEName Requirements: Must start with an alphabetic character Only contain alphabetic characters and/or numbers. No special characters Cannot exceed 64 characters in length
SystemName	26	string	This specifies the actual system name of the SBC instance. For more information, refer to System and Instance Naming in SBC SWe N:1 and Cloud-Based Systems. System Requirements: Must start with an alphabetic character Only contain alphabetic characters and/or numbers. No special characters Cannot exceed 26 characters in length
Node Name	64	string	This specifies a unique name for the instance in a node.
PeerCEName	64	string	This specifies the name of the peer SBC node. For more information, refer to System and Instance Naming in SBC SWe N:1 and Cloud-Based Systems. Peer CEName Requirements: Must start with an alphabetic character Only contain alphabetic characters and/or numbers. No special characters Cannot exceed 64 characters in length
PeerCEHa0IPv4Address	N/A	IPv4 address x.x.x.x	This specifies the IPv4 address of the HA port for the peer SBC node. This parameter is applicable only in the case of the instance being launched in HA mode.
ClusterIp	N/A	IPv4 address x.x.x.x	Private IPv4 address of the HA interface on the peer instance.
AdminSshKey	255	string	This specifies the public key for the admin user. To Extract the Public Key from the Private Key (.pem) file generated in AWS, use the ssh-keygen tool from the shell of any Linux system. (e.g.type: ssh-keygen -y -f <pem_file>). Cut/paste the output from the command onto the AdminSshKey : line as “ssh-rsa <key>” e.g. > ssh-keygen -y -f paul-vsbc-SA-admin.pem ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCHVcY4flFmBaxvDkIHlgWXl3fTa1A1xrun6FxDMkk3pu5dI4EjgEofnZ4vy/vBakLDMN8Qu5XxmkMDTcgK6ZhJ2JWG8U3y/1w7WauYohMWJV5yQ5ILgui9huc23LGa2+o0zFNGc+0+6X0jmvliccMKwZ05ti9nTaeYj2lDd3UWJGO8pSCvTh50GF9fqRfzAG8BNKXNRDi00XBEfcrMVErhwhyWrwEfSOYOGqrh9p/LubjPHVp8wTn98ZCnUh0B09eX2iOoIBBQalNiD4PnCXGYLnm7MmKErKtEdny0OpGglP2OgjkVQsFK9sYaPu0XlRb7PLZjvsOqqRHc9b/b0A+J
"ALT_Mgt0_00"	15	text - to be entered as "LOGICAL_MGMT_IP"	Required instructions for the HA instance. It causes installation scripts to rename the first alternate IP for management port as "LOGICAL_MGMT_IP"
"ALT_Pkt0_00"	4	text - to be entered as "VIP1"	Required instructions for the HA instance. It causes installation scripts to rename the first alternate IP for PKT0 port as "VIP1".
"ALT_Pkt1_00"	4	text - to be entered as "VIP2"	Required instructions for the HA instance. It causes installation scripts to rename the first alternate IP for PKT1 port as "VIP2".
IAM_ROLE	64	string	The name of the IAM role for SBC SWe instance. The SBC requires access to the AWS REST-API, thus must use a role that permits this.
SbcPersonalityType	4	string - to be entered as "isbc".	The name of the SBC personality type for this instance. At this time only integrated SBC (isbc) is supported in AWS.
SbcHaMode	11	string - to be entered as "1to1".	The element manager management mode of the SBC.
ThirdPartyCpuAlloc	n/a	0-4 in vCPUs	Enter the number of CPUs to reserve for use with third-party apps. Note: Default is 0
ThirdPartyMemAlloc	n/a	0-4096 in MB	Enter the number of MB of memory to reserve for use with third-party apps. Note: Default is 0

Add Storage

Click Next: Add Storage.
1. The Add Storage page opens.
Select Provisioned IOPS SSD (io1) as Volume Type.
Enter volume size in GiB.

Note

The minimum size is 65 GiB. Ribbon recommends using the default IOPS value.

Add Tags

Click on Next: Add Tags. The Add Tags page displays:
Enter a key name and value.
Click Add another tag to create more than one tag.

Configure Security Groups

Click Next: Configure Security Group. The Configure Security Group page appears:
Click Select an existing security group.
Select the management security group from the list.
Click Review and Launch.

Review the Instance

Review the instance details. Choose to Edit any of the prior specified instance specifications.
Click Launch. A prompt to select a key pair will appear.

Select Key Pair

Select Key Pair option
1. Select Choose an existing key pair and select the key pair or specify the key pair name if one is already defined.
  OR
2. Select Create a new key pair name from the drop-down and give the key-pair a name. Be sure to click "Download Key Pair" to save the private key file (*.pem). This will be required to have ssh access into the created SBC after the instance launches.
Click Launch Instances. The new instance will start launching, and the Launch Status page appears.
Click the instance ID to view the instance.

Attach Network Interfaces

Stop the instance to attach the network interfaces. Right-click the instance and select Instance State > Stop.

A message appears to confirm stopping the instance.

The Launch Instance screen displays again.
Right-click the instance and select Networking > Attach Network Interface.
Select the HA interface and click Attach. This attaches the HA network interface as eth1.
Repeat step 3 to attach PKT0 and PKT1 network interfaces.

Note

In instance details, the attached network interfaces are listed as eth0, eth1, eth2, and eth3. Ribbon refers to these as MGT0, HA, PKT0, and PKT1 respectively.

Note

At this point, you can optionally change the systemName and local host name by editing the userdata.
For more information, refer to Metadata and Userdata Formats in AWS.
Re-Start the instance to continue the instantiation.
1. Right-click the instance and select Instance State > Start.
  A message appears to confirm starting the instance.
2. Click Yes, Start.
  The user returns to the Launch Instance screen.