The AWS provides High Availability through the use of Elastic IP (EIP). With EIP, when a switchover from an active SBC instance to a standby instance is required, the IP address for the active server moves to the standby instance through a REST API call, which can result in a 15-20 second switchover time. While this solution may be acceptable for the majority of web-based applications, it does not meet the requirements needed for SBCs for real-time communications.
To accomplish switchover times closer to 2 seconds, an HA Front-End (HFE) was added to the AWS architecture solution to host the Elastic IP.
In this procedure, the private subnet for HFE is created automatically.
Info
title
Note
The SBC SWe does not support IPsec in AWS.
The High-Availability Front End (HFE) front-ends only one pkt port (pkt0), public endpoints can be connected only to pkt0. Pkt1 can serve private endpoints.
Info
title
Note
The HFE is configured using a script named "HFE.sh". This script is available in addition to example CloudFormation templates which support the deployment of an HA SBC with HFE.
Both files are required to deploy an SBC with High-Availability Front-End.
Info
title
Note
If you delete an instance from the CFN, be aware that AWS does not delete volume(s) automatically. You must also delete them from the AWS UI if you do not want volumes of deleted instances (standalone, HA or HFE-based SBC installation).
Prerequisites for AWS CFN Install of HFE and SBC HA Instance with Automated HFE Private Subnet Creation
Prior to initiating a CFN-based install of an HA SBC instance with HFE perform the following:
Download the CFN supporting HFE and the HFE configuration script (HFE.sh) to your desktop.
Click the Services drop-down list. The Services list is displayed.
Click CloudFormation from Management Tools section.
Click Create Stack. The Select Template page displays.
In the Choose a template section, select Upload a template to Amazon S3.
Click Choose File to navigate through the folders and select the template.
Click Next. The Create A New Stack page displays.
Info
title
Note
If you desire to use pre-allocated EIPs for management, ensure you to set EIPAssociationForMgt to "No" at the field prompt.
After the deployment has completed, you must manually associate the pre-allocated EIP to Mgmt (Eth0) Primary and secondary IPs.
In the Stack name field enter a unique name for this SBC stack. A stack is a collection of AWS resources you create and delete as a single unit.
Enter the required values for the Parameter fields. The following table describes the create stack parameters:
Info
title
Note
Third party CPU setting of more than two vCPU is not supported with p3.2xlarge instances due to the vCPU requirement of the Standard_GPU_Profile.
Caption
0
Table
1
Create Stack Parameters
Parameter Section
Field
Description
Mandatory
Can Leave Blank
Customizable by User
SBC Configuration
AMIID
Amazon Machine Image (AMI) for SBC node. The AMI is an encrypted machine image which is like a template of a computer's root drive. For example, ami-xxxxxxxx.
HFE Configuration
HFEAMIID
Amazon Machine Image (AMI) of HFE Node. This is to be the latest AWS Linux 2 x86 AMI ID in your region: ami-xxxxxxxx
HFE Configuration
(is this correct?)
HFEInstanceType
The HFE instance type. This must be a valid EC2 instance type.
Allowed values:
m5.xlarge (default)
m5.2xlarge
c5.2xlarge
c5.4xlarge
c5.9xlarge
c5n.2xlarge
c5n.4xlarge
c5n.9xlarge
??
??
??
HFE Configuration
Location of the HFE.sh script on a local S3. Enter the name of the bucket and file preceded by s3:// , for example, s3://hafrontend/HFE.sh
Enter a CIDR for private subnet for the SBC, this new subnet will be served by HFE instance. The CIDR is available in your VPC. Recommended value is /28.
HFE Configuration
privateSubnetAZ
Enter Availability Zone for private subnet for the SBC, this new subnet will be served by HFE instance. Select an Availability zone which has other subnets for the SBC – mgt, HA and Pkt1 ports. Enter the AZ that you are using to create the SBC.
SBC and HFE Common Data
EipAssociationForMgt
Select Yes from the drop-down to associate EIP for MGT0 interface to login and access SBC application from public networks. Select No if not using EIP for management interfaces.
SBC and HFE Common Data
SortHfeEip
Select Yes from the drop-down to enable sorting based on HFE EIP.
Only contain alphabetic characters and/or numbers. No special characters.
Cannot exceed 64 characters in length
SBC and HFE Common Data
InstanceType
The type of instance created from stack.
Note: Ribbon recommends m5.xlarge or higher instance type if this instance type is available in your zone. Use c5.2xlarge instance type or higher to handle more calls with transcoding.
SBC Configuration
IOPS
Enter IOPS reservation for io 1 type EBS volume
SBC and HFE Common Data
LinuxAdminSshKey
Existing EC2 KeyPair name to enable SSH access to the Linux shell on SBC instance.
SBC and HFE Common Data
AdminSshKey
Existing EC2 KeyPair name to enable SSH access to admin CLI on SBC instance.
IP Configuration on SBC Pkt0, Pkt1 and HFE Public port
NumberOfAlternateIPOnPkt0
The alternate IP address for packet port 0.
Note: Default is 1. If you are using more than one IP for alternate IPs, use comma separated IPs list.
IP Configuration on SBC Pkt0, Pkt1, and HFE Public port
NumberOfAlternateIPOnPkt1
The alternate IP address for packet port 1.
Note: Default is 1. If you are using more than one IP for alternate IPs, use comma separated IPs list.
IP Configuration on SBC Pkt0, Pkt1, and HFE Public port
Enter the number of EIP(s), which are required to configure the HFE public port. It must be [<= NumberOfAlternateIPOnPkt0] of the SBC. This helps the user to use the maximum [NumberOfAlternateIPOnPkt0] for the public calls.
For example, if the NumberOfAlternateIPOnPkt0 = 3 and the NumberOfEIPOnHFEPublic = 5, the HFE configures only 3 IPs for the public calls and the rest 2 IPs are unused.
Note: Default is 1.
IP Configuration on SBC Pkt0, Pkt1, and HFE Public port
Set True to allocate EIPs from Amazon's pool of public IPv4 addresses on HFE public interface or set False to use pre-allocated/reserved EIPs.
Note: Default is True.
IP Configuration on SBC Pkt0, Pkt1, and HFE Public port
If [AllocateEIPOnHFEPublicInterface] is set to False then enter comma separated pre-allocated/reserved EIPs allocation IDs and ensure the number of EIP allocation IDs are equal to the [NumberOfEIPOnHFEPublic] value.
For example,a list of EIPs allocation IDs could be:
A placement group ID of logical group of instances within a single Availability Zone. This is an optional field and can be blank.
SBC Configuration
SBCPersonality
The type of SBC for this deployment. In this release, always set the personality to isbc.
SBC Configuration
SecurityGrpHa0
Acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic for HA0.
SBC Configuration
SecurityGrpMgt0
Acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic for MGT0.
SBC Configuration
SecurityGrpPkt1
Acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic for PKT1.
HFE Configuration
SecurityGrpHFEPublic
Acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic to HFE.
HFE Configuration
SubnetIdHFePublic
SubnetId of an existing subnet in your Virtual Private Cloud (VPC) for the Public Interface on HFE.
HFE Configuration
SubnetIdHFETowardsSBC
SubnetId of an existing subnet in your Virtual Private Cloud (VPC) for the private interface on HFE (towards the SBC).
HFE Configuration
remoteSSHMachinePublicIP
Optionally the HFE management interface can be accessed from a public server. Enter IP(public IP) of machine that will connect(SSH) to HFE using public IP.
HFE Configuration
SecurityGrpHFETowardsSBC
Acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic between HFE and SBC.
SBC Configuration
SubnetIdHA0
Subnet ID of an existing subnet in your Virtual Private Cloud (VPC) for HA0.
SBC Configuration
SubnetIdMgt0
Subnet ID of an existing subnet in your Virtual Private Cloud (VPC) for Mgt0.
SBC Configuration
SubnetIdPkt1
SubnetId of an existing subnet in your Virtual Private Cloud (VPC) for Pkt1.
Only contain alphabetic characters and/or numbers. No special characters.
Cannot exceed 26 characters in length.
SBC Configuration
VolumeSize
Enter the size of disk required in GB. The minimum size is 65 GIB. However, more can be chosen.
SBC Configuration
Tenancy
The Tenancy Attribute for this instance.
SBC Configuration
VolumeType
Select the type of volume for SBC. Ribbon recommends that the SBC use io1 type.
SBC and HFE Common Data
VpcId
Select a VPC with Subnet, Security Group, etc., selected earlier.
Third Party Applications Provisioning
ThirdPartyCPUs
Enter number of CPUs to be reserved for use with third-party apps. Note: Default is 0.
Third Party Applications Provisioning
ThirdPartyMem
Enter number of MB of memory to be reserved for use with third-party apps. Note: Default is 0.
Click Next. The Options page displays.
Optionally you can choose to Tag your deployment with a Key-value pair, IAM Role Permissions, Rollback Triggers or other advanced Options.
Click Next. The Review page displays.
Review the stack details and click Create The CloudFormation Stacks page is displayed.
On successful stack creation, the stack then lists.
Warning
title
Warning
Do not update or modify the stack after creation.
Do not change or remove resources after instance creation. For example, removing or attaching EIP, or changing the user data.
Verify the Instance Creation
Perform the following steps to view the SBC SWe instances created:
Click the Services drop-down list. The Services list is displayed.
From the left pane click EC2.
The EC2 Dashboard page is displayed.
From the left pane under Instances click Instances.
The instances table lists the new instance.
Note
title
Caution
If you delete an instance from CFN, be aware that AWS does not delete volume(s) automatically. You must also delete it from the AWS UI if you do not want volumes of deleted instances (standalone, HA or HFE-based SBC installation).