Page History
Add_workflow_for_techpubs | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Panel | |
---|---|
In this section:
|
The AWS provides A High Availability through the use of Elastic IP (EIP). With EIP, when a switchover from an active SBC instance to a standby instance is required, the IP address for the active server moves to the standby instance through a REST API call, which can result in a 15-20 second switchover time. While this solution may be acceptable for the majority of web-based applications, it does not meet the requirements needed for SBCs for real-time communications.-Availability Front-End (HFE) node is no longer required in an AWS HA setup, as the switchover time of the Public IP addresses is reduced to less than 5 seconds. When the HFE node is removed, the setup cost is reduced as the additional HFE node and the resources associated with the HFE node are no longer required for the AWS HA setup to work correctly.
The page Remove the HFE from an AWS HA Setup describes the procedure to remove the HFE node from an AWS HA setup with HFETo accomplish switchover times closer to 2 seconds, an HA Front-End (HFE) was added to the AWS architecture solution to host the Elastic IP.
Info | ||
---|---|---|
| ||
The SBC SWe does not support IPsec in AWS. The High-Availability Front End (HFE) front-ends only one pkt port (pkt0), public endpoints can be connected only to pkt0. Pkt1 can serve private endpoints. |
Info | ||
---|---|---|
| ||
The HFE is configured using a script named "HFE.sh". This script is available in addition to example CloudFormation templates which support the deployment of an HA SBC with HFE. Both files are required to deploy an SBC with High-Availability Front-End. |
Info | ||
---|---|---|
| ||
If you delete an instance from the CFN, be aware that AWS does not delete volume(s) automatically. You must also delete them from the AWS UI if you do not want volumes of deleted instances (standalone, HA or HFE-based SBC installation). |
Prerequisites for AWS CFN Install of HFE and SBC HA Instance with Automated HFE Private Subnet Creation
Prior to initiating a CFN-based install of an HA SBC instance with HFE perform the following:
- Download the CFN supporting HFE and the HFE configuration script (HFE.sh) to your desktop.
- Create a VPC for use in the deployment. Refer to Create a VPC for the SBC SWe.
- Create Internet Gateway for use in the deployment. Refer to Create an Internet Gateway for SBC SWe.
- Create Key Pairs for Linux shell access and Administrator access. Refer to Create Key Pairs for the SBC SWe.
- Create Subnets for use in the deployment - HFE Public, SBC Management, SBC HA0, SBC PKT0, SBC PKT1. Refer to Create Subnets for the SBC SWe.
- Ensure space in VPC exists and determine subnet CIDR to use to create a new HFE Subnet (which is done by this CFN).
- Create Security Groups for use in the deployment. Refer to Create Security Groups for SBC SWe.
- Update or create Route tables for the newly created subnets. Refer to Create Route Tables for SBC SWe.
- Create a placement group for the SBC deployment. Refer to Create Placement Groups.
- Create a Policy and Role for the SBC instance. Refer to Create an Identity and Access Management (IAM) Role for SBC SWe.
- Create and Upload the HFE.sh script to S3 bucket. Refer to Upload HFE.sh script to S3.
- Create a Policy and Role for the HFE instance. Refer to Create an Identity and Access Management (IAM) Role for HFE.
- Locate the AMI ID in your region for an Amazon Linux 2 image. Refer to Locate Amazon Linux 2 AMI ID for use in HFE Deployments.
Instantiate an HFE and HA SBC Instance
To instantiate a standalone instance:
Log onto AWS.
Click the Services drop-down list.
The Services list is displayed.Click CloudFormation from Management Tools section.
Click Create Stack. The Select Template page displays.
- In the Choose a template section, select Upload a template to Amazon S3.
- Click Choose File to navigate through the folders and select the template.
Click Next.
The Create A New Stack page displays.Info title Note If you desire to use pre-allocated EIPs for management, ensure you to set EIPAssociationForMgt to "No" at the field prompt.After the deployment has completed, you must manually associate the pre-allocated EIP to Mgmt (Eth0) Primary and secondary IPsat the field prompt.
After the deployment has completed, you must manually associate the pre-allocated EIP to Mgmt (Eth0) Primary and secondary IPs.
Info title Note Ribbon recommends using an EMS/RAMP Private IP in the CFN template for EMS registration. If a public IP is used for EMS/RAMP registration using the SBC CFN template, then you must add the EMS/RAMP public IP to the SBC security group rules for communication.
In the Stack name field enter a unique name for this SBC stack. A stack is a collection of AWS resources you create and delete as a single unit.
Enter the required values for the Parameter fields. The following table describes the create stack parameters:
Info title Note Third party CPU setting of more than two vCPU is not supported with p3.2xlarge instances due to the vCPU requirement of the Standard_GPU_Profile.
Caption 0 Table 1 Create Stack Parameters Parameter Section Field Description Mandatory Can Leave Blank Customizable by User HFE Configuration HFEAMIID Amazon Machine Image (AMI) of HFE Node. This is to be the latest AWS Linux 2 x86 AMI ID in your region: ami-xxxxxxxx HFE Configuration
HFEInstanceType
The HFE instance type. This must be a valid EC2 instance type.
Allowed values:
- m5.xlarge (default)
- m5.2xlarge
- c5.2xlarge
- c5.4xlarge
- c5.9xlarge
- c5n.2xlarge
- c5n.4xlarge
- c5n.9xlarge
HFE Configuration Location of the HFE.sh script on a local S3. Enter the name of the bucket and file preceded by s3:// , for example, s3://hafrontend/HFE.sh HFE Configuration IAMRoleHFE The name of the IAM role for HFe instance.
For more information on IAM Role, refer to Create an Identity and Access Management (IAM) Role for HFE.
HFE Configuration privateSubnetCIDR Enter a CIDR for private subnet for the SBC, this new subnet will be served by HFE instance. The CIDR is available in your VPC. Recommended value is /28. HFE Configuration privateSubnetAZ Enter Availability Zone for private subnet for the SBC, this new subnet will be served by HFE instance. Select an Availability zone which has other subnets for the SBC – mgt, HA and Pkt1 ports. Enter the AZ that you are using to create the SBC. HFE Configuration remoteSSHMachinePublicIP Optionally the HFE management interface can be accessed from a public server.
Enter IP(public IP) of machine that will connect(SSH) to HFE using public IP.
Include Page _reference_Multiple_Remote_SSH_IPs _reference_Multiple_Remote_SSH_IPs HFE Configuration SecurityGrpHFEPublic Acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic to HFE. HFE Configuration SecurityGrpHFETowardsSBC Acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic between HFE and SBC. HFE Configuration SubnetIdHFePublic SubnetId of an existing subnet in your Virtual Private Cloud (VPC) for the Public Interface on HFE. HFE Configuration SubnetIdHFETowardsSBC SubnetId of an existing subnet in your Virtual Private Cloud (VPC) for the private interface on HFE (towards the SBC). SBC Configuration ActiveInstanceName This specifies the actual CE name of the SBC active instance. For more information, refer to System and Instance Naming in SBC SWe N:1 and Cloud-Based Systems.
CEName Requirements:
- Must start with an alphabetic character.
- Only contain alphabetic characters and/or numbers. No special characters.
- Cannot exceed 64 characters in length
SBC Configuration AMIID Amazon Machine Image (AMI) for SBC node. The AMI is an encrypted machine image which is like a template of a computer's root drive. For example, ami-
xxxxxxxx
.SBC Configuration IAMRole The name of the IAM role for SBC SWe instance.
For more information on IAM Role, refer to Create an Identity and Access Management (IAM) Role for HFE.
SBC Configuration IOPS Enter IOPS reservation for io 1 type EBS volume SBC Configuration PlacementId A placement group ID of logical group of instances within a single Availability Zone. This is an optional field and can be blank. SBC Configuration SBCPersonality The type of SBC for this deployment, either isbc or slb SBC Configuration SecurityGrpHa0 Acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic for HA0. SBC Configuration SecurityGrpMgt0 Acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic for MGT0. SBC Configuration SecurityGrpPkt1 Acts as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic for PKT1. SBC Configuration StandbyInstanceName This specifies the actual CE name of the SBC standby instance.
For more information, refer to System and Instance Naming in SBC SWe N:1 and Cloud-Based Systems.
CEName Requirements:
- Must start with an alphabetic character.
- Only contain alphabetic characters and/or numbers. No special characters.
- Cannot exceed 64 characters in length
SBC Configuration SubnetIdHA0 Subnet ID of an existing subnet in your Virtual Private Cloud (VPC) for HA0. SBC Configuration SubnetIdMgt0 Subnet ID of an existing subnet in your Virtual Private Cloud (VPC) for Mgt0. SBC Configuration SubnetIdPkt1 SubnetId of an existing subnet in your Virtual Private Cloud (VPC) for Pkt1. SBC Configuration SystemName This specifies the actual system name of the SBC instance.
For more information, refer to System and Instance Naming in SBC SWe N:1 and Cloud-Based Systems.
System Requirements:
- Must start with an alphabetic character.
- Only contain alphabetic characters and/or numbers. No special characters.
- Cannot exceed 26 characters in length.
SBC Configuration Tenancy The Tenancy Attribute for this instance. SBC Configuration VolumeSize Enter the size of disk required in GB. The minimum size is 65 GIB. However, more can be chosen. SBC Configuration VolumeType Select the type of volume for SBC. Ribbon recommends that the SBC use io1 type. SBC and HFE Common Data AdminSshKey Existing EC2 KeyPair name to enable SSH access to admin CLI on SBC instance. SBC and HFE Common Data EipAssociationForMgt
Select Yes from the drop-down to associate EIP for MGT0 interface to login and access SBC application from public networks. Select No if not using EIP for management interfaces. SBC and HFE Common Data InstanceType The type of instance created from stack.
Note: Ribbon recommends m5.xlarge or higher instance type if this instance type is available in your zone. Use c5.2xlarge instance type or higher to handle more calls with transcoding.
SBC and HFE Common Data LinuxAdminSshKey Existing EC2 KeyPair name to enable SSH access to the Linux shell on SBC instance. SBC and HFE Common Data SortHfeEip
Select Yes from the drop-down to enable sorting based on HFE EIP.
SBC and HFE Common Data VpcId Select a VPC with Subnet, Security Group, etc., selected earlier. IP Configuration on SBC Pkt0, Pkt1 and HFE Public port NumberOfAlternateIPOnPkt0 The alternate IP address for packet port 0.
Note: Default is 1. If you are using more than one IP for alternate IPs, use comma separated IPs list.
IP Configuration on SBC Pkt0, Pkt1, and HFE Public port NumberOfAlternateIPOnPkt1 The alternate IP address for packet port 1.
Note: Default is 1. If you are using more than one IP for alternate IPs, use comma separated IPs list.
IP Configuration on SBC Pkt0, Pkt1, and HFE Public port Enter the number of EIP(s), which are required to configure the HFE public port.
It must be [<= NumberOfAlternateIPOnPkt0] of the SBC. This helps the user to use the maximum [NumberOfAlternateIPOnPkt0] for the public calls.
For example, if the NumberOfAlternateIPOnPkt0 = 3 and the NumberOfEIPOnHFEPublic = 5, the HFE configures only 3 IPs for the public calls and the rest 2 IPs are unused.
Note: Default is 1.
IP Configuration on SBC Pkt0, Pkt1, and HFE Public port Set True to allocate EIPs from Amazon's pool of public IPv4 addresses on HFE public interface or set False to use pre-allocated/reserved EIPs.
Note: Default is True.
IP Configuration on SBC Pkt0, Pkt1, and HFE Public port If [AllocateEIPOnHFEPublicInterface] is set to False then enter comma separated pre-allocated/reserved EIPs allocation IDs and ensure the number of EIP allocation IDs are equal to the [NumberOfEIPOnHFEPublic] value.
For example,a list of EIPs allocation IDs could be:
eipalloc-0f2e0f651bbf494fe,eipalloc-0a9ab9d240705c149,eipalloc-04e59f946b14980b8
System Configuration EnableCloudWatchMetrics Enable this for capturing instance metrics at cloudwatch.
Note: Default is false.
Yes, when CloudWatch features are using Interval Stats System Configuration UseAnonymizationFeature Enable this for Anonymization.
Note: Default is false.
Yes, when CloudWatch features are using ACT, TRC
Third Party Applications Provisioning ThirdPartyCPUs Enter number of CPUs to be reserved for use with third-party apps.
Note: Default is 0.Yes, when using CloudWatch features
Third Party Applications Provisioning ThirdPartyMem Enter number of MB of memory to be reserved for use with third-party apps.
Note: Default is 0.
Yes, when using CloudWatch features - Click Next.
The Options page displays. Optionally you can choose to Tag your deployment with a Key-value pair, IAM Role Permissions, Rollback Triggers or other advanced Options.
- Click Next.
The Review page displays. - Review the stack details and click Create
The CloudFormation Stacks page is displayed. - On successful stack creation, the stack then lists.
Warning | ||
---|---|---|
| ||
Do not update or modify the stack after creation. Do not change or remove resources after instance creation. For example, removing or attaching EIP, or changing the user data. |
Verify the Instance Creation
Perform the following steps to view the SBC SWe instances created:
Click the Services drop-down list.
The Services list is displayed.From the left pane click EC2.
The EC2 Dashboard page is displayed.
From the left pane under Instances click Instances.
The instances table lists the new instance.Note title Caution If you delete an instance from CFN, be aware that AWS does not delete volume(s) automatically. You must also delete it from the AWS UI if you do not want volumes of deleted instances (standalone, HA or HFE-based SBC installation).
Pagebreak