In this section:

Note
Ribbon Recommends the use of AWS CloudFormation template for all SBC instantiation. Refer to Using CloudFormation Templates (7.2S400).

Overview of Manual Launch of SBC HA Instance in AWS

To do a manual launch of an HA SBC instance, perform the following steps:

  1. Create a VPC for use in the deployment. Refer to Creating VPC for SBC.
  2. Create Internet Gateway for use in the deployment.  Refer to Creating Internet Gateway for SBC.
  3. Create Key Pairs for Linux shell access and Administrator access. Refer to Creating Key Pairs for SBC.
  4. Create Subnets for use in the deployment. Refer to Creating Subnets for SBC.
  5. Create Security Groups for use in the deployment. Refer to Creating Security Groups for SBC.
  6. Update or create Route tables for the newly created subnets. Refer to Creating Route Tables for SBC.
  7. Create a placement group for the SBC deployment. Refer to Creating Placement Groups.
  8. Create a Policy and Role for the SBC instance. Refer to Creating Identity and Access Management (IAM) Role for SBC.
  9. Allocate EIP (Elastic IPs) used for external access to the SBC. See Allocating Elastic IPs.
  10. Create Network Interfaces to associate private IP interfaces to the created subnets. See Creating Network Interfaces.
  11. Associate Elastic IPs to the Private IPs created during Network Interface creation. See Associate Elastic IPs.
  12. Launch the Active HA SBC instance using the EC2 console. See Launching HA SBC Instances from EC2.
  13. Launch the Standby HA SBC instance using the EC2 console. See Launching HA SBC Instances from EC2.

 

 

Allocating Elastic IPs (EIPs)

Create Elastic IPs (EIP) in advance as follows:

  • two EIPs for use with MGT0 of each of the SBC instances (1 EIP for each SBC instance in the HA pair)
  • one EIP for MGT0 secondary IP of ACTIVE SBC
  • one EIP for PKT0 of the HA SBC instance pair (if required per customer deployment)
  • one EIP for PKT1 network interfaces (if required per customer deployment)

To create an Elastic IP for the Management (MGT0) interface, perform the following steps:

  1. Navigate to the EC2 Management Console
  2. Select NETWORK & SECURITY > Elastic IPs
    The Elastic IPs page displays.
  3. Click Allocate new address.
    The Allocate new address page displays.
  4. Click the radio button next to IPv4 address pool > Amazon pool unless you have a private IPv4 address pool pre-defined by Amazon.
  5. Click Allocate to complete the creation.
  6. Assign your IP address a name tag by hovering the mouse over the "Name"  field in the Network interface list and click on the pencil, then type in a name.
  7. Repeat to allocate Elastic IPs for the 2nd SBC instance's MGT0 and PKT0 and/or PKT1 if required per customer networking needs.

Creating Network Interfaces

Create network interfaces for HA0, MGT0, PKT0, and PKT1 of each of the SBC Instances in the HA pair to be able to route IP packets to/from the subnets created in the prior step. To instantiate the SBC SWe HA instance, add a secondary IP address to MGT0, PKT0, and PKT1 network interfaces.

 To create a network interface for HA0, perform the following steps:

  1. Navigate to EC2 Management Console.

  2. Select NETWORK & SECURITY > Network Interfaces.
    The Network Interface page displays.

  3. Click Create Network Interface
    The Create Network Interface displays.

  4. In the Create Network Interface screen:

    1. Enter the network interface description such as HA0.

    2. Select the Subnet and Security groups from the drop-down list.

    3. Click Yes, Create.


      The new network interface displays in the list.

  5. By default, the network interface does not have a name. Name it by hovering the mouse over the "Name" field in the Network interface list and click on the pencil. The user will be prompted to enter a name.
  6. Repeat steps 3 through 4 to create network interfaces for MGT0, PKT0, and PKT1 of the active SBC instance.
  7. Repeat steps 3 through 4 to create network interfaces for the HA0, MGT0, PKT0, and PKT1 interfaces of the standby SBC instance.

Adding Secondary IP Addresses to MTG0, PKT0, PKT1 Network Interfaces

To instantiate the SBC SWe HA instance, add a secondary IP address to the MGT0, PKT0, and PKT1 network interfaces that will be associated with the active SBC SWe instance.

Caution

When the switch-over occurs, the secondary IP address and the EIP address (associated with these Secondary IPs) move to the new active instance's corresponding interfaces.


To add a secondary IP address:

  1. Right-click the network interface and select Manage Private IP Addresses.
    The Manage Private IP Addresses window displays.

  2. Click Assign new IP.

  3. Enter the secondary IP address.

    Note

    By default, if you do not enter a secondary IP address, the IP address gets auto-assigned.

  4. Click Yes, Update.
    The attached address displays.


Associating an Elastic IP Address to Private IPs

Associate an elastic IP (EIP) address to MGT0 private primary IP and secondary private IP addresses. 

Based on the network requirement, associate EIPs to secondary IP addresses of PKT0 and PKT1 network interfaces if those networks require external access.

To associate an elastic IP address to MTG0 of the active SBC instance:

  1. Right-click the network interface and select Associate Address.
    The Associate Elastic IP Address screen displays.
  2. Click the Address drop-down list and select an elastic IP address from the list.
  3. Select Allow reassociation, to associate EIP even when the network interface is in use.

  4. Click the Associate to Private IP Address drop-down list and select the private IP address.

  5. Click Associate Address.

  6. Repeat for MGT0 of the Standby SBC instance and  PKT0 and PKT1 network interfaces as required.

Launching an HA SBC Instance Pair from EC2

To launch the SBC HA instance pair from the AWS EC2 control panel, do the following:

  1. While logged into the target AWS account, click the Services drop-down list.
    The Services list is displayed.

  2. From the left pane click EC2.

     

    The EC2 Dashboard page displays.

  3. From the left pane under Images click AMIs. The AMI ID page displays.

Choosing an AMI ID

This account may own the SBC AMI ID, or it may be a private image. 

  1. If this account owns the AMI, select Owned by me from the drop-down next to the search bar. 
  2. If this account does not own the AMI, select Private images from the drop-down next to the search bar.
  3. In the search bar, enter the AMI ID of the image and press enter. The AMI entered displays.
  4. Select the AMI ID and click Launch.

    The Choose an Instance Type page displays.

Choosing an Instance Type

Note

Ribbon recommends m5.xlarge or higher instance type if this instance type is available in your zone. Use c5.2xlarge instance type or higher to handle more calls with transcoding.

 

  1. Select an instance type that meets the requirements.
  2. Click Next: Configure InstanceDetails
    The Configure Instance Details page displays. The page is quite long and has a scroll bar at right.

Configuring the Active SBC Instance

  1. Select the Network (VPC) and Management Subnet from the list.
    This creates the mgt0 network interface and attaches as eth0.

  2. Select the checkbox Add instance to Placement group and click on the radio button next to Add to a new placement group. There is an option to give the placement group a name.

    Note

    A placement group ID is a logical grouping of instances within a single Availability Zone. The choices are "cluster" or "spread". This is an optional field and can be blank.

  3. Select the IAM role that was created earlier in the procedure.

  4. Scroll down and select Tenancy from the list.

    Note

    Dedicated instances have dedicated hardware isolated at host hardware level from the non-dedicated instances and instances that belong to other AWS accounts.

    It accepts shared, for instances running on shared hardware, or dedicated or dedicated host, for instances running on single-tenant hardware.

  5. Scroll down to Network interfaces and expand the section.
  6. Choose to auto-assign a Public IP address by selecting New network interface next to the eth0 device or Select the mtg0 Network Interface that was allocated in a prior step from the drop-down.

  7. Click Advanced Details section to expand.

    Note

    If the CERole parameter in user data is Active/Standby, it represents the HA userdata format. Otherwise, it represents the standalone userdata format.

  8. In the User data section select As text

Enter the user data corresponding to the ACTIVE SBC instance per the following format:

 

Format of Userdata for HA Instances
{
 "CERole" : "<ACTIVE | STANDBY>",
 "ReverseNatPkt0" : "<True | False>",
 "ReverseNatPkt1" : "<True | False>",
 "ALT_Mgt0_00" : "LOGICAL_MGMT_IP",
 "ALT_Pkt0_00" : "VIP1",
 "ALT_Pkt1_00" : "VIP2",
 "CEName" : "<CEName>",
 "SystemName" : "<SystemName>",
 "PeerCEName" : "<PeerCEName>",
 "PeerCEHa0IPv4Address" : "<PeerCEHa0IPv4Address>",
 "SbcPersonalityType" : "isbc",
 "SbcMgmtMode"          : "centralized",
 "EnableSudoLinuxadmin" : "False",
 "IAM_ROLE"             : "<AWS IAM Role Name>",
 "AdminSshKey"          : "<public key>",
 "ThirdPartyCpuAlloc" : "<vcpu>", 
 "ThirdPartyMemAlloc" : "<mb>"
}



Format of Userdata for Active HA Instance
{
 "CERole" : "ACTIVE",
 "ReverseNatPkt0" : "<True | False>",
 "ReverseNatPkt1" : "<True | False>",
 "ALT_Mgt0_00" : "LOGICAL_MGMT_IP",
 "ALT_Pkt0_00" : "VIP1",
 "ALT_Pkt1_00" : "VIP2",
 "CEName" : "<CEName>",
 "SystemName" : "<SystemName>",
 "PeerCEName" : "<PeerCEName>",
 "PeerCEHa0IPv4Address" : "<PeerCEHa0IPv4Address>",
 "SbcPersonalityType" : "isbc",
 "SbcMgmtMode"          : "centralized",
 "EnableSudoLinuxadmin" : "False",
 "IAM_ROLE"             : "<AWS IAM Role Name>",
 "AdminSshKey"          : "<public key>",
 "ThirdPartyCpuAlloc" : "<vcpu>", 
 "ThirdPartyMemAlloc" : "<mb>"
}

 

 

Example of Userdata for HA Active Unit
{
 "CERole" : "ACTIVE",
 "ReverseNatPkt0" : "False",
 "ReverseNatPkt1" : "False",
 "ALT_Mgt0_00" : "LOGICAL_MGMT_IP",
 "ALT_Pkt0_00" : "VIP1",
 "ALT_Pkt1_00" : "VIP2",
 "CEName" : "vsbc1",
 "SystemName" : "vsbcSystem",
 "NodeName" : "SD-test-HA-510A654",
 "PeerCEName" : "vsbc2",
 "PeerCEHa0IPv4Address" : "10.54.20.133",
 "SbcPersonalityType" : "isbc",
 "SbcMgmtMode"          : "centralized",
 "EnableSudoLinuxadmin" : "False",
 "IAM_ROLE"             : "SWe",
 "AdminSshKey"          : "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCJnrFMr/RXJD3rVLMLdkJBYau+lWQ+F55Xj+KjunVBtw/zXURV38QIQ1zCw/GDO2CZTSyehUeiV0pi2moUs0ZiK6/TdWTzcOP3RCUhNI26sBFv/Tk5MdaojSqUc2NMpS/c1ESCmaUMBv4F7PfeHt0f3PqpUsxvKeNQQuEZyXjFEwAUdbkCMEptgaroYwuEz4SpFCfNBh0obUSoX5FNiNO/OyXcR8poVH0UhFim0Rdneo7VEH5FeqdkdGyZcTFs7A7aWpBRY3N8KUwklmNSWdDZ9//epEwgaF3m5U7XMd4M9zHURF1uQ/Nc+aiyVId9Mje2EU+nh6npaw/tEOPUiC1v",
 "ThirdPartyCpuAlloc" : "0", 
 "ThirdPartyMemAlloc" : "0"
}

Do not change the values entered for ALT_Mgt0_00, ALT_Pkt0_00, ALT_Pkt1_00.

  • ALT_Mgt0_00 - Renames the first alternate IP for management port as "LOGICAL_MGMT_IP".
  • ALT_Pkt0_00 - Renames the first alternate IP for PKT0 port as "VIP1".
  • ALT_Pkt0_01 - Renames the first alternate IP for PKT1 port as "VIP2".

 

Format of Userdata for Standby HA Instance
{
 "CERole" : "STANDBY",
 "ReverseNatPkt0" : "<True | False>",
 "ReverseNatPkt1" : "<True | False>",
 "ALT_Mgt0_00" : "LOGICAL_MGMT_IP",
 "ALT_Pkt0_00" : "VIP1",
 "ALT_Pkt1_00" : "VIP2",
 "CEName" : "<CEName>",
 "SystemName" : "<SystemName>",
 "PeerCEName" : "<PeerCEName>",
 "PeerCEHa0IPv4Address" : "<PeerCEHa0IPv4Address>",
 "SbcPersonalityType" : "isbc",
 "SbcMgmtMode"          : "centralized",
 "EnableSudoLinuxadmin" : "False",
 "IAM_ROLE"             : "<AWS IAM Role Name>",
 "AdminSshKey"          : "<public key>",
 "ThirdPartyCpuAlloc" : "<vcpu>", 
 "ThirdPartyMemAlloc" : "<mb>"
}

 

 

Example of Userdata for Standby HA Unit
{
 "CERole" : "STANDBY",
 "ReverseNatPkt0" : "False",
 "ReverseNatPkt1" : "False",
 "ALT_Mgt0_00" : "LOGICAL_MGMT_IP",
 "ALT_Pkt0_00" : "VIP1",
 "ALT_Pkt1_00" : "VIP2",
 "CEName" : "vsbc2",
 "SystemName" : "vsbcSystem",
 "NodeName" : "SD-test-HA-510A654",
 "PeerCEName" : "vsbc1",
 "PeerCEHa0IPv4Address" : "10.54.20.218",
 "SbcPersonalityType" : "isbc",
 "SbcMgmtMode"          : "centralized",
 "EnableSudoLinuxadmin" : "False",
 "IAM_ROLE"             : "SWe",
 "AdminSshKey"          : "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCJnrFMr/RXJD3rVLMLdkJBYau+lWQ+F55Xj+KjunVBtw/zXURV38QIQ1zCw/GDO2CZTSyehUeiV0pi2moUs0ZiK6/TdWTzcOP3RCUhNI26sBFv/Tk5MdaojSqUc2NMpS/c1ESCmaUMBv4F7PfeHt0f3PqpUsxvKeNQQuEZyXjFEwAUdbkCMEptgaroYwuEz4SpFCfNBh0obUSoX5FNiNO/OyXcR8poVH0UhFim0Rdneo7VEH5FeqdkdGyZcTFs7A7aWpBRY3N8KUwklmNSWdDZ9//epEwgaF3m5U7XMd4M9zHURF1uQ/Nc+aiyVId9Mje2EU+nh6npaw/tEOPUiC1v",
 "ThirdPartyCpuAlloc" : "0", 
 "ThirdPartyMemAlloc" : "0"
}

Do not change the values entered for ALT_Mgt0_00, ALT_Pkt0_00, ALT_Pkt1_00.

  • ALT_Mgt0_00 - Renames the first alternate IP for management port as "LOGICAL_MGMT_IP".
  • ALT_Pkt0_00 - Renames the first alternate IP for PKT0 port as "VIP1".
  • ALT_Pkt0_01 - Renames the first alternate IP for PKT1 port as "VIP2".

The following table gives descriptions of Userdata Parameters:

 

Userdata Parameter Description

Parameter
Length
Format
Description

CERole 

N/A

ACTIVE / STANDBY

Assigned role of SBC instance.

Allowed Value:

  • Active
  • Standby
ReverseNatPkt0 / ReverseNatPkt1

Reverse NAT flag for Pkt0 and Pkt1

True / False (default)

Values:

  • True: To consider FIPV4 entity using the value provided in the dictionary
  • False: To configure FIPV4 using SMM rules, and ignore the FIPV4 value provided here

CEName

64

string

This specifies the actual CE name of the SBC instance. For more information, refer to System and Instance Naming Conventions.

CEName Requirements:

  • Must start with an alphabetic character
  • Only contain alphabetic characters and/or numbers. No special characters
  • Cannot exceed 64 characters in length

SystemName

26

string

This specifies the actual system name of the SBC instance. For more information, refer to System and Instance Naming Conventions.

System Requirements:

  • Must start with an alphabetic character
  • Only contain alphabetic characters and/or numbers. No special characters
  • Cannot exceed 26 characters in length
Node Name64

string

This specifies a unique name for the instance in a node.

PeerCEName

64

string

This specifies the name of the peer SBC node. For more information, refer to System and Instance Naming Conventions.

Peer CEName Requirements:

  • Must start with an alphabetic character
  • Only contain alphabetic characters and/or numbers. No special characters
  • Cannot exceed 64 characters in length

PeerCEHa0IPv4Address

N/A

IPv4 address x.x.x.x

This specifies the IPv4 address of the HA port for the peer SBC node. This parameter is applicable only in the case of the instance being launched in HA mode.

AdminSshKey255

string

This specifies the public key for the admin user. To Extract the Public Key from the Private Key (.pem) file generated in AWS, use the ssh-keygen tool from the shell of any Linux system. (e.g.type: ssh-keygen -y -f <pem_file>). Cut/paste the output from the command onto the AdminSshKey : line as “ssh-rsa <key>” e.g.

> ssh-keygen -y -f paul-vsbc-SA-admin.pem
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCHVcY4flFmBaxvDkIHlgWXl3fTa1A1xrun6FxDMkk3pu5dI4EjgEofnZ4vy/vBakLDMN8Qu5XxmkMDTcgK6ZhJ2JWG8U3y/1w7WauYohMWJV5yQ5ILgui9huc23LGa2+o0zFNGc+0+6X0jmvliccMKwZ05ti9nTaeYj2lDd3UWJGO8pSCvTh50GF9fqRfzAG8BNKXNRDi00XBEfcrMVErhwhyWrwEfSOYOGqrh9p/LubjPHVp8wTn98ZCnUh0B09eX2iOoIBBQalNiD4PnCXGYLnm7MmKErKtEdny0OpGglP2OgjkVQsFK9sYaPu0XlRb7PLZjvsOqqRHc9b/b0A+J
"ALT_Mgt0_00" 15

text - to be entered as "LOGICAL_MGMT_IP"

Required instructions for the HA instance. It causes installation scripts to rename the first alternate IP for management port as "LOGICAL_MGMT_IP"
"ALT_Pkt0_00"4

text - to be entered as "VIP1"

Required instructions for the HA instance. It causes installation scripts to rename the first alternate IP for PKT0 port as "VIP1".

"ALT_Pkt1_00"4

text - to be entered as "VIP2"

Required instructions for the HA instance. It causes installation scripts to rename the first alternate IP for PKT1 port as "VIP2".

IAM_ROLE64

string

The name of the IAM role for SBC SWe instance. The SBC requires access to the AWS REST-API, thus must use a role that permits this.
SbcPersonalityType4

string - to be entered as "isbc".

The name of the SBC personality type for this instance. At this time only integrated SBC (isbc) is supported in AWS.
SbcMgmtMode11

string - to be entered as "centralized".

The element manager management mode of the SBC. At this time only centralized management with EMS is supported.
EnableSudoLinuxadmin5

True / False

Whether to allow Linuxadmin user access to sudo as root. Set this to False.

ThirdPartyCpuAlloc

n/a

0-? in vCPUs

Enter the number of CPUs to reserve for use with third-party apps. 

Note: Default is 0

ThirdPartyMemAlloc

n/a

0-? in MB

Enter the number of MB of memory to reserve for use with third-party apps.  

Note: Default is 0

 

Adding Storage

  1. Click Next: Add Storage

  2. Select Provisioned IOPS SSD (io1) as Volume Type.

  3. Enter volume size in GiB. 

    Note

    The minimum size is 65 GiB. Ribbon recommends using the default IOPS value.

Adding Tags

  1. Click on Next: Add Tags. The Add Tags page displays:
  2. Enter a key name and value.
  3. Click Add another tag to create more than one tag.

Configuring Security Groups

  1. Click Next: Configure Security Group. The Configure Security Group page appears:
  2. Click Select an existing security group.
  3. Select the management security group from the list.
  4. Click Review and Launch.

Reviewing the Instance

  1. Review the instance details. Choose to Edit any of the prior specified instance specifications.
  2. Click LaunchA prompt to select a key pair will appear.

Key Pair Selection

  1. Select Key Pair option

    1. Select Choose an existing key pair and select the key pair or specify the key pair name if one is already defined.

      OR

    2. Select Create a new key pair name from the drop-down and give the key-pair a name. Be sure to click "Download Key Pair" to save the private key file (*.pem). This will be required to have ssh access into the created SBC after the instance launches.

  2. Click Launch InstancesThe new instance will start launching, and the Launch Status page appears.

  3. Click the instance ID to view the instance.

     

Attaching Network Interfaces

  1. Stop the instance to attach the network interfaces. Right-click the instance and select Instance State > Stop.

    A message appears to confirm stopping the instance.


    The Launch Instance screen displays again.

  2. Right-click the instance and select Networking > Attach Network Interface.

  3. Select the HA interface and click Attach. This attaches the HA network interface as eth1.

  4. Repeat step 3 to attach PKT0 and PKT1 network interfaces.

    Note

     In instance details, the attached network interfaces are listed as eth0, eth1, eth2, and eth3. Ribbon refers to these as MGT0, HA, PKT0, and PKT1 respectively.

    Note

    At this point, you can optionally change the systemName and local host name by editing the userdata. 

    For more information, refer to Metadata and Userdata Format, Meta Variables and CLI Configuration on AWS.

  5. Re-Start the instance to continue the instantiation.

  6. Right-click the instance and select Instance State > StartA message appears to confirm starting the instance.

  7. Click Yes, Start.
    The user returns to the Launch Instance screen.

    Note

    The system takes approximately 6-8 minutes to start. Wait for the "Status Checks" to show a green check mark.

Launching Standby SBC Instance

Repeat the procedures under Launching an HA SBC Instance Pair from EC2 to Launch the Standby SBC Instance.