FreeSBC:Cloud:AWS Installation A

From TBwiki
(Difference between revisions)
Jump to: navigation, search
m (Minor)
 
(36 intermediate revisions by 7 users not shown)
Line 1: Line 1:
This page is intended to give assistance to people launching an instance of ''FreeSBC'' using Amazon Machine Image (AMI) on Amazon Web Service (AWS). In the Troubleshot section, instructions are suggested for a potential issue that a user may encounter.
+
{{DISPLAYTITLE:ProSBC:Cloud:AWS Installation}}
  
<h1>Procedure to instanciate an AMI</h1>
+
This page is intended to give assistance to people launching an instance of ''ProSBC'' using an Amazon Machine Image (AMI) on Amazon Web Service (AWS).
<ol>
+
    <li>After logging in your Amazon account, click on “EC2” in the main AWS console:</li>
+
[[File:ConsoleEC2.png| 800px]]
+
  
 +
== '''Instantiate a ProSBC''' ==
 +
* After logging in your Amazon account, click on “EC2” in the main AWS console:
 +
[[File:ConsoleEC2.png| 600px]]
  
    <li>On the left menu, click on “AMIs”:</li>
+
* On the left menu, click on “AMIs”:
[[File:AMIs.png]]
+
[[File:AMIs.png| 100px]]
  
 
+
* Click on the filter drop list and select “Private image” to locate ProSBC AMI:
    <li>Click on the filter drop list and select “Private image” to locate FreeSBC AMI:</li>
+
 
[[File:PrivateImages.png| 500px]]
 
[[File:PrivateImages.png| 500px]]
  
 +
* Select the region matching the region of the ProSBC AMI you want to test. If you don't know it, try "Canada (Central)".
  
    <li>Select the image and click “Launch”: (Check the troubleshooting section if you have a launching issue)</li>
+
[[File:RegionAMI.png| 700px]]
 +
 
 +
* Select the image and click “Launch”:
 
[[File:SelectAMI.png| 700px]]
 
[[File:SelectAMI.png| 700px]]
  
  
    <li>Select the instance type and its resources. For FreeSBC to run, you need to launch at least m4.large (2 vCPU, 8 GiB):</li>
+
* Select the instance type and its resources. The recommended instance type is:
[[File:SelectResources.png| 800px]]
+
**  m4.large (2 vCPU, 8 GiB)
 +
* Supported instance type are:  
 +
** C3, C4, D2, I2, M4 (excluding m4.16xlarge), and R3 instances ([https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enhanced-networking.html Supported instances from Amazon documentation])
 +
*** Note: The Paris region is not supported at this time, since it does not have any of the supported instance types.
 +
* This is the list of approximate performances for different AWS instance types. Results may vary according to configuration.
 +
{| cellpadding="5" border="1" class="wikitable"
 +
|-
 +
! width="150" style="background: none repeat scroll 0% 0% rgb(239, 239, 239); -moz-background-inline-policy: continuous;" | EC2 Instance
 +
! width="100" style="background: none repeat scroll 0% 0% rgb(239, 239, 239); -moz-background-inline-policy: continuous;" | AWS CPU cores
 +
! width="100" style="background: none repeat scroll 0% 0% rgb(239, 239, 239); -moz-background-inline-policy: continuous;" | Sessions per second (call rate)
 +
! width="100" style="background: none repeat scroll 0% 0% rgb(239, 239, 239); -moz-background-inline-policy: continuous;" | Sessions with RTP anchoring
 +
! width="200" style="background: none repeat scroll 0% 0% rgb(239, 239, 239); -moz-background-inline-policy: continuous;" | Sessions with Media bypass
 +
|-
 +
| valign="top" |
 +
m4.large
 +
| valign="top" |
 +
2
 +
| valign="top" |
 +
50
 +
| valign="top" |
 +
400
 +
| valign="top" |
 +
32,000
 +
|-
 +
| valign="top" |
 +
m4.xlarge
 +
| valign="top" |
 +
4
 +
| valign="top" |
 +
215
 +
| valign="top" |
 +
750
 +
| valign="top" |
 +
60,000
 +
|-
 +
| valign="top" |
 +
c4.xlarge
 +
| valign="top" |
 +
4
 +
| valign="top" |
 +
215
 +
| valign="top" |
 +
750
 +
| valign="top" |
 +
60,000
 +
|-
 +
| valign="top" |
 +
c4.2xlarge
 +
| valign="top" |
 +
8
 +
| valign="top" |
 +
575
 +
| valign="top" |
 +
2,000
 +
| valign="top" |
 +
60,000
 +
|-
 +
| valign="top" |
 +
m4.4xlarge
 +
| valign="top" |
 +
16
 +
| valign="top" |
 +
650
 +
| valign="top" |
 +
4,000
 +
| valign="top" |
 +
60,000
 +
|-
 +
| valign="top" |
 +
m4.10xlarge
 +
| valign="top" |
 +
40
 +
| valign="top" |
 +
650
 +
| valign="top" |
 +
4,800
 +
| valign="top" |
 +
60,000
 +
|-
 +
|}
  
  
    <li>Click “Configure instance Details”:</li>
+
[[File:SelectResources.png| 800px]]
[[File:ConfigureDetails.png| 1000px]]
+
  
  
    <li>Choose an existing subnet for the default list (or create a new one if you want to change the default parameters):</li>
+
* Click “Add Storage” to proceed to the next page:
 
[[File:ChooseSubnet.png| 1000px]]
 
[[File:ChooseSubnet.png| 1000px]]
  
  
    <li>Click "Add Device" under Network Interface section (since ''FreeSBC'' needs two Network Interfaces). Leave the default parameters as they are:</li>
+
* Change the Volume Size to 40Gb.
[[File:AddNewNetworkInterface.png| 1000px]]
+
* Select "Volume Type": gp2
 
+
* Check the box "Delete on Termination"
 
+
* Click “Add Tags” to proceed to the next page.
    <li>Click “Add Storage”:</li>
+
[[File:NextStorage.png| 800px]]
+
 
+
 
+
    <li>You can leave the default parameters as they are. Then, click “Add Tags”:</li>
+
 
[[File:NextTag.png| 800px]]
 
[[File:NextTag.png| 800px]]
  
  
    <li>You can leave the default parameters as they are. Then, click “Configure Security Group”:</li>
+
* You can leave the default parameters as they are.  
 +
* Click “Configure Security Group” to proceed to the next page:
 
[[File:NextSecurityGroup.png| 800px]]
 
[[File:NextSecurityGroup.png| 800px]]
  
 +
* Select "Create a new security group". We recommend that you simply open all ports on your own IP address, since the SBC contains its own internal firewall:
  
    <li>Select "Create a new security group" ( you can change its name and description). Then, click "Add Rule" to add a new rule as follow:
+
{| class="wikitable"
* Type: Custom TCP Rule
+
|-
* Protocol: TCP
+
! Rule !! Type !! Port Range !! Source IP
* Port Range: 12358
+
|-
* Source: My IP (will make this instance only accessible from your current computer IP)
+
| All traffic || All traffic || 0 - 65535 || (Use your own public IP)
</li>
+
|}
[[File:AddRule.png| 1000px]]
+
[[File:AddRule.png| 600px ]]
 
+
  
    <li>Click “Review and Launch”:</li>
 
[[File:ReviewLaunch.png| 1000px]]
 
  
 
+
* Click “Launch”. Be aware: you will be billed by Amazon for the instance resources:
    <li>Click “Launch”. Please, note that FreeSBC is free of charges. However, you will still be charged by Amazon for using their resources you allocated:</li>
+
 
[[File:Launch.png| 1000px]]
 
[[File:Launch.png| 1000px]]
  
  
    <li>You will be prompted to create a key pair, allowing you to securely connect to your instance. Select “Create a new key pair” if you do not own one, and give it a name. Then, click on “Download Key Pair” to download a .pem file since it is needed for a secured SSH connection:</li>
+
* You will be prompted to create a key pair, allowing you to securely connect to your instance. Select “Create a new key pair” if you do not own one, and give it a name. Then, click on “Download Key Pair” to download a .pem file since it is needed for a SSH connection. (Note: Make sure to not lose it, since you would then lose access the the SSH connection for the instance):
 
[[File:DownloadKey.png| 800px]]
 
[[File:DownloadKey.png| 800px]]
  
  
    <li>Click on “Launch Instances”:</li>
+
* Click on “Launch Instances”:
 
[[File:LaunchWithKey.png| 800px]]
 
[[File:LaunchWithKey.png| 800px]]
  
  
    <li>You can view your instance by clicking on “View Instances”:</li>
+
* You can view your instance by clicking on “View Instances”:
 
[[File:ViewInstance.png| 800px]]
 
[[File:ViewInstance.png| 800px]]
  
  
    <li>Select the instance you just created, and give a name:</li>
+
* Select the instance you just created and feel free to give it a name:  
 
[[File:RenameInstance.png| 800px]]
 
[[File:RenameInstance.png| 800px]]
  
 +
=== Optional: Elastic IP Creation section ===
 +
* If you want to use an associate public IP generated by Amazon (called "Elastic IP"). Click on "Elastic IP" on the left, then click on "Allocate new address":
 +
[[File:ElasticIP.png| 300px]]
  
    <li>For your instance to become accessible, you need to associate a public IP generated by Amazon. Click on "Elastic IP" on the left, then click on "Allocate new address":</li>
 
[[File:ElasticIP.png| 400]]
 
  
 +
* Click on "Allocate IP". A new public IP will be generated by Amazon:
 +
[[File:AllocateIP.png| 600px]]
  
    <li>Click on "Allocate IP". A new public IP will be generated by Amazon:</li>
 
[[File:AllocateIP.png| 400]]
 
  
 +
* Click on "Close":
 +
[[File:NewIP.png| 600px]]
  
    <li>Click on "Close":</li>
+
=== Optional: Elastic IP association section ===
[[File:NewIP.png| 400]]
+
  
 +
* Go to the left pane and click on "Instance". Then select the instance "ProSBC" to display its description:
 +
[[File:IPforInstance.png| 600px]]
  
    <li>Go to the left pane and click on "Instance". Then select the instance "FreeSBC" to display its description:</li>
+
* Find the '''eth0''' network interface in the instance description:
[[File:IPforInstance.png| 400]]
+
[[File:GetTheRightNetworkInterface.png| 1100px]]
  
  
    <li>Notice the main Private IP circled in green. You need to identify which of the network interfaces is associated with it. Usually, it is the first in the list:</li>
+
* Click on the '''eth0''' Network Interface, then click on the "Interface ID" link:
[[File:GetTheRightNetworkInterface.png| 800]]
+
[[File:InterfaceID.png| 1100px]]
  
  
    <li>Click on the identified Network Interface associated with the main Private IP, then click on "Interface ID" link:</li>
+
* Right-click on the selected Network Interface, then click "Associate Address":
[[File:InterfaceID.png| 800]]
+
[[File:AssociateAddress.png| 800px]]
  
  
    <li>Right-click on the selected Network Interface, then click "Associate Address":</li>
+
* In the Address list, select the public IP to associate with the main Network Interface. Then, click on "Associate Address":
[[File:AssociateAddress.png| 700]]
+
[[File:SelectAddress.png| 800px]]
  
  
    <li>In the Address list, select the public IP to associate with the main Network Interface. Then, click on "Associate Address":</li>
+
* Click on "Instances" on the left pane and select "ProSBC" instance. Check if your instance is associated with a public IP:
[[File:SelectAddress.png| 700]]
+
[[File:Ready.png| 1100px]]
  
</ol>
+
== Enable SR-IOV enhanced networking ==
 +
It is very important to enable "enhanced networking" for tbrouter to have access to the network devices on the VM.
  
 +
This must be done before completing the initial web portal configuration.
  
<p>You are ready to connect to ''FreeSBC'' instance on AWS through the Web Portal.</p>
+
There are two types of enhanced networking, we need the second one.
  
 +
1) Elastic Network Adapter (ENA)
  
<h1>Troubleshooting</h1>
+
2) Intel 82599 Virtual Function (VF) interface
If you come across the following issue, please follow the suggested instructions:
+
== Launch Failed after step 4==
+
[[File:FailedLaunch.png| 800px]]
+
<ol>
+
    <li>Follow the link:</li>
+
[[File:FailedLaunchLink.png| 800px]]
+
  
 +
===Install the AWS CLI===
 +
https://aws.amazon.com/cli/
  
    <li>Click on “Continue to Subscribe”:</li>
+
===Get security credentials for the command line===
[[File:Subscribe.png| 800px]]
+
On the AWS web portal, click on your account name and choose "My Security Credentials"
  
 +
Expand the "Access keys" section
  
    <li>If you agree with Amazon conditions, click on “Accept Software Terms & Launch with 1-click”. Now, you are ready to launch the instance you need:</li>
+
Create a new key, you will need the AWSAccessKeyId and AWSSecretKey
[[File:Accept.png| 800px]]
+
</ol>
+
  
== Test if FreeSBC is up and running in real-time ==
+
===Open a CLI and execute the aws cli commands===
You can open a session of the image running CentOS7 and check the status of ''FreeSBC'' in real-time. Depending on your operating system, you can follow the links on Amazon guide to do so:
+
  aws configure
{| class="wikitable"
+
 
|-
+
Paste the access key ID and key that you previously obtained along with your default region.
! Your Computer !! Topic
+
 
|-
+
===Show if the enhanced networking is enabled===
| Linux || [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html Connecting to Your Linux Instance Using SSH]
+
Make sure to replace the example instance ID with your own AWS instance ID
|-
+
 
| Windows || [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/putty.html Connecting to Your Linux Instance from Windows Using PuTTY]
+
  aws ec2 describe-instance-attribute --instance-id i-0123456789abcdef1 --attribute sriovNetSupport
|-
+
 
| All (using Firefox, Edge or Internet Explorer) || [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/mindterm.html Connecting to Your Linux Instance Using MindTerm]
+
Enabled:
|}
+
  {
 +
      "InstanceId": "i-0123456789abcdef1",
 +
      "SriovNetSupport": {
 +
          "Value": "simple"
 +
      }
 +
  }
 +
 
 +
Not enabled:
 +
  {
 +
      "InstanceId": "i-0123456789abcdef1",
 +
      "SriovNetSupport": {}
 +
  }
 +
 
 +
==Enable sriov enhanced networking==
 +
To enable the sriov enhanced networking, first turn off the instance then do:
 +
 
 +
  aws ec2 modify-instance-attribute --instance-id i-0123456789abcdef1  --sriov-net-support simple
 +
 
 +
== Accessing the TSBC-SW ==
 +
=== Accessing the TSBC-SW web portal ===
 +
* Open a web browser to the management IP of the TSBC, on port 12358.  Example if your Instance public IP address is 35.183.126.193, the URL would be: <br/> http://35.183.126.193:12358
 +
<br/>
 +
:You should get to the TSBC Configuration Wizard <br/>
 +
:[[File:AWS_TSBC_WebPortal_Configuration_wizard.jpg|700px]]
 +
<br/>
 +
 
 +
Take note that it may take a while for the ProSBC system to make the Web Portal available (around 3-5 minutes).
 +
 
 +
* From here, you can go to [[TSBC-SW:WebPortal:Initial Configuration|Web Portal Initial Configuration Guide]] to continue the installation.
 +
 
 +
== Web Portal Initial Configuration ==
 +
Click on the following link to pursue installation from the web portal:
 +
[[TSBC-SW:WebPortal:Initial Configuration]]
 +
 
 +
== Troubleshooting ==
 +
* [[FreeSBC:Cloud:AWS_Installation_Troubleshooting_A|Installation troubleshooting]]
 +
* [[FreeSBC:Cloud:Recovering_an_Elastic_IP_address|Recovering an Elastic IP address]]
 +
[[Category:Revise on Major]]
 +
 
 +
== External References ==
 +
* [https://devops.profitbricks.com/tutorials/use-ssh-keys-with-putty-on-windows/#connect-to-server-with-private-key Accessing device with SSH and private key using putty]

Latest revision as of 07:18, 6 April 2021


This page is intended to give assistance to people launching an instance of ProSBC using an Amazon Machine Image (AMI) on Amazon Web Service (AWS).

Contents

Instantiate a ProSBC

  • After logging in your Amazon account, click on “EC2” in the main AWS console:

ConsoleEC2.png

  • On the left menu, click on “AMIs”:

AMIs.png

  • Click on the filter drop list and select “Private image” to locate ProSBC AMI:

PrivateImages.png

  • Select the region matching the region of the ProSBC AMI you want to test. If you don't know it, try "Canada (Central)".

RegionAMI.png

  • Select the image and click “Launch”:

SelectAMI.png


  • Select the instance type and its resources. The recommended instance type is:
    • m4.large (2 vCPU, 8 GiB)
  • Supported instance type are:
  • This is the list of approximate performances for different AWS instance types. Results may vary according to configuration.
EC2 Instance AWS CPU cores Sessions per second (call rate) Sessions with RTP anchoring Sessions with Media bypass

m4.large

2

50

400

32,000

m4.xlarge

4

215

750

60,000

c4.xlarge

4

215

750

60,000

c4.2xlarge

8

575

2,000

60,000

m4.4xlarge

16

650

4,000

60,000

m4.10xlarge

40

650

4,800

60,000


SelectResources.png


  • Click “Add Storage” to proceed to the next page:

ChooseSubnet.png


  • Change the Volume Size to 40Gb.
  • Select "Volume Type": gp2
  • Check the box "Delete on Termination"
  • Click “Add Tags” to proceed to the next page.

NextTag.png


  • You can leave the default parameters as they are.
  • Click “Configure Security Group” to proceed to the next page:

NextSecurityGroup.png

  • Select "Create a new security group". We recommend that you simply open all ports on your own IP address, since the SBC contains its own internal firewall:
Rule Type Port Range Source IP
All traffic All traffic 0 - 65535 (Use your own public IP)

AddRule.png


  • Click “Launch”. Be aware: you will be billed by Amazon for the instance resources:

Launch.png


  • You will be prompted to create a key pair, allowing you to securely connect to your instance. Select “Create a new key pair” if you do not own one, and give it a name. Then, click on “Download Key Pair” to download a .pem file since it is needed for a SSH connection. (Note: Make sure to not lose it, since you would then lose access the the SSH connection for the instance):

DownloadKey.png


  • Click on “Launch Instances”:

LaunchWithKey.png


  • You can view your instance by clicking on “View Instances”:

ViewInstance.png


  • Select the instance you just created and feel free to give it a name:

RenameInstance.png

Optional: Elastic IP Creation section

  • If you want to use an associate public IP generated by Amazon (called "Elastic IP"). Click on "Elastic IP" on the left, then click on "Allocate new address":

ElasticIP.png


  • Click on "Allocate IP". A new public IP will be generated by Amazon:

AllocateIP.png


  • Click on "Close":

NewIP.png

Optional: Elastic IP association section

  • Go to the left pane and click on "Instance". Then select the instance "ProSBC" to display its description:

IPforInstance.png

  • Find the eth0 network interface in the instance description:

GetTheRightNetworkInterface.png


  • Click on the eth0 Network Interface, then click on the "Interface ID" link:

InterfaceID.png


  • Right-click on the selected Network Interface, then click "Associate Address":

AssociateAddress.png


  • In the Address list, select the public IP to associate with the main Network Interface. Then, click on "Associate Address":

SelectAddress.png


  • Click on "Instances" on the left pane and select "ProSBC" instance. Check if your instance is associated with a public IP:

Ready.png

Enable SR-IOV enhanced networking

It is very important to enable "enhanced networking" for tbrouter to have access to the network devices on the VM.

This must be done before completing the initial web portal configuration.

There are two types of enhanced networking, we need the second one.

1) Elastic Network Adapter (ENA)

2) Intel 82599 Virtual Function (VF) interface

Install the AWS CLI

https://aws.amazon.com/cli/

Get security credentials for the command line

On the AWS web portal, click on your account name and choose "My Security Credentials"

Expand the "Access keys" section

Create a new key, you will need the AWSAccessKeyId and AWSSecretKey

Open a CLI and execute the aws cli commands

 aws configure

Paste the access key ID and key that you previously obtained along with your default region.

Show if the enhanced networking is enabled

Make sure to replace the example instance ID with your own AWS instance ID

 aws ec2 describe-instance-attribute --instance-id i-0123456789abcdef1 --attribute sriovNetSupport

Enabled:

 {
     "InstanceId": "i-0123456789abcdef1",
     "SriovNetSupport": {
         "Value": "simple"
     }
 }

Not enabled:

 {
     "InstanceId": "i-0123456789abcdef1",
     "SriovNetSupport": {}
 }

Enable sriov enhanced networking

To enable the sriov enhanced networking, first turn off the instance then do:

 aws ec2 modify-instance-attribute --instance-id i-0123456789abcdef1  --sriov-net-support simple

Accessing the TSBC-SW

Accessing the TSBC-SW web portal

  • Open a web browser to the management IP of the TSBC, on port 12358. Example if your Instance public IP address is 35.183.126.193, the URL would be:
    http://35.183.126.193:12358


You should get to the TSBC Configuration Wizard
AWS TSBC WebPortal Configuration wizard.jpg


Take note that it may take a while for the ProSBC system to make the Web Portal available (around 3-5 minutes).

Web Portal Initial Configuration

Click on the following link to pursue installation from the web portal: TSBC-SW:WebPortal:Initial Configuration

Troubleshooting

External References

Personal tools