Transcription
User's ManualAudioCodes Mediant Family of Session Border ControllersStack ManagerMediant Cloud Edition (CE) SBCMediant Virtual Edition (VE) SBCVersion 7.2
User's ManualContentsTable of Contents1Introduction . 92Deployment . 112.12.22.3Operational Environment .11Network Topology .11Installation Prerequisites .122.3.12.3.22.3.32.3.4Installation Prerequisites for Amazon Web Services (AWS) Environment.122.3.1.1 IAM Role for Stack Manager .122.3.1.2 Subnet and Elastic IP Addresses .14Installation Prerequisites for Microsoft Azure Environment .142.3.2.1 Subnet and Public IP Addresses .14Installation Prerequisites for Google Cloud Environment .152.3.3.1 Subnet and External IP Addresses .15Installation Prerequisites for OpenStack Environment .152.3.4.1 Provider Versus Self-Service Networks .152.3.4.2 Subnet and Floating IP Addresses .162.4Installation .172.52.62.72.8Accessing the Web Interface .32Accessing the CLI .33Upgrading Stack Manager .34Post-installation Configuration . 352.4.12.4.22.4.32.4.42.4.52.4.6Overview .17Creating Amazon Web Services (AWS) Instance .17Deploying Stack Manager on Microsoft Azure .21Creating Google Cloud Virtual Machine .26Creating OpenStack Instance .28Installing Stack Manager Application .312.8.12.8.42.8.5Post-installation Configuration on Amazon Web Services (AWS) .352.8.1.1 Enabling Access to AWS API via IAM Role (Recommended Method) .352.8.1.2 Enabling Access to AWS API via AWS Access Key (Alternative Method)35Post-Installation Configuration on Microsoft Azure .362.8.2.1 Configuring the Azure Subscription ID .362.8.2.2 Enabling Access to Azure APIs via Managed Service Identity(Recommended Method) .372.8.2.3 Enabling Access to Azure APIs via Service Principal (Alternative Method)44Post-Installation Configuration on Google Cloud .452.8.3.1 Configuring Google Project ID .452.8.3.2 Enabling APIs in Project .452.8.3.3 Creating a Service Account .462.8.3.4 Enabling Access to Google Cloud APIs via Service Account(Recommended Method) .472.8.3.5 Enabling Access to Google Cloud APIs via Configuration File (AlternativeMethod) 47Post-installation Configuration on OpenStack .48Verifying Configuration .492.9.12.9.22.9.3Storing Runtime Data on AWS S3 .50Storing Runtime Data on Azure Storage Service .52Storing Runtime Data on Google Cloud Storage Service .522.8.22.8.32.9Runtime Data .50Version 7.23Mediant CE
Stack Manager2.9.42.9.5Storing Runtime Data on OpenStack Object Storage Service .53Migrating Runtime Data from Local Disk to Storage Service .532.10 Resource Naming .543Web Interface . 553.13.23.3Accessing the Web Interface .55Global Configuration .56Creating a New Stack g Mediant CE in Amazon Web Services (AWS) Environment .583.3.1.1 Troubleshooting .60Creating Mediant CE in Azure Environment .613.3.2.1 Troubleshooting .63Creating Mediant CE in Google Cloud Environment .64Creating Mediant CE in OpenStack Environment .66Creating Mediant VE in Amazon Web Services (AWS) Environment .683.3.5.1 Troubleshooting .69Creating Mediant VE in Azure Environment .703.3.6.1 Troubleshooting .71Creating Mediant VE in Google Cloud Environment .72Advanced Configuration .733.3.8.1 Advanced Configuration for Mediant CE .743.3.8.2 Advanced Configuration for Mediant VE .833.43.53.63.7Checking Stack State and Configuration . 86Active Alarms .87Performing Operations on Stack . 88Scaling Mediant CE Stack .893.8Automatic Scaling .913.9Modifying Stack Configuration . 933.7.13.7.23.7.3Scale Out Operation .89Scale In Operation .90Scale To Operation .903.8.13.8.23.8.3Cool Down Period .92Auto Scale Step .92Changing Cluster Size at Specific Time of Day .923.9.13.9.23.9.3Update Operation .95Modifiable Parameters for Mediant CE .96Modifiable Parameters for Mediant VE .983.10 Stopping and Starting Stack .993.11 Healing Stack .993.123.133.143.153.1643.11.1 Automatic Healing .100Deleting Stack . 100Upgrading Software on Idle Media Components. 100Rebuilding Stack . 100Upgrading Stack . 101Stack Deployment Details. 1033.16.13.16.23.16.33.16.4Use of Native Cloud Orchestration .103Adjusting Security Groups .104Using Pre-Defined Public IP Addresses .104Using Pre-Defined Private IP Addresses.105CLI Interface . 1074.14.2Accessing CLI Interface . 107Invocation . 107User's Manual4Document #: LTRT-28934
User's ManualContents4.34.44.54.6Usage Information . 107Global Configuration . 108Listing Available Stacks . 110Creating a New Stack . 1104.7Checking Stack State and Configuration . 1264.8Scaling Mediant CE Stack . 1294.9Modifying Stack Configuration . 1314.6.1 Creating Stack Configuration File via SBC Cluster Configuration Tool(Recommended Method) .1114.6.2 Creating Stack Configuration File Manually (Alternative Method) .1174.6.2.1 Sample Configuration File .1184.6.3 Creating a New Stack .1254.7.1Checking Idle Media Components .1284.8.14.8.24.8.3Scale Out Operation .129Scale In Operation .130Scale To Operation .1304.9.1Update Operation .1344.10 Stopping and Starting the Stack . 1354.10.1 Stopping Stack .1354.10.2 Starting Stack .1354.11 Deleting Stack . 1364.124.134.144.1554.11.1 Purging Deleted Stack .136Healing Stack . 137Rebuilding Stack . 137Upgrade Stack. 138Multiple Operations. 138REST API . 1395.15.25.35.45.5Overview . 139Asynchronous Tasks . 140Authentication. 140Discovery . 141Global Configuration . 1415.65.75.85.9Listing Available Stacks . 142Creating New Stack . 143Checking Stack State and Configuration . 145Scaling Mediant CE Stack . 1495.5.1Updating Global Configuration .1425.9.15.9.25.9.3Scale Out Operation .149Scale In Operation .149Scale To Operation .1505.10 Modifying Stack Configuration . 1515.10.1 Update Operation .1525.11 Stopping and Starting Stack . 1535.11.1 Stopping Stack .1535.11.2 Starting Stack .1535.12 Deleting Stack . 1545.12.1 Purging Deleted Stack .1545.13 Healing Stack . 154Version 7.25Mediant CE
Stack Manager5.14 Rebuilding Stack . 1555.15 Upgrading Stack . 1566Operational Logs . 157User's Manual6Document #: LTRT-28934
User's ManualNoticesNoticeInformation contained in this document is believed to be accurate and reliable at the time ofprinting. However, due to ongoing product improvements and revisions, AudioCodes cannotguarantee accuracy of printed material after the Date Published nor can it accept responsibilityfor errors or omissions. Updates to this document can be downloaded ocuments.This document is subject to change without notice.Date Published: April-22-2021WEEE EU DirectivePursuant to the WEEE EU Directive, electronic and electrical waste must not be disposed ofwith unsorted waste. Please contact your local recycling authority for disposal of this product.Customer SupportCustomer technical support and services are provided by AudioCodes or by an authorizedAudioCodes Service Partner. For more information on how to buy technical support forAudioCodes products and for contact information, please visit our website tenance-and-support.Stay in the Loop with AudioCodesDocumentation FeedbackAudioCodes continually strives to produce high quality documentation. If you have anycomments (suggestions or errors) regarding this document, please fill out the DocumentationFeedback form on our website at ck.Abbreviations and TerminologyEach abbreviation, unless widely used, is spelled out in full when first used.Document Revision RecordLTRTDescription28905Initial document release for Version 7.2.28906Microsoft Azure added.28907OpenStack added.28908Parameters removed: [--mc-profile {forwarding,transcoding}] and [--mc-max-pps-limitMC MAX PPS LIMIT]Version 7.27Mediant CE
Stack ManagerLTRTDescription28909Typos; Managed Service Identity section update; Upgrading Stack Manager sectionadded.28911Google Cloud deployment added28912Code typo in Section Post-Installation Configuration on Microsoft Azure.28913OpenStack supported; majority of document update.28914Azure zones creation update; new parameters sc num of interfaces.mc num of interfaces, and storage account type.28922New subsections under Enabling Access to Azure APIs via Managed Service Identity;'resource group' parameter added28923Format update28924iam:CreateServiceLinkedRole added to IAM Role for Stack Manager28925Ubuntu Linux versions (updated); Mediant VE added; IAM Role for Stack Manager(updated); Subnet and Elastic/Public/External IP Addresses (updated); creatingMedian CE/VE (AWS/Azure/Google/OpenStack); parameters updated - sc public ips,mc public ips, sc additional ips, mc additional ips, sc tags (Azure), mc tags(Azure), availability zones (new); Advanced Configuration for Mediant VE (new);Rebuilding / Upgrading Stack (updated); Adjusting Security Groups (updated); UsingPre-Defined Public/Private IP Addresses (updated)28926Ubuntu versions; accessing web interface updated; OpenStack "flavor" profile;spot instances (new); use proximity (new); placement group (new);use placement group (new); mc max pps limit (new); manage via https (new);public ips (udated); additional ips(updated); Active Alarms (new section); Scale Out /In Operation (updated); Modifying Stack Configuration (updated); ModifiableParameters for Mediant CE (updated); Service Interruption During Stack Update(removed); Global Configuration (updated); Creating New Stack (updated); CheckingStack State (updated)28927CentOS 8 for Azure; Google Cloud updates28928Upgrading Stack Manager updated; oam ip parameter added; note removed frommodifying stack configuration; modifiable parameters added for Mediant VE; rebuildingand upgrading stack updated with Mediant VE28929Updates - creating Mediant CE in AWS; new alarm (sc-ha-alarm); automatic scalingupdated; automatic healing updated; usage information updated; list commandupdated; operational logs updated28930custom IAM roles; restricting custom IAM roles; new parameters (cluster nsg id,oam nsg id, signaling nsg id, media nsg id, auto start time, auto stop time,oam subnet cidr, ,main subnet cidr, additional1 subnet cidr,additional2 subnet cidr); miscellaneous28934TyposUser's Manual8Document #: LTRT-28934
User's Manual11. IntroductionIntroductionStack Manager is used for managing 'software stacks' deployed in virtual environments. Itimplements the complete stack lifecycle, including: Stack deployment Stack termination Manual stack size adjustment – using user-initiated scale-in / scale-out Automatic stack size adjustment – using automatic scaling Stack configuration updateCurrent implementation supports Mediant CE (Cloud Edition) and Mediant VE (VirtualEdition) SBC in the following environments: Amazon Web Services (AWS) Microsoft Azure Google Cloud OpenStackStack Manager implements VNFM (Virtual Network Function Manager) functionality asdefined in the NFV Management and Organization (MANO) architectural framework.The following management interfaces are provided: Web interface Command line interface (CLI) REST APIVersion 7.29Mediant CE
Stack ManagerThis page is intentionally left blank.User's Manual10Document #: LTRT-28934
User's Manual2. Deployment2Deployment2.1Operational EnvironmentStack Manager is mostly written in Python and may be installed on one of the followingoperating systems:2.2 Ubuntu Linux versions 16.04, 18.04, or 20.04 Amazon Linux versions 1 and 2 Red Hat Linux versions 7 and 8 CentOS Linux versions 7 and 8 Debian Linux Version 9Network TopologyStack Manager needs to have access to the following APIs for correct operation: Virtual Infrastructure Management API (e.g., AWS API) for deploying stackcomponents and managing their lifecycle. Management API of the deployed stack (e.g., REST API of Mediant CE) for assessingoperational status of deployed stack instances and managing their configuration andstate.Figure 2-1: Stack Manager Deployment TopologyVirtual Infrastructure Management APIStack ManagerManagement & Automation APIStack #1Version 7.211Stack #2Mediant CE
Stack Manager2.3Installation Prerequisites2.3.1Installation Prerequisites for Amazon Web Services (AWS)EnvironmentPrior to installing Stack Manager in the Amazon Web Services (AWS) environment, makesure that you meet the following prerequisites:2.3.1.1 You have an AWS account. If you don't have one, you can sign up for one onAmazon's website at http://aws.amazon.com/. You have created IAM Role that enables Stack Manager to access all needed AWSAPIs. For more information, see Section 2.3.1.1. Security groups of the "Main Subnet", where Stack Manager will be deployed, allowStack Manager to communicate with both the AWS APIs and the deployed MediantVE/CE stack instances, using the HTTPS protocol (Port 443).IAM Role for Stack ManagerThe following IAM role ensures that Stack Manager can access all needed AWS APIs forsuccessful stack deployment and management. This role must be attached to the StackManager’s virtual instances, as described in Section 2.4.{}"Version": "2012-10-17","Statement": [{"Action": le"],"Effect": "Allow","Resource": "*"}] To create an IAM Role1.Open the AWS IAM console (https://console.aws.amazon.com/iam).2.Navigate to the Policies screen:a.b.c.3.Navigate to the Roles screen:a.b.User's ManualClick Create.Select the JSON tab, copy-and-paste the IAM policy rules listed above, and thenclick Review policy.Enter the IAM policy name (e.g., "STACK MGR"), and then click Create policy.Click Create role.Choose EC2 use case, and then click Next: permissions.12Document #: LTRT-28934
User's Manual2. Deploymentc.d.e.Search for the IAM policy created in the previous step, select it, and then clickNext: tags.Click Next: review.Enter the IAM role name (e.g., "STACK MGR"), and then click Create role.The IAM role specified above grants access to all EC2 and CloudFormation APIs. StackManager currently uses the following specific services from these n:DescribeStacks",Version 7.213Mediant CE
Stack n:ListStacks","cloudformation:UpdateStack"Note: The above list may change as Stack Manager implementation is updated and newfunctionality is added.2.3.1.2Subnet and Elastic IP AddressesStack Manager uses the following IP addresses when communicating with Mediant VE/CEstack instances that it deploys: If the stack instance has a public IP address (Elastic IP) assigned to its managementinterface, Stack Manager uses this public IP address to access the stack instance’smanagement REST API. Otherwise, Stack Manager uses the private IP address of the stack instance’smanagement interface.To enable Stack Manager’s access to the deployed Mediant VE/CE stack’s managementAPIs, it is recommended to deploy Stack Manager to the same "Main Subnet" that is usedfor carrying management traffic of the deployed Mediant VE/CE stack(s).Stack Manager also needs to communicate with AWS APIs, which are accessible via publicIP addresses. Therefore, it should either be assigned with an Elastic IP address or placedbehind a NAT Gateway.2.3.2Installation Prerequisites for Microsoft Azure EnvironmentPrior to installing Stack Manager in the Microsoft Azure environment, make sure that youmeet the following prerequisites:2.3.2.1 You have an Azure account. If you don't have one, you can sign up for one onMicrosoft's website at http://azure.microsoft.com. Security groups of the "Main Subnet", where Stack Manager will be deployed, allowStack Manager to communicate with both the Azure API and the deployed MediantVE/CE stack instances, using the HTTPS protocol (Port 443).Subnet and Public IP AddressesStack Manager uses the following IP addresses when communicating with Mediant VE/CEstack instances that it deploys: If the stack instance has a public IP address assigned to its management interface,Stack Manager uses this public IP address to access the stack instance’smanagement REST API. Otherwise, Stack Manager uses the private IP address of the stack instance’smanagement interface.To enable Stack Manager’s access to the deployed Mediant VE/CE stack’s managementAPIs, it is recommended to deploy Stack Manager to the same "Main Subnet" that is usedfor carrying management traffic of the deployed Mediant VE/CE stack(s).User's Manual14Document #: LTRT-28934
User's Manual2. DeploymentStack Manager also needs to communicate with Azure APIs, which are accessible via publicIP addresses. Therefore, it should either be assigned with a public IP address or placedbehind a NAT Gateway.2.3.3Installation Prerequisites for Google Cloud EnvironmentPrior to installing Stack Manager in the Google Cloud environment, make sure that you meetthe following prerequisites:2.3.3.1 You have a Google Cloud account. If you don't have one, you can sign up for one onGoogle’s website at http://cloud.google.com. Firewall Rules of the "Main Subnet", where Stack Manager will be deployed, allowStack Manager to communicate with both the Google Cloud API and the deployedMediant VE/CE stack instances, using the HTTPS protocol (Port 443).Subnet and External IP AddressesStack Manager uses External IP addresses when communicating with Mediant VE/CE stackinstances that it deploys. Therefore, it may be deployed in any subnet as long as it’s assignedwith an External IP and is allowed to communicate with Mediant VE/CE instances.Nevertheless, to simplify network topology, it is recommended to deploy Stack Manager tothe same "Main Subnet" that is used for carrying management traffic of the deployed MediantVE/CE stack(s).Stack Manager also needs to communicate with Google Cloud APIs, which are accessiblevia public IP
Apr 22, 2021 · User's Manual 1. Introduction 1 Introduction Stack Manager is used for managing 'software stacks' deployed in virtual environments. It implements the complete stack lifecycle, including: Stack deployment Stack termination Manual stack si
