Transcription
User's ManualAudioCodes Mediant Family of Session Border ControllersStack ManagerMediant Cloud Edition (CE) SBCMediant Virtual Edition (VE) SBCVersion 7.4
User's ManualContentsTable of Contents1Introduction . 92Deployment. 112.12.22.3Operational Environment . 11Network Topology . 11Installation Prerequisites . 122.3.12.3.22.3.32.3.42.4Installation . ew .17Creating Amazon Web Services (AWS) Instance .17Deploying Stack Manager on Microsoft Azure .21Creating Google Cloud Virtual Machine .26Creating OpenStack Instance .28Installing Stack Manager Application .31Accessing the Web Interface . 32Accessing the CLI . 33Upgrading Stack Manager . 34Post-installation Configuration . 352.8.12.8.22.8.32.8.42.8.52.9Installation Prerequisites for Amazon Web Services (AWS) Environment .122.3.1.1 IAM Role for Stack Manager .122.3.1.2 Subnet and Elastic IP Addresses .14Installation Prerequisites for Microsoft Azure Environment .142.3.2.1 Subnet and Public IP Addresses .14Installation Prerequisites for Google Cloud Environment .152.3.3.1 Subnet and External IP Addresses .15Installation Prerequisites for OpenStack Environment .152.3.4.1 Provider Versus Self-Service Networks .152.3.4.2 Subnet and Floating IP Addresses .16Post-installation Configuration on Amazon Web Services (AWS) .352.8.1.1 Enabling Access to AWS API via IAM Role (Recommended Method) .352.8.1.2 Enabling Access to AWS API via AWS Access Key (Alternative Method)35Post-Installation Configuration on Microsoft Azure .362.8.2.1 Configuring the Azure Subscription ID .362.8.2.2 Enabling Access to Azure APIs via Managed Service Identity(Recommended Method) .372.8.2.3 Enabling Access to Azure APIs via Service Principal (Alternative Method)44Post-Installation Configuration on Google Cloud .452.8.3.1 Configuring Google Project ID .452.8.3.2 Enabling APIs in Project .452.8.3.3 Creating a Service Account .462.8.3.4 Enabling Access to Google Cloud APIs via Service Account(Recommended Method) .472.8.3.5 Enabling Access to Google Cloud APIs via Configuration File (AlternativeMethod) 47Post-installation Configuration on OpenStack .48Verifying Configuration .49Runtime Data . 502.9.12.9.22.9.3Version 7.4Storing Runtime Data on AWS S3 .50Storing Runtime Data on Azure Storage Service .52Storing Runtime Data on Google Cloud Storage Service .523Mediant VE/CE
Stack Manager2.9.42.9.5Storing Runtime Data on OpenStack Object Storage Service .53Migrating Runtime Data from Local Disk to Storage Service .532.10 Resource Naming . 532.11 Backup and Restore . 542.12 Migrating to a New Virtual Machine . 543Web Interface . 553.13.23.3Accessing the Web Interface . 55Global Configuration . 56Securing Connection to Web Interface . 563.3.13.3.23.3.33.3.43.43.53.6Configuring Hostname for Stack Manager Virtual Machine .57Acquiring Certificate from Certificate Authority .57Installing Let’s Encrypt Certificates .58Enforcing Secure Connection .58Login via Azure Active Directory . 59Resetting Web Interface Credentials . 61Creating a New Stack . 623.6.1Creating Mediant CE in Amazon Web Services (AWS) Environment .633.6.1.1 Troubleshooting .653.6.2 Creating Mediant CE in Azure Environment .663.6.2.1 Troubleshooting .683.6.3 Creating Mediant CE in Google Cloud Environment .693.6.4 Creating Mediant CE in OpenStack Environment .713.6.5 Creating Mediant VE in Amazon Web Services (AWS) Environment .733.6.5.1 Troubleshooting .753.6.6 Creating Mediant VE in Azure Environment .763.6.6.1 Troubleshooting .773.6.7 Creating Mediant VE in Google Cloud Environment .783.6.8 Creating Voice.AI Connect in Amazon Web Services (AWS) Environment .803.6.9 Creating Voice.AI Connect in Azure Environment .823.6.10 Advanced Configuration .843.6.10.1 Advanced Configuration for Mediant CE .853.6.10.2 Advanced Configuration for Mediant VE .943.6.10.3 Advanced Configuration for Voice.AI Connect .993.7Checking Stack State and Configuration . 1043.7.1Viewing IP Addresses of Stack Components .1053.8 Active Alarms . 1053.9 Performing Operations on Stack . 1063.10 Scaling Mediant CE Stack . 1073.10.1 Scale Out Operation .1073.10.2 Scale In Operation .1083.10.3 Scale To Operation .1083.11 Automatic Scaling . 1093.11.1 Cool Down Period .1103.11.2 Auto Scale Step .1103.11.3 Changing Cluster Size at Specific Time of Day .1103.12 Modifying Stack Configuration . 1113.12.1 Update Operation .1133.12.2 Modifiable Parameters for Mediant CE .1143.12.3 Modifiable Parameters for Mediant VE .1163.13 Stopping and Starting Stack . 1173.14 Healing Stack . 1173.14.1 Automatic Healing .118User's Manual4Document #: LTRT-28939
User's Manual3.153.163.173.183.193.203.21Deleting Stack . 118Upgrading Software on Idle Media Components. 118Rebuilding Stack . 118Upgrading Stack . 119Shelving and Unshelving Stack . 121Resetting Stack Password . 122Stack Deployment Details. 1233.21.13.21.23.21.33.21.44ContentsUse of Native Cloud Orchestration .123Adjusting Security Groups .124Using Pre-Defined Public IP Addresses .124Using Pre-Defined Private IP Addresses .125CLI Interface . 1294.14.24.34.44.54.6Accessing CLI Interface . 129Invocation . 129Usage Information . 129Global Configuration . 130Listing Available Stacks . 132Creating a New Stack . 1324.6.1 Creating Stack Configuration File via SBC Cluster Configuration Tool(Recommended Method) .1334.6.2 Creating Stack Configuration File Manually (Alternative Method) .1394.6.2.1 Sample Configuration File .1404.6.3 Creating a New Stack .1474.7Checking Stack State and Configuration . 1484.7.14.7.24.8Scaling Mediant CE Stack . 1524.8.14.8.24.8.34.9Checking Idle Media Components .150Viewing IP Addresses of Stack Components .151Scale Out Operation .152Scale In Operation .152Scale To Operation .153Modifying Stack Configuration . 1544.9.1Update Operation .1574.10 Stopping and Starting the Stack . 1584.10.1 Stopping Stack .1584.10.2 Starting Stack .1584.11 Deleting Stack . 1594.11.1 Purging Deleted Stack .1594.124.134.144.15Healing Stack . 160Rebuilding Stack . 160Upgrading Stack . 161Shelving and Unshelving the Stack . 1624.15.1 Shelving Stack .1624.15.2 Unshelving Stack .1624.16 Resetting Stack Password . 1634.17 Multiple Operations. 1645REST API. 1655.15.2Overview . 165Asynchronous Tasks . 166Version 7.45Mediant VE/CE
Stack Manager5.3Authentication. 1675.3.15.45.55.5.15.65.75.8Updating Global Configuration .170Listing Available Stacks . 170Creating New Stack . 171Checking Stack State and Configuration . 1735.8.15.9Authentication via Azure Active Directory .167Discovery . 169Global Configuration . 169Viewing IP Addresses of Stack Components .176Scaling Mediant CE Stack . 1785.9.15.9.25.9.3Scale Out Operation .178Scale In Operation .178Scale To Operation .1795.10 Modifying Stack Configuration . 1805.10.1 Update Operation .1815.11 Stopping and Starting Stack . 1825.11.1 Stopping Stack .1825.11.2 Starting Stack .1825.12 Deleting Stack . 1835.12.1 Purging Deleted Stack .1835.135.145.155.165.17Healing Stack . 184Rebuilding Stack . 184Upgrading Stack . 185Resetting Stack Password . 185Shelving and Unshelving Stack . 1865.17.1 Shelving Stack .1865.17.2 Unshelving Stack .1866Operational Logs . 1877Stacks Management . 1897.17.27.3Automatic Stop / Start / Shelve . 189Tagging Stack Resources. 190Integration with Azure Application Insights . 190User's Manual6Document #: LTRT-28939
User's ManualNoticesNotic eNoticeInformation contained in this document is believed to be accurate and reliable at the time ofprinting. However, due to ongoing product improvements and revisions, AudioCodes cannotguarantee accuracy of printed material after the Date Published nor can it accept responsibilityfor errors or omissions. Updates to this document can be downloaded ocuments.This document is subject to change without notice.Date Published: June-6-2022Customer SupportCustomer technical support and services are provided by AudioCodes or by an authorizedAudioCodes Service Partner. For more information on how to buy technical support forAudioCodes products and for contact information, please visit our website tenance-and-support.Stay in the Loop with AudioCodesDocumentation FeedbackAudioCodes continually strives to produce high quality documentation. If you have anycomments (suggestions or errors) regarding this document, please fill out the DocumentationFeedback form on our website at ck.Abbreviations and TerminologyEach abbreviation, unless widely used, is spelled out in full when first used.Document Revision RecordLTRTDescription28931Initial document release for Version 7.428932New sections - Migrating to a New Virtual Machine; Secure Connection to WebInterface; Installing Let’s Encrypt Certificates; Login via Azure Active Directory;Resetting Web Interface Credentials; Authentication via Azure Active Directory28933Typos28935Creating a new stack updates; Mediant VE for Azure/AWS/Google updates28936Update to acquiring access token using REST client28937Debian Linux 10 and 11 support; updates to messages in creating new stack andchecking stack state and configuration (REST API)Version 7.47Mediant VE/CE
Stack ManagerLTRTDescription28938Debian 11; backup and restore; configuring hostname for stack manager VM;acquiring certificate from CA; enforcing secure connection; creating VoiceAI Connectin AWS/Azure; resetting stack password; shelving and unshelving stack; viewing IPaddresses of stack components; stacks management (automatic stop / start / shelve,tagging stack resources, integration with Azure Application Insights)28939Typo in redirect URL; typo in Storage Storage AdminDocumentation FeedbackAudioCodes continually strives to produce high quality documentation. If you have anycomments (suggestions or errors) regarding this document, please fill out the DocumentationFeedback form on our website at ck.User's Manual8Document #: LTRT-28939
User's Manual11. IntroductionIntroductionStack Manager is used for managing 'software stacks' deployed in virtual environments. Itimplements the complete stack lifecycle, including: Stack deployment Stack termination Manual stack size adjustment – using user-initiated scale-in / scale-out Automatic stack size adjustment – using automatic scaling Stack configuration updateCurrent implementation supports Mediant CE (Cloud Edition) and Mediant VE (VirtualEdition) SBC in the following environments: Amazon Web Services (AWS) Microsoft Azure Google Cloud OpenStackStack Manager implements VNFM (Virtual Network Function Manager) functionality asdefined in the NFV Management and Organization (MANO) architectural framework.The following management interfaces are provided: Web interface Command line interface (CLI) REST APIVersion 7.49Mediant VE/CE
Stack ManagerThis page is intentionally left blank.User's Manual10Document #: LTRT-28939
User's Manual2. Deployment2Deployment2.1Operational EnvironmentStack Manager is mostly written in Python and may be installed on one of the followingoperating systems:2.2 Ubuntu Linux versions 16.04, 18.04, or 20.04 Amazon Linux versions 1 or 2 Red Hat Linux versions 7 or 8 CentOS Linux versions 7 or 8 Debian Linux versions 9, 10, or 11Network TopologyStack Manager needs to have access to the following APIs for correct operation: Virtual Infrastructure Management API (e.g., AWS API) for deploying stackcomponents and managing their lifecycle. Management API of the deployed stack (e.g., REST API of Mediant CE) for assessingoperational status of deployed stack instances and managing their configuration andstate.Figure 2-1: Stack Manager Deployment TopologyVirtual Infrastructure Management APIStack ManagerManagement & Automation APIStack #1Version 7.411Stack #2Mediant VE/CE
Stack Manager2.3Installation Prerequisites2.3.1Installation Prerequisites for Amazon Web Services (AWS)EnvironmentPrior to installing Stack Manager in the Amazon Web Services (AWS) environment, makesure that you meet the following prerequisites:2.3.1.1 You have an AWS account. If you don't have one, you can sign up for one onAmazon's website at http://aws.amazon.com/. You have created IAM Role that enables Stack Manager to access all needed AWSAPIs. For more information, see Section 2.3.1.1. Security groups of the "Main Subnet", where Stack Manager will be deployed, allowStack Manager to communicate with both the AWS APIs and the deployed MediantVE/CE stack instances, using the HTTPS protocol (Port 443).IAM Role for Stack ManagerThe following IAM role ensures that Stack Manager can access all needed AWS APIs forsuccessful stack deployment and management. This role must be attached to the StackManager’s virtual instances, as described in Section 2.4.{"Version": "2012-10-17","Statement": [{"Action": le"],"Effect": "Allow","Resource": "*"}]} To create an IAM Role1.Open the AWS IAM console (https://console.aws.amazon.com/iam).2.Navigate to the Policies screen:a.b.c.3.Navigate to the Roles screen:a.b.User's ManualClick Create.Select the JSON tab, copy-and-paste the IAM policy rules listed above, and thenclick Review policy.Enter the IAM policy name (e.g., "STACK MGR"), and then click Create policy.Click Create role.Choose EC2 use case, and then click Next: permissions.12Document #: LTRT-28939
User's Manual2. Deploymentc.d.e.Search for the IAM policy created in the previous step, select it, and then clickNext: tags.Click Next: review.Enter the IAM role name (e.g., "STACK MGR"), and then click Create role.The IAM role specified above grants access to all EC2 and CloudFormation APIs. StackManager currently uses the following specific services from these n:DescribeStacks",Version 7.413Mediant VE/CE
Stack n:ListStacks","cloudformation:UpdateStack"Note: The above list may change as Stack Manager implementation is updated and newfunctionality is added.2.3.1.2Subnet and Elastic IP AddressesStack Manager uses the following IP addresses when communicating with Mediant VE/CEstack instances that it deploys: If the stack instance has a public IP address (Elastic IP) assigned to its managementinterface, Stack Manager uses this public IP address to access the stack instance’smanagement REST API. Otherwise, Stack Manager uses the private IP address of the stack instance’smanagement interface.To enable Stack Manager’s access to the deployed Mediant VE/CE stack’s managementAPIs, it is recommended to deploy Stack Manager to the same "Main Subnet" that is usedfor carrying management traffic of the deployed Mediant VE/CE stack(s).Stack Manager also needs to communicate with AWS APIs, which are accessible via publicIP addresses. Therefore, it should either be assigned with an Elastic IP address or placedbehind a NAT Gateway.2.3.2Installation Prerequisites for Microsoft Azure EnvironmentPrior to installing Stack Manager in the Microsoft Azure environment, make sure that youmeet the following prerequisites:2.3.2.1 You have an Azure account. If you don't have one, you can sign up for one onMicrosoft's website at http://azure.microsoft.com. Security groups of the "Main Subnet", where Stack Manager will be deployed, allowStack Manager to communicate with both the Azure API and the deployed MediantVE/CE stack instances, using the HTTPS protocol (Port 443).Subnet and Public IP AddressesStack Manager uses the following IP addresses when communicating with
28932 New sections - Migrating to a New Virtual Machine; Secure Connection to Web Interface; Installing Let's Encrypt Certificates; Login via Azure Active Directory; Resetting Web Interface Credentials; Authentication via Azure Active Directory 28933 Typos 28935 Creating a new stack updates; Mediant VE for Azure/AWS/Google updates
