Remote Subscriber Database (RSD) AWS hosting setup guide

From Discovery Data Service
Revision as of 10:51, 13 May 2020 by JoC (talk | contribs) (Created page with " [[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]]== Remote Subscriber Database Depl...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

[[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]][[Image:]]== Remote Subscriber Database Deployment Guide ==

This deployment guide covers some suggested initial installation steps for customers wishing to run the Discovery remote subscriber database in a new Amazon Web Services account.
The installation is simplified using cloudformation (cfn) scripts which create the AWS resources on your behalf. Some manual steps are required before and after the scripts are run.

Prerequisites

Amazon Web Services

You will require an Amazon Web Services account to run the infrastructure, If you do not already have an AWS account then you can Sign up for an AWS account here.

Please supply your AWS account number to the Discovery team prior to running the installation. The account number can be found in the AWS console here.


Create a Key Pair'To create your key pair'

  1) === Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/. ===

  1) === In the navigation pane, choose Key Pairs. ===

  1) === Choose Create key pair. ===

  1) === For Name, enter a descriptive name for the key pair. ===

  1) === For File format, choose the format in which to save the private key. To save the private key in a format that can be used with OpenSSH, choose pem. To save the private key in a format that can be used with PuTTY, choose ppk. ===

Choose Create key pair.

Note: the private key is downloaded via your browser and must be kept safe, this is required to connect to the EC2 instances. Alternatively an existing key pair can be used.



AWS Cloudformation Installation - Network Stack

By default the following subnets are hardcoded into the cfn script. Note you may need to change these according to your hosting requirements, please note the ACLs within the cfn script will also need updating if you choose to amend these.

VPC:

CIDR: "192.168.132.0/22"

Public0:

CIDR: "192.168.132.0/24"

Public1:

CIDR: "192.168.133.0/24"

Private0:

CIDR: "192.168.134.0/24"

Private1:

CIDR: "192.168.135.0/24"



Instructions
In the AWS console please make sure you have the Europe (London) eu-west-2 region selected.

[[Image:]]


[[Image:]]


Navigate to CloudFormation by searching in the services drop-down menu

Click on Create stack and select With new resources (standard)[[Image:]]


Step 1 - Specify the template
Leave the defaults Template is ready and select Upload a template file

Click on Choose file
[[Image:]]


Browse to the location of the network-stack.yaml file which has been supplied.

Click Next

Step 2 - Specify stack details
enter a Stack Name and a VPC Name

example
[[Image:]]

Step 3 - Configure Stack Options

Leave default and click next

Step 4 - Review

Review and click Create stack

Once the network stack is created (2-3 mins) you can see the resource CloudFormation has created in the Resources tab.



Navigate the Services - VPC to see the resources such as subnets, route tables and ACLs

[[Image:]]


AWS Cloudformation Installation - VPC Endpoint (PrivateLink)

Prerequisites

Note before running this cfn script you will need to create a security group that will be applied to the filer instance. You then select the security group from a drop-down list when running this cfn script. This will allow the filer instance to access the sftp server via the PrivateLink.

Your AWS account number will need to be whitelisted by Discovery before running the cfn script.

Instructions
In the AWS console please make sure you have the Europe (London) eu-west-2 region selected.

[[Image:]]


[[Image:]]


Navigate to CloudFormation by searching in the services drop-down menu

Click on Create stack and select With new resources (standard)[[Image:]]


Step 1 - Specify the template
Leave the defaults Template is ready and select Upload a template file

Click on Choose file
[[Image:]]


Browse to the location of the endpoint-stack.yaml file which has been supplied.

Click Next

Step 2 - Specify stack details

Select the security group (see prerequisite) and private subnets & VPC that were created from the network stack

[[Image:]]



Step 3 - Configure Stack Options

Leave default and click next

Step 4 - Review

Review and click Create stack

Once the PrivateLink stack is created (2-3 mins) you can see the resource CloudFormation has created in the Resources tab.

[[Image:]]

Click on the links to review the resources

Security Group[[Image:]]

PrivateLink

Note the status ‘pending acceptance’ will remain until the request has been approved in the discovery AWS account.[[Image:]]

Retrieved from ‘https://wiki.discoverydataservice.org/index.php?title=Remote_Subscriber_Database_(RSD)_AWS_hosting_setup_guide&oldid=589