Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Contents

This page reflect the AWS GUI changes in spring 2022. If you still use the older GUI, please refer to the Appendix of the Charon-SSP AWS Getting Started guide.


General Prerequisites

As this description shows the basic setup of a Linux instance in AWS, it does not list specific prerequisites. However, depending on the use case, the following prerequisites should be considered:

  • Amazon account and Marketplace subscriptions:
    • To set up a Linux instance in AWS, you need an Amazon AWS account with administrator access.
    • Identify the AWS region in which you plan to launch your instance. If planning to use an AWS service, use the following link to check if this service is available in the desired region:
      https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services.
      Please note that the Charon-SSP AL marketplace image and the VE license server software require updates for each new region added to AWS.
      Should you get an error similar to Failed to verify the instance document's signature when trying to create a new fingerprint or access an SSP public license server, you may use a region not yet supported in your version.
    • Identify the VPC and subnet in which you plan to launch your instance.
    • If your instance requires Internet access, ensure that  the route table associated with your VPC has an Internet Gateway. If your instance requires a VPN access to your on-premises network, ensure that a VPN gateway is available. The exact configuration of your VPC and its subnets will depend on your network design and application requirements.
    • To subscribe to a specific marketplace service select AWS Marketplace Subscriptions in the management console and then select Manage Subscriptions.
    • Search for the service you plan to use and subscribe to it (accepting the terms and conditions). After a successful subscription, you will find the subscription in the Manage Subscriptions section. From there you can directly launch a new instance.
    • The AWS service providing metered Charon-SSP emulator instance is called AWS Mainframe Modernization - Virtualization for SPARC.
  • The instance hardware and software prerequisites will be different depending on the planned use of the instance:
    • Option 1: the instance is to be used as a Charon emulator host system:
      • Refer to the hardware and software prerequisite sections of the User's Guide and/or Getting Started guide of your Charon product to determine the exact hardware and software prerequisites that must be fulfilled by the Linux instance. The image you use to launch your instance and the instance type you chose determine the software and hardware of your cloud instance.
      • If you use Charon emulator marketplace image, the software prerequisites are already fulfilled.
      • A Charon product license is required to run emulated legacy systems. Refer to the licensing information in the documentation of your Charon product, or contact your Stromasys representative or Stromasys VAR for additional information. Emulator marketplace images with Automatic Licensing use public license servers and will create their license automatically at first launch of the instance.
    • Option 2: the instance is to be used as a dedicated VE license server:
      • Refer to the VE License Server Guide for detailed prerequisites.
  • Certain legacy operating systems that can run in the emulated systems provided by Charon emulator products require a license of the original vendor of the operating system. The user is responsible for any licensing obligations related to the legacy operating system and has to provide the appropriate licenses.

AWS Login and New Instance Launch

Please note that the AWS GUI occasionally changes. This may lead to screenshots not always reflecting the exact appearance of an configuration screen.

To start the creation of a new cloud instance, perform the following steps:

1. Log in to your AWS management console.

2. Find and select the EC2 service. You can find it in the Recently visited section, or use the services drop down menu (alternatively, you can also start from your Manage Subscriptions page and launch the instance there):

This will open the E2C dashboard.


Please note: The following sample image shows the new E2C dashboard. The old dashboard looks somewhat different, but still has the Launch instance button.


3. On the EC2 dashboard click on the Launch Instance button.

Clicking on Launch Instance and selecting the launch instance option will allow you to initiate the instance creation process consisting of seven steps:

  1. Enter an instance name
  2. Choose AMI
  3. Choose Instance Type
  4. Key pair configuration
  5. Network and security group configuration
  6. Storage configuration
  7. Advanced details
  8. Launch instance

These steps are described in the next section.


New Instance Configuration

The instance creation and configuration process will guide you through a number of configuration steps and allow you to start the new instance when done.

1. Enter an instance name:

If needed, you can add additional tags to the instance.

When done, proceed to the Application and OS Images section to choose an AMI (Amazon Machine Image).


2. Choose AMI:

AMIs are prepackaged images used to launch cloud instances. They usually include the operating system and applicable application software.

Which AMI you select depends on the planned use of the instance:

  • If the instance is to be used as a Charon emulator host system several AMI choices are possible:
    • Installing the Charon host system from a prepackaged Charon marketplace image: they contain the underlying operating system and the preinstalled Charon software.
      • Please check with your Stromasys representative which options are currently available in your cloud providers marketplace.
      • Depending on the cloud provider and the Stromasys product release plans, there may be two variants:
        • Automatic licensing (AL) for use with a public, Stromasys-operated license server. Please contact your Stromasys representative if you require a private, customer-operated AutoVE license server
        • Virtual environment (VE) for use with a private, customer-operated VE license server
    • Installing the Charon host system using a conventional Charon emulator installation with the Charon emulator installation RPM packages for Linux:
      • Choose a Linux AMI of a distribution supported by your selected Charon product and version (see the user's guide of your product on the Stromasys documentation site).
  • If the instance is to be used as a dedicated VE license server:

After deciding on which AMI is required, select a matching Linux or Charon product AMI in the Marketplace or (depending on your environment) from My AMIs.

You can use the search field or select one of the categories displayed to start your search. Select the Linux AMI appropriate to your planned use of the instance, that is,

  • a prepackaged Charon VE marketplace image (as shown in the example above - note the string "ve" in the AMI name), or
  • a prepackaged Charon AL marketplace image for Automatic Licensing or AutoVE, or
  • a Linux version supported for an RPM product installation, or
  • a Linux version supported for the VE license server.

Then proceed to the next section, the Instance type selection.


3. Choose Instance Type:

Amazon EC2 offers instance types with varying combinations of CPU, memory, storage, and networking capacity.

Select an instance type that matches the requirements of the Charon product to be used. Please note that some marketplace images have a restricted selection of instance types.

When done, proceed to the Key pair configuration.


4. SSH key pair configuration:

In this section, you can

  • either create a new SSH key pair and download the private key, or
  • you can select an existing key pair to use for logging in to the new instance. If you select an existing key pair, make sure you have the matching private key. Otherwise, you will not be able to log in.

Please note: if your management system supports it, for RHEL 9.x, Rocky Linux 9.x, and Oracle Linux 9.x use SSH key types ECDSA or ED25519. This will allow connecting to these Charon host Linux systems using an SSH tunnel without the default crypto-policy settings on the Charon host having to be changed for less secure settings. This is, for example, important for the Charon-SSP Manager. See also: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening.

After configuring your key pair, proceed to the Network settings section.


5. Network configuration:

This section offers basic default settings to connect your instance to the network. However, in most cases, you will have to adjust the settings to your environment.

To do this, click on the Edit button at the top of the section:

This will open the edit window and allow additional settings:

  • The VPC (if a non-default VPC is to be used)
  • The desired subnet (either an existing one or a newly created subnet)
  • Enable or disable the automatic assignment of a public IP address to the primary interface (automatic assignment is only possible if a single network interface is selected for the instance)
  • Assign an existing or new custom security group (cloud-provided firewall). The security group must allow at least SSH to access the instance. Any ports required by applications planned to run on the instance must also be allowed (the security group can be modified at any time after the instance has been created).


The Advanced network configuration option at the bottom of the section opens an additional configuration section in which you can set more advanced interface options and add additional network interfaces (automatic assignment of a public IP address only works if there is only one network interface attached to the instance). Additional interfaces can also be added to the instance after it has been first launched.

Once you are done with the network configuration, proceed to the Configure storage section.


6. Storage configuration:

The size of the root volume (the system disk) must be appropriate for your environment (recommended minimum system disk size for the Linux system: 30GB). You can add more storage now or later to provide space for virtual disk containers and other storage requirements, but the system disk size should cover the Linux system requirements including any applications/utilities planned to be installed on it.

Please note: It is recommended to create separate storage volumes for Charon application data (e.g., disk images). If required, such volumes can later easily be migrated to another instance.


If needed, open the Advanced details section to access additional settings.


7. Advanced details:

In this section, you can set many parameters. Three that are more likely to be useful to a Charon emulator environment are shown here as examples:

CPU characteristics (enable or disable more than one thread per CPU core, options depend on the selected instance type). This can only be set at instance launch. It cannot be changed later.

IAM role

Only for a VE license server system with a version earlier than 1.1.23, you must assign the required IAM role (allowing the ListUsers action) to the instance. For more information see the Virtual Environment (VE) License Server Documentation.


User data

If your instance is based on a Charon AL marketplace image and planned to be used for AutoVE licensing (instead of the Stromasys-operated public license servers) or based on the Charon-SSP Amazon Linux image, you must add the corresponding information to the instance configuration before the first launch of the instance.


Please note:

  • Should you use the SSP Amazon Linux AMI with SSP version 5.6.8 or higher as provided by the AWS Mainframe Modernization - Virtualization for SPARC service, the instance will by default connect to the public, Stromasys-operated AutoVE license servers (defined in /opt/charon-license-server ). You only need the user data definition for older versions or to override the default with your private AutoVE servers.
  • The example below shows the appearance of the AutoVE license server information that is entered as User Data in the Advanced Details configuration section at the bottom of the Launch an Instance window during the initial configuration of an instance. Scroll down to the bottom of the configuration window to open and display the user data section in the Advanced Details.
  • In the older GUI version, the Advanced Details section is part of the Configure Instance window - the layout is somewhat different, but the configuration options are the same.

 Enter the information for the AutoVE license server as shown in the example below (it shows the public AutoVE servers):

Valid User Data configuration options:

  • primary_server=<ip-address>[:<port>]
  • backup_server=<ip-address>[:<port>]

where

  • <ip-address> stands for the IP address of the primary and the backup server as applicable, and
  • <port> stands for a non-default TCP port used to communicate with the license server (default: TCP/8083).

Please note: at least one license server must be configured at initial launch to enable AutoVE mode. This can be via the /opt/charon-license-server file with the default public servers (SSP 5.6.8 or higher) or via the manual user data configuration. Otherwise, the instance will bind to one of the public AL license servers operated by Stromasys.


8. Launch your instance:

Click on Launch instance in the right-hand pane to launch your instance (if the launch button is not visible, you may have to close overlaying text panes first):


Verify that instance is running:

After starting your instance for the first time, you will see it in the initializing state in the list of your AWS instances. It will take a bit of time to get to the running state.You will eventually see a launch success message with a link to your instance. Clicking on this link will take you to your new instance in the instance overview list.

In addition to the instance state, important information, for example, the public IP address and public DNS name (marked in red) of the instance will also be displayed. The following image shows an example:

The following sections will show you how to access the instance and how to perform additional storage and network configurations.

Please note:

  • If you select your instance, the bottom of the screen will show a detailed description and status information of your instance.
  • You can rename your instance after creating it by clicking on the pencil symbol that will appear next to the instance name when placing the mouse pointer over it, or by editing the name tag of the instance.

  • No labels