Product Documentation and Knowledge Base - HomeDocumentation


Charon-SSP


Setting up an AWS Cloud Instance Charon-SSP

Owned by W.Erber
Last updated: Mar 04, 2021Version comment
10 min read

This chapter describes how to set up a basic Charon-SSP instance in the AWS cloud.

Contents

Prerequisites

General Prerequisites

To install and configure Charon-SSP in the AWS cloud, you need an Amazon AWS account.

Licensing

Charon-SSP requires a license to run emulated SPARC systems. For a typical cloud-based installation, there are two different Charon-SSP product variants with two different licensing models (availability may differ depending on cloud environment):

  1. The cloud-specific, prepackaged Charon-SSP AL (Automatic Licensing) image utilizing a public, Stromasys-operated cloud-specific license server.
  2. Charon-SSP VE (Virtual Environment) utilizing a customer-operated, private VE license server in a supported cloud environment. Charon-SSP VE is available as a prepackaged image on some cloud platforms, and in RPM package format for a conventional installation.

Both licensing options are briefly described below. Please contact your Stromasys representative for any questions about product availability and licensing options.

Please note: the user is responsible for any Solaris licensing obligations and has to provide the appropriate licenses.

Charon-SSP Automatic Licensing Overview

The Charon-SSP AL image for AWS requires a license to run emulated SPARC systems. This license is created automatically upon first launch of the Charon-SSP AWS instance. Please note the following points:

  • The Charon-SSP AWS instance requires Internet access (via public IP address or NAT) for the license mechanism to work. If NAT is used, the gateway must be an AWS instance (the source address must be from the AWS range). At the time of writing, the license servers that must be reachable are cloud-lms1.stromasys.com and cloud-lms2.stromasys.com on port 8080. Also, a DNS service must be reachable to resolve the host names of the license servers, or corresponding entries in /etc/hosts must exist.
  • If you change the instance type after first launching the instance and thereby change the number of CPU cores (or if the number of CPU cores is changed by any other method), the license will be invalidated.
  • Some licensing problems or other requirements (e.g., additional CPU cores needed) may make it necessary to move the emulator to a new instance. Therefore, it is strongly recommended to store all relevant emulator data on a separate EBS volume that can easily be detached from the old instance and attached to a new instance.
  • Should access to the license be lost, there is a grace period of 24 hours. If license access is not restored within this period, the emulator will stop (if a guest system is running at the time, this is the equivalent of disconnecting the power without clean shutdown, i.e., it may lead to loss of data).

Please note: You will be billed by Amazon for your use of the Charon-SSP AWS instance. Stromasys will not bill you directly.


Charon-SSP VE Licensing Overview

This licensing option is applicable to prepackaged Charon-SSP VE images on cloud marketplaces and to VE-capable Charon-SSP emulator software installed from RPM packages.

Charon-SSP VE License Characteristics

The main characteristics of VE licenses are the following:

  • Software licenses only.
  • Installed on Charon-SSP host or separate license server.
  • Require the Charon-SSP VE license server software (RPM package included in the prepackaged, cloud-specific marketplace Charon-SSP VE image).
  • Require matching Charon-SSP emulator software (preinstalled on the prepackaged, cloud-specific marketplace Charon-SSP VE image).

If supported by the cloud provider, the VE license server instance can be moved to a different subnet, as long as the original instance can be moved. It is also possible to backup and restore (to the same instance) the license server data. However, the following actions will invalidate the license:

  • Changing the number of CPU cores of the license server system.
  • Copying the license server data to a different instance.
  • Seriously damaging the root filesystem of the license server system.
  • Re-installing the license server system.

Charon-SSP VE License Server Communication Requirements

For proper functionality, the system on which the license server runs must be able to communicate with the cloud infrastructure:

  • The metadata server of the cloud environment (169.254.169.254)
  • The host iam.amazonaws.com

It must also be able to communicate with the client systems using the license. The following ports are used for this communication:

  • TCP/8083: must be permitted from the client to the license server to enable the use of the license by the client.
  • TCP/8084: must be permitted by the license server for any system that should access the web interface to display license information.

Basic License Installation Steps Before an Emulator Can be Started

If there is no VE license server running already, decide on which cloud instance it should run and install the VE License Server package on the selected system. The VE License Server RPM package is included in the prepackaged Charon-SSP VE marketplace images. Alternatively, Stromasys will provide a download location. See Installing the VE License Server Software.

  • If you don't already have a license, contact your Stromasys representative to procure an appropriate license.
  • Log in on your Charon-SSP VE License Server instance.
  • Create a C2V file and send it to the email address Stromasys will provide to you.
  • Install the V2C file you will receive from Stromasys.
  • Configure the emulator instance(s) to use the license server.

Please refer to the VE License Server User's Guide for more information.



AWS Instance Type Prerequisites (Hardware Prerequisites)

By selecting an instance type in AWS, you select the virtual hardware that will be used for Charon-SSP AWS. Therefore, the selection of an instance type determines the hardware characteristics of the Charon-SSP virtual host hardware (e.g., how many CPU cores and how much memory your virtual Charon host system will have).

The minimum hardware requirements are described below. To learn about the default settings and how to use the Charon-SSP configuration options to determine the resource allocation, refer to the different configuration sections of the general Charon-SSP User's Guide of your Charon-SSP version (see CHARON-SSP for Linux), in particular, the CPU Configuration section.

Important general information:

  • To facilitate a fast transfer of emulator data from one cloud instance to another, it is strongly recommended to store all relevant emulator data on a separate disk volume that can easily be detached from the old instance and attached to a new instance.
  • Please make sure to dimension your instance correctly from the beginning (check the minimum requirements below). The Charon-SSP license for Charon-SSP AL is created when the instance is first launched. Changing later to another instance size/type and thereby changing the number of CPU cores will invalidate the license and thus prevent Charon instances from starting (new instance required). The license for Charon-SSP VE is created based on the fingerprint taken on the license server. If the license server is run directly on the emulator host and the emulator host later requires, for example, a change in the number of CPU cores, the license will be invalidated (new license required).

General CPU requirements: Charon-SSP requires modern x86-64 architecture processors with a recommended CPU frequency of at least 3.0GHz.

Minimum requirements for Charon-SSP:

  • Minimum number of host system CPU cores:
    • At least one CPU core for the host operating system.
    • For each emulated SPARC system:
      • One CPU core for each emulated CPU of the instance.
      • At least one additional CPU core for I/O processing (at least two, if server JIT optimization is used). See the CPU Configuration section mentioned above for default allocation and configuration options
  • Minimum memory requirements:
    • At least 2GB of RAM for the host operating system.
    • For each emulated SPARC system:
      • The configured memory of the emulated instance.
      • 2GB of RAM (6GB of RAM if server JIT is used) to allow for DIT optimization, emulator requirements, run-time buffers, SMP and graphics emulation.
  • If hyper-threading cannot be disabled on the Charon-SSP host, configure the hyper-threading option in the Charon-SSP Manager. See the CPU Configuration section mentioned above for additional configuration information.
  • One or more network interfaces, depending on customer requirements.
  • Charon-SSP/4U+ and Charon-SSP/4V+ must run on physical Intel hardware supporting VT-x/EPT (baremetal instances) and therefore cannot run in all cloud environments. Please check your cloud provider's documentation for the availability of such hardware. In addition, note the following points:
    • The support of these product variants on AMD processors (AMD-v/NPT required) is currently experimental.
    • Charon-SSP/4U+ and Charon-SSP/4V+ are only available when using the Linux kernels provided by Stromasys.
    • Please contact Stromasys or your Stromasys VAR if you need this type of emulated SPARC hardware to discuss your requirements in detail.

Please note:

  • The sizing guidelines above—in particular regarding number of host CPU cores and host memory—show the minimum requirements.
    Every use case has to be reviewed and the actual host sizing has to be adapted as necessary. For example, the number of I/O CPUs may have to be increased if the guest applications produce a high I/O load. Also take into consideration that a system with many emulated CPUs in general is also able to create a higher I/O load and thus the number of CPUs for I/O processing may have to be increased.

  • The CPU core allocation for emulated CPUs and CPU cores for I/O processing is determined by the configuration. See CPU Configuration in the general Charon-SSP User's Guide for more information about this and the default allocation of CPU cores for I/O processing.



AWS Login and New Instance Launch

Amazon EC2 provides a wide selection of instance types optimized to fit different use cases. Instances are virtual servers that can run applications such as Charon-SSP.

To start the creation of a new cloud instance using the Charon-SSP AMI, perform the following steps:

1. Log in to your AWS management console.

2. Find and select the EC2 service. You can use the search window or find it in the recently used services.

This will open the E2C dashboard.



3. On the EC2 dashboard click on the Launch Instance button. Note that at the time of writing a new version of the dashboard was being introduced, but either version could be used.

Old dashboard version:

 

New dashboard version:

Clicking on Launch Instance will initiate the instance creation process consisting of seven steps:

  1. Choose AMI
  2. Choose Instance Type
  3. Configure Instance
  4. Add Storage
  5. Add Tags
  6. Configure Security Groups
  7. Review, launch and select/create key-pair for access.

These steps are described in the next section.


New Instance Configuration

The instance creation and configuration process will guide you through a number of configuration steps and allow you to start the new instance when done.

1. Choose AMI:

Search for Charon products and select the desired Charon products from the Marketplace or (depending on your environment) from My AMIs. If installing a prepackaged marketplace Charon-SSP image, this image must be used. If you plan to install Charon-SSP using RPM packages, use a Linux version supported for Charon-SSP.

Clicking on one of the categories above will display a list of images. Select the appropriate Charon-SSP AMI (marketplace image) or Linux instance (for RPM installation).

This will take you to the next step, the instance type selection.


2. Choose Instance Type:

Amazon EC2 offers instance types with varying combinations of CPU, memory, storage, and networking capacity.

Select an instance type that matches the requirements of the Charon-SSP product.


When done, continue by clicking on the Next: Configure Instance button.


3. Configure Instance:

In this section, you can set up the details of your instance configuration. For example, you can select the following:

  • The VPC subnet your instance should be in.
  • Whether an interface should automatically be assigned a public IP address.
  • If you scroll down to the bottom of the page, you also can assign non-default and/or additional Ethernet interfaces to the instance.
    Please note: automatic assignment of a public IP address only works if there is only one network interface attached to the instance.

If you plan to run a VE license server on the instance, you must assign an IAM role to the instance that allows at least the ListUsers action. If such a role has not yet been defined, please refer to Creating and Attaching an AWS IAM Role and to the documentation provided by AWS for additional information.

Once you have selected all desired configuration options, click on Next: Add storage to continue.



4. Add Storage:

The size of the root volume (the system disk) must be appropriate for your environment (recommended minimum system disk size: 30GB). You can also add more storage later to provide space for virtual disk containers and other storage requirements.

Please note: It is recommended to create separate storage space (using AWS EBS volumes) for Charon application data (e.g., disk images). If required, such volumes can later easily be migrated to another instance (see Storage Management).


Once you are done, again click on the Next: Add tags button.


5. Add Tags:

Tags allow you to add information to your instance, for example, an easily remembered name as shown in the example below:

After adding tags as required, continue to the next step (Configure Security Groups).


6. Configure Security Groups:

A security group is similar to a firewall. It defines which traffic is allowed to flow to and from the instance. For Charon-SSP you must at least enable SSH access to the system. This will allow you to access the management interface and to run Charon-SSP services via an SSH VPN tunnel. You can select an existing group or create a new one. If you create a new one, you can enter an name and an appropriate description. An example of a security group is shown below.

The warning shown alerts the user to the fact that the source IP addresses are not restricted, i.e., any system is allowed to use SSH to access the instance. Restrict the source address range if possible. See also the Firewall Requirements section in the general Charon-SSP user's guide.

Once you have set up your security group, continue to the next step (Review and Launch).

7. Review:

Here you can review the configuration of your instance and edit the individual sections if required. The image below shows a sample:

If you are satisfied with the settings, click on the Launch button to start your instance for the first time.


8. Launch and select/create key-pair for access:

When starting the instance for the first time, you will be shown a window asking you to create a new key-pair or to use an existing one. When creating a new key-pair, you must download the private key to your local system and store it in a safe place. It is required to access your instance. The public key is stored in the newly created Charon-SSP host system. When using a Charon-SSP marketplace image, the public key is stored in the authorized_keys file of the sshuser and the charon user. For other Linux images it is stored in the defined management user for the image. The sample below shows the window when the creation of a new key-pair was selected:

You cannot start the instance without downloading the key. If you select to re-use an existing key-pair, you must confirm that you are in possession of the private key before you can launch the instance.


Verify that instance is running:

After starting your instance for the first time, you will see it in the initializing state in the list of your AWS instances. It will take a bit of time to get to the running state. After this, important information, for example, the public IP address and public DNS name (marked in red) of the instance will also be displayed. The following image shows an example:

The following sections will show you how to access the instance and how to perform additional storage and network configurations.

Please note: if you select your instance, the bottom of the screen will show a detailed description and status information of your instance.

<Go to top>



© Stromasys, 1999-2024  - All the information is provided on the best effort basis, and might be changed anytime without notice. Information provided does not mean Stromasys commitment to any features described.