Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Launching an AWS Instance

This chapter tells how to launch an AWS instance on which to run the Paragon Active Assurance AMI.

Be aware that the AMI is shared to a specific geographical region within EC2. Therefore you need to know what region that is and make sure you access the same region.

Logging In to Amazon EC2

  • Click Services on the top bar.
  • In the Compute section, click EC2. You are taken to the EC2 Management Console.

Choosing an AMI

  • Under the heading Create Instance, click the Launch Instance button.

  • In the left-hand menu, click AWS Marketplace.
  • In the search field, enter “paragon”. You will find an AMI called “Paragon Active Assurance Test Agent”.
  • Click the Select button next to the Test Agent AMI.
  • On the screen that appears, click Continue. You are now taken to the next step.

Choosing an AWS Instance Type

A large number of AWS instance types will typically appear in this list. Which one to choose depends on the performance needed when running the AMI. We recommend an Amazon EC2 C5 instance for the Test Agent.

  • Select an AWS instance type, then click the button Next: Configure Instance Details at the bottom of the page.

Configuring AWS Instance Details

The default settings can be kept here. However, it is highly recommended that you also enter the cloud-init config for the vTA as user data, as explained below. Alternatively, you can configure this after launching the instance by connecting to the vTA via SSH and navigating the vTA console interface (see chapter Troubleshooting).

  • Expand the Advanced Details section at the bottom of the page.
  • Under User data, provide the cloud-init config for the vTA, either by pasting it into the box (As text option) or by browsing to a file (As file option).
Configuring AWS Instance Details

The basic cloud-init config is as shown below. Text in angle brackets < > needs to be replaced by the proper strings. Note that lines with parameter settings must be indented as shown. Lines where the default value is kept can be omitted.

The following parameters are required only if management_address_type is “static”:

The following parameters are required only if the vTA is connecting to the server through an HTTP proxy:

The following parameters are required only if http_proxy_auth_type is “basic”:

  • The remaining settings can be left as-is.
  • Once you have entered your cloud-init config data, click the Next: Add Storage button.

Selecting Storage

The recommendation here is at least 2 GB of storage.

  • Select a suitable storage device, then click the Next: Add Tags button.

Adding Tags

This step is optional. There is no need to add any tags for the AMI Test Agent.

  • Click the Next: Configure Security Group button.

Configuring Security Group

The security group selected here must allow outgoing traffic on ports that the vTA needs in order to communicate with Control Center. Specifically, for SaaS, TCP port 443; for an on-premise installation, TCP port 6000. In addition, UDP port 123 needs to be open to permit NTP time sync.

The security group must also allow traffic on all ports needed for the testing you intend to do with the vTA.

  • After selecting a security group, click the Review and Launch button.

Reviewing Your Instance Settings and Selecting an SSH Key Pair

  • On this page, check that all settings for the AWS instance are appropriate. Then click Launch.
  • You are prompted to select a public–private key pair for connecting securely to your AWS instance via SSH. If you have such a private key, select the option Choose an existing key pair. Otherwise, select the option Proceed without a key pair and check the “I acknowledge…” box.
  • Finish by clicking the Launch Instances button.

Your instance should now appear under Instances in the EC2 Management Console. After it has started up, Instance State will be “running”:

Reviewing Your Instance Settings and Selecting an SSH Key Pair

The Test Agent will now automatically register with Control Center and will then appear in the Control Center web GUI under Test Agents. Check for the AWS instance name in that view to verify that the Test Agent has registered.