AWS Manual Set Up

This section will walk you through the steps required to manually get a single Solace PubSub+ software message broker cloud image running and ready for messaging in AWS.

Before you begin

It's assumed you have:

  • Access to AWS.

System Requirements

The number of CPUs and system memory required by your message broker depends on the number of client connections you need to support. By default, fresh installations of the message broker allow up to 100 client connections.

The following table lists the minimum system resources required to support each client connection scaling tier.

Minimum System Resources Required For Connection Scaling Tiers

Client Connections CPUs* Virtual Memory (MiB)
up to 100 2 1,903
up to 1,000 2 5,301
up to 10,000 4 12,892
up to 100,000 8 28,191
up to 200,000 12 53,816

*The monitoring node in a high-availability (HA) group needs only 1 CPU.

For Proof-of-Concept deployments, if you don't have any other overriding storage requirements, it's recommended to provision 30 GB of space.

For production use, it's recommended that all the message broker's storage elements be placed on external storage. For instructions on provisioning suitable storage space, see Storage Configuration.

Note:  For production use, the minimum supported instance type for a Solace PubSub+ software message broker message routing node is m4.large with a storage value type IO1 with 3000 IOPS. For a monitoring node, the minimum supported instance type is t2.micro with a storage volume type gp2.

Note:  Performance in AWS will vary depending on instance type and storage configuration. Solace has characterized that deterministic performance is achieved using an instance type of m4.10xlarge with a storage volume type IO1 with 10,000 IOPs. AWS provides different instance types between m4.large and m4.10xlarge which may be suitable for your requirements.

HA Considerations

To deploy message brokers in high-availability (HA) redundancy groups, you must set up three separate message broker instances, and then configure them as an HA group. For more information on how to configure existing message brokers into an HA group, see HA Group Configuration.

Also, a Solace Quick Start template is available at GitHub, and at AWS Quick Starts, that makes use of AWS Cloud Formation to create Solace PubSub+ software message brokers in an HA group that is suitable for proof-of-concept testing.

Step 1: Start an Instance in AWS

To start a message broker instance in AWS, perform the following steps:

  1. Obtain a Solace Amazon Machine Image (AMI) package for the type of message broker edition you will use.
    • For either Solace PubSub+ Standard or Enterprise Evaluation Edition:

      You must download the AMI through a Solace provided link.

      1. Go to the Solace PubSub+ Message Broker downloads page. Then select the Amazon Web Services square, either in the PubSub+ Standard or PubSub+ Enterprise Evaluation section.
      2. Under AWS AMIs, select an appropriate AWS region, then after you accept the license agreement, you will be emailed a link that will take you to the AWS Instance Launch Wizard.
    • For Solace PubSub+ Enterprise:

      Solace makes the AMI directly available to your AWS account.

      1. Log in to your AWS account, and from the main AWS dashboard, select EC2, then click Launch Instance.

        EC2 selection

      2. In the Choose AMI screen, select My AMIs, then select Ownership, and enable Shared with Me.
      3. Find the Solace AMI (the image name has a format of solace-pubsub-enterprise-$VERSION-$OS-$PACAKGE_VERSION-$BUILDREV), then click Select.

        Choose AMI

  2. In the Choose Instance Type screen, choose an appropriate Amazon Virtual Private Cloud (VPC) and subnet, and then click Next: Configure Instance Details.

    For information about VPCs and subnets, refer to AWS documentation.

    Choose an Instance Type

  3. In the Configure Instance Details screen, configure the VPC, then click Next: Add Storage.
  4. Configure Instance Details

  5. In the Add Storage screen, select a sufficiently-sized volume, and then click Next: Add Tags.

  6. In the Add Tags screen, add tags as appropriate to keep your message broker instances organized, then click Next: Configure Security Group.

    The following example uses Name, Owner, and Version but you can choose any tags that make sense for your application.

    Tag Instance

  7. In the Configure Security Group screen, create an appropriate security rule for each port that the message broker uses for a service to enable connectivity to your message broker, and then click Review and Launch.

    For information on the default ports the message broker uses, refer to Default Configuration for Software Message Brokers. The example below includes rules for all service ports that the message broker may use. Alternatively you may only expose the services required for your application.

    Note  
    • AWS can provide a private and public IP address. These addresses must be considered in the security group configuration.
    • If you will be using the Solace PubSub+ software message broker in an HA redundancy group with other Solace PubSub+ software message brokers, you must create security rules for ports 8300, 8301, 8302, and 8741.

    Configure Security Group

  8. In the Review Screen, review your instance. Ignore the warnings, and click Launch.
  9. The instance will start. In the dialog box that starts, choose an authentication key pair for the message broker instance, which can be used for this first login to the message broker, and then click Launch Instance.

    Authentication Key Pair

    The EC2 dashboard will show your message broker instance under Instances. Here you can find the external and internal IP address of the instance. (For more information, refer to IP Addressing in Cloud Instances.)

  10. To log into the Linux Host shell, enter the following command:

    ssh -i <auth_key> sysadmin@<public_ip>

Step 2: Access the Solace CLI

You can access the Solace CLI from the console in the Linux host environment. This is done through the Solace Control Utility.

When you first access the Solace CLI, you should do the following:

  • set a password for the admin user, which has access to all CLI commands
  • determine the message broker’s IP address so that you can enable remote access

To access the Solace CLI, do the following:

  1. To enter the Solace CLI from the console in the Linux host environment, enter the following command in the Linux host shell.

    [sysadmin@solace ~]$ solacectl cli

    A CLI banner and prompt appears.

    At the > prompt, you are at the User EXEC level of the Solace CLI command structure.

  2. Within the Solace CLI, enter the following commands to create an admin user named admin:

    solace> enable
    solace# configure
    solace(configure)# create username admin password <password>
    solace(configure/username)# global-access-level admin

  3. To determine the IP address assigned to the message broker, enter the following command:

    solace> show ip vrf management

    The displayed output lists the IP address assigned to the message broker (listed for eth0:1), which can be used to remotely manage it (that is, not from the VM console).

    solace> show ip vrf management
    VRF: management
    Number of interfaces: 1
    
    Status Flags:   R=Redundancy,  A=Admin,  O=Oper,  P=Physical
    Status Values:  U=Up,  D=Down,  N=Not Applicable
    
    Status
    Interface       V Router  IP Address          Source  R  A  O  P
    --------------  --------  ------------------  ------  -----------
    intf0:1         static    <IP Address>        system  U  U  U  U
    
    Number of active global routes: 5
    
    Destination       Gateway           Network Mask      Interface
    ----------------  ----------------  ----------------  ----------
    169.254.169.254   *                 255.255.255.255   N/A
    172.17.0.0        *                 255.255.0.0       N/A
    default           192.168.128.1     0.0.0.0           intf0
    169.254.0.0       *                 255.255.0.0       intf0
    192.168.128.0     *                 255.255.240.0     intf0
  4. To remotely access the Solace CLI for the message broker, you can now ssh to port 2222 of the message broker’s IP address and login in as the admin user.
  5. ssh -p 2222 admin@<public_ip>

Tip:  In addition to the admin CLI User, you can create additional CLI and file transfer users through the Solace CLI in the manner described in Management & Shell Users.

Step 3: Review Configuration Defaults

By default, a Solace PubSub+ software message broker starts with a basic configuration that has most common services enabled and ready for use. This basic configuration, and the default ports, can be modified as required. For details, see Default Configuration for Software Message Brokers.

Next Steps

You now have a Solace PubSub+ software message running in AWS with a basic configuration that is ready for messaging tasks. However, there are additional configuration tasks you can perform. At this stage, you should consider doing the following:

  1. For information on how to configure and manage features, refer to the topics in Configuration. Configuration and management tools you can use include Solace CLI (refer to Solace CLI) , PubSub+ Manager (refer to Solace PubSub+ Manager), or SolAdmin (refer to SolAdmin).
  2. If you are interested in configuring a high-availability (HA) redundancy group of message brokers, you'll find instructions on the page HA Configuration for Software Message Brokers. Also, over in GitHub there is a quick start called Install and Configure Solace PubSub+ Software Message Brokers in an HA Tuple using AWS Cloud Formation that will take you through the steps of HA configuration.
  3. Message broker set ups in AWS can also make use of cloud-init for configuring advanced deployments. For details, refer to AWS PubSub+ Initialization in the Initializing with Cloud-Init section.