Anapaya EDGE on AWS¶

This section will guide you through the steps to get the Anapaya EDGE Appliance from the AWS Marketplace up and running.

Prerequisites¶

Before you can start, you need to have an AWS account. If you do not have one yet, you can create one here. You also need to have a SCION access into the AWS cloud. If you do not have one yet, please contact the Anapaya Customer Success team.

Installation¶

The Anapaya EDGE Appliance is available on the AWS Marketplace, under the name “Anapaya EDGE”. The appliance is available in many different regions. After subscribing to the product, you can launch it directly from the AWS Marketplace in your preferred region.

We recommend starting with a t3.medium or similar instance type, which is the smallest instance type that is supported by the appliance. You can always change the instance type later on if you want to increase performance.

Make sure to select an SSH key pair that you have access to. You will need this key pair to connect to the appliance via SSH.

VPC Configuration¶

We recommend to launch the appliance in a VPC that has at least two subnets. One subnet is used for the management interface and can have Internet access. The other subnet is used for the SCION interface towards the SCION network and the IP addressing details of this subnet are provided by your SCION access provider. Ideally, you should also have a third subnet that is used to connect the EDGE appliance to your applications.

Security Group Configuration¶

If you want to access the appliance from the Internet via SSH, you need to configure the security group to allow incoming SSH connections. The appliance uses port 22 for SSH.

Connecting to the Appliance¶

Once the appliance is launched, you can connect to it via SSH. The appliance uses the anapaya user for SSH access and the SSH key pair that you selected during the launch process.

Configuration¶

After connecting to the appliance, you can configure it using the appliance-cli. Refer to the Initial Configuration section in the general getting started guide for more details

Note

The appliance is configured to use DHCP on initial launch. When you start changing the appliance configuration, you should first configure the interfaces section with the DHCP values for the management interface that were assigned by AWS. Otherwise, you might lose connectivity to the appliance.

NAT Configuration¶

In some scenarios you might need to configure NAT on the appliance. Refer to the Network Address Translation (NAT) section in the general configuration guide for more details.