DEVOPS & CLOUD

Getting started on 5G Edge with Boto3

Launch your first Amazon EC2 instance in a Wavelength Zone using Boto3 and Python

4 min readNov 16, 2020

Robert Belson, Corporate Strategy, Verizon
Saravanan Shanmugam, Lead AWS Wavelength Solutions Architect, Amazon Web Services

About this post

5G Edge and AWS® Wavelength are available in a growing number of cities across the country. That means you can now build applications at the network edge across seven Wavelength Zones in:

Boston (us-east-1-wl1-bos-wlz-1)
San Francisco Bay Area (us-west-2-wl1-sfo-wlz-1)
Atlanta (us-east-1-wl1-atl-wlz-1)
Washington, DC (us-east-1-wl1-was-wlz-1)
New York City (us-east-1-wl1-nyc-wlz-1)
Dallas (us-east-1-wl1-dfw-wlz-1)
Miami (us-east-1-wl1-mia-wlz-1)

While many of you are deploying applications today on 5G Edge using the Amazon Web Services® (AWS) command-line interface (CLI) or AWS Management Console, we’ve been hearing questions about how you can automate the deployment of your infrastructure. So in this edition, we’ll be automating the deployment of an Amazon® Elastic Cloud Compute (EC2) instance in the Boston Wavelength Zone using Boto3, AWS’s software development kit for Python®.

Requirements and getting started

To get started, make sure you have provisioned AWS credentials for the lab, either through the AWS CLI or through Boto. To learn more about provisioning credentials, check out the Boto3 Quickstart guide.

Step 1: Provision main function.

First, let’s import Boto3, configure the client with appropriate credentials and set us-east-1 as your default region. We’ll be using launchWavelengthZone as our function to automate the deployment of all the requisite components for your Wavelength Zone.

if __name__ == "__main__":
    client = boto3.client('ec2',aws_access_key_id="your_key_id",
    aws_secret_access_key="your_secret_key",region_name='us-east-1')
    ec2 = boto3.resource('ec2',aws_access_key_id="your-key",
    aws_secret_access_key="your-secret",region_name='us-east-1')
    launchWavelengthZone()

Step 2: Create VPC and Carrier Gateway

In the body of the launchWavelengthZone function, launch a virtual public cloud (VPC) with 10.0.2.0/24 Classless Inter-Domain Routing (CIDR) in the us-east-1 region. Feel free to name your VPC, in the tagging, such as “Wavelength Test VPC.”

import boto3
import time
def launchWavelengthInfra():
    print("Launching Wavelength Zone..")# create VPC
    vpc = client.create_vpc(CidrBlock='10.0.2.0/24',
        TagSpecifications=[
            {'ResourceType': 'vpc','Tags': [{'Key': 'Name','Value': 'WL_Test_VPC'}]},
            ]
        )
    time.sleep(1) #Provide time for VPC to launch
    print("VPC launch complete...")
    vpc_id=vpc["Vpc"]["VpcId"]# Create carrier gateway
    cgw = client.create_carrier_gateway(VpcId=vpc_id)
    cgw_id=cgw["CarrierGateway"]["CarrierGatewayId"]
    print("Carrier gateway launch complete...")

Step 3: Create route table and public route to carrier gateway.

After instantiating the carrier gateway, you’ll create a route table with a default route to the carrier gateway. Please note that Boto added a new attribute in the create_route() function to take the carrier gateway ID as CarrierGatewayId.

#Create a route table and a public route
    route_table = client.create_route_table(VpcId=vpc_id)
    rt_id=route_table["RouteTable"]["RouteTableId"]
    print("Route table created...")    route = client.create_route(
        DestinationCidrBlock='0.0.0.0/0',
        CarrierGatewayId=cgw_id,
        RouteTableId=rt_id
    )
    print("Route to carrier gateway complete...")

Step 4: Create subnet and associate route table.

And now, the fun part! Create a subnet with 10.0.2.0/26 range and give it an appropriate name, such as “Wavelength Test Subnet.” Make sure to specify in the AvailabilityZone parameter of the create_subnet() function the relevant Wavelength Zone, which in this case is us-east-1-wl1-bos-wlz-1. Next, associate the route table to the subnet you just created. Note that the Wavelength Zone is being treated exactly like a traditional Availability Zone.

#Create subnet
    subnet = client.create_subnet(CidrBlock='10.0.2.0/26',
        TagSpecifications=[{'ResourceType': 'subnet','Tags': [{'Key': 'Name','Value': 'WL_Test_Subnet'}]}],
        AvailabilityZone='us-east-1-wl1-bos-wlz-1',
        VpcId=vpc_id
        )
    subnet_id=subnet["Subnet"]["SubnetId"]
    print("Subnet (Wavelength Zone) created..")##Associate route table to subnet
    route_table = ec2.RouteTable(rt_id)
    route_table_association =   route_table.associate_with_subnet(SubnetId=subnet_id)
    print("Association of route table to subnet complete..")

Step 5: Define security groups and allocate Carrier IP.

Before we launch the EC2 instance, we need a security group that enables Internet Control Messaging Protocol (ICMP) traffic, so that mobile clients can ping the instance for reachability. To do so, authorize an ingress group allowing ICMP traffic from any IP range of your choice. By definition, Wavelength Zones will deny traffic from non-Verizon UEs. You may also authorize the ingress group to allow HTTP(S) traffic, as well.

Next, to allocate a Carrier IP address — which provides the EC2 instances with access to the Verizon carrier network — call the allocate_address() function as you would for Elastic IP, but specify the Boston Wavelength Zone in the NetworkBorderGroup parameter.

Last, create an Elastic Network Interface (ENI) in the Wavelength Zone subnet and associate the Carrier IP to the ENI. This will be important when we attach the ENI to the EC2 instance in the final step.

# Create security group
    securityGroup = ec2.create_security_group(
        GroupName='Enabled_ICMP', Description='Security group with ICMP access', VpcId=vpc_id)
    securityGroup.authorize_ingress(
        CidrIp='0.0.0.0/0',
        IpProtocol='icmp',
        FromPort=-1,
        ToPort=-1
    )
    print(securityGroup.id)
    print("Security group initialization complete...")##Allocate IP address
    ipAddress = client.allocate_address(
        Domain='vpc',
        NetworkBorderGroup='us-east-1-wl1-bos-wlz-1',
    )
    print("IP address allocated in NBG...")
    print(ipAddress)##Create ENI
    eni=client.create_network_interface(SubnetId=subnet_id)
    eni_id=eni["NetworkInterface"]["NetworkInterfaceId"]
    print("ENI created..")##Associate IP to ENI
    assoc = client.associate_address(
    AllocationId=ipAddress["AllocationId"],
    NetworkInterfaceId=eni_id,
    )
    print("Association of Carrier IP to ENI complete..")

Step 6: Launch EC2 instance in Wavelength Zone.

In this last step, by associating the ENI you created above to the EC2 instance, you will be implicitly assigning the instance to the Wavelength Zone you described above. Be sure to include one of the instance types available in Wavelength Zones (t3.medium, t3.xlarge, r5.2xlarge, g4dn.2xlarge) in the InstanceType parameter.

#Create EC2 Instance in Wavelength Zone
    instance = ec2.create_instances(
        ImageId='ami-0947d2ba12ee1ff75',
        InstanceType='t3.medium',
        MaxCount=1,
        MinCount=1,
        NetworkInterfaces=[{'DeviceIndex': 0,"NetworkInterfaceId":eni_id}]
    )
    print(instance)
    print(type(instance))
    print("EC2 instance deployed...")

After completing step 6, please visit the AWS Management Console and navigate to Running instances within the EC2 console, and you will see your instance live!

Acknowledgments

Thank you to Saravanan Shanmugam and the AWS team for contributing to this tutorial. To learn more about Boto3, check out the documentation!