The setup and installation steps detailed below will deploy a base configuration which will be used as a reference for more complex deployment scenarios.

The following hardware is needed for deploying the base configuration: One server running the CentOS 7 distribution The CentOS 7 server must be updated to the latest revision before installing Enea Edge, and configured for English language usage. The following will detail CPU, RAM and storage requirements for the Enea Edge Management application: For small-sized deployments (tens of devices): 4 cores 16 GB RAM 300 GB single disk storage For mid-sized deployments (hundreds of devices): 8 cores 32 GB RAM 300 GB single disk storage For large deployments (thousands of devices): 16 cores 64-256 GB RAM 1-2 TB single disk storage The purpose of the CentOS 7 server is to host the Enea Edge Management application. Network access between the CentOS 7 server and the uCPE devices is required. The Enea Edge Management application and the uCPE devices will be connected on separate subnets to avoid inconsistencies. One or more uCPE devices. Whitebox devices where the Enea Edge Runtime will be installed, containing a minimum of 2 cores and 2 GB RAM and at least two ethernet ports that will be configured as WAN and LAN during deployment. When hosting an entire solution including one or several network services, the hardware must also have the resources to host one or more VNFs. During a typical evaluation, a dual VNF service on the Enea Edge Runtime needs a CPU with 4-8 cores and at least 8 GB RAM. The supported Intel CPUs of Enea Edge are documented in the Manual. Enea Edge Runtime needs EFI support in BIOS to boot. When configuring the uCPE device BIOS a serial connection is required. A laptop. The laptop is used for 2 scenarios: Installing the Enea Edge Runtime on uCPE Devices. Connecting to the GUI of the Enea Edge Management application for management and configuration. Network access between the CentOS 7 server and the laptop is required. The recommended browser for the current release is Google Chrome. A 16 GB USB stick used for the uCPE Device Installation.

The CentOS 7 server requires a specific configuration for the setup to work.

Any firewall running on the CentOS 7 server may block the management protocols required to communicate between the uCPE device and the Enea Edge Management application as well as between the Enea Edge Management application and its northbound clients. Quick handling of a blocking firewall would be to disable it, typical for a lab environment, through: sudo systemctl stop firewalld sudo systemctl disable firewalld sudo systemctl mask now firewalld For an advanced firewall configuration, the following ports need to be opened: 80 TCP Required for GUI Access. 443 TCP Required for GUI Access and Device Connectivity. 54327 UDP Required for the Enea Edge Management application High Availability Configuration. 5701:5708 TCP Required for the Enea Edge Management application High Availability Configuration. 4334 TCP Required for Call Home. 2021:2040 TCP Required for Call Home when connecting uCPE Devices using Enea NFV Access 2.3.0 or older. Use the following command sequence to enable the required ports for deployment of the Enea Edge Management application: sudo firewall-cmd --permanent --add-port=80/tcp sudo firewall-cmd --permanent --add-port=443/tcp sudo firewall-cmd --permanent --add-port=54327/udp sudo firewall-cmd --permanent --add-port=5701-5708/tcp sudo firewall-cmd --permanent --add-port=4334/tcp sudo firewall-cmd --permanent --add-port=2021-2040/tcp sudo firewall-cmd --reload If the Enea Edge Management host resides behind a corporate port-filtering firewall, then all the aforementioned ports need to also be enabled on the respective firewall. As an additional requirement, port 22/TCP also needs to be enabled for reverse SSH to the Enea Edge Management application. No enabling and no forwarding rules are necessary for ports 2021-2040 if Enea Edge 2.4.0 or newer is used.

The Enea Edge Management application requires a specific Java version (OpenJDK 11) and a PostgreSQL version to operate correctly. Installing OpenJDK Install OpenJDK 11 using the root account: yum install java-11-openjdk-devel Verify the installation: java -version openjdk version "11.0.3" 2019-04-16 LTS OpenJDK Run Time Environment 18.9 (build 11.0.3+7-LTS) OpenJDK 64-Bit Server VM 18.9 (build 11.0.3+7-LTS, mixed mode, sharing) If there are multiple java versions installed, switch between them using the following command: alternatives --config java Optionally, the user can switch between the javac versions using: alternatives --config javac The following system variables need to point to the OpenJDK 11 installation: export JAVA_HOME=$(dirname $(dirname $(readlink $(readlink $(which java))))) export PATH=$PATH:$JAVA_HOME/bin export CLASSPATH=.:$JAVA_HOME/jre/lib:$JAVA_HOME/lib:$JAVA_HOME/lib/tools.jar In order to make these system variables persistent, the commands given above should be added to a script in the /etc/profile.d/ folder. Sudo access is needed for this operation. The Enea Edge Management application requires a specific PostgreSQL version. This is embedded in the Enea Edge Management installation. In order to avoid conflicts, any existing PostgreSQL installation needs to be uninstalled. Uninstalling PostgreSQL Open a terminal with administrative rights, i.e. log into a bash shell with root privileges. Execute the following command to check if you have a currently running PostgreSQL database server: ps -ef | grep post Remove the installed PostgreSQL server (including the existing postgres user): This step is not necessary if the Enea Edge Management application will be using an external database (like MariaDB). yum remove postgres\* rm -rf /var/lib/pgsql rm -f /etc/postgres-reg.ini userdel postgres If you have multiple spindles, it is recommended to let the application run off one and the database off the other. This will result in optimum performance. It is also recommended that the swap disk be the same as the one used for the application. Assuming another spindle is used (/drive2) do the following: Create a folder which will host the database (e.g. emsDatabase). Create a soft-link that will point to this folder: ln -s /opt/ems/elementcenter/database /drive2/emsDatabase Follow the installation steps for the Enea Edge Management application available in Installing the Enea Edge Management application in the Manual.

A typical whitebox comes with multiple physical network ports, ready to be used. The user must determine the purpose and allocation of each port. The allocation is later aligned with the software configuration within the Web-installer. A common way is to allocate the left ports to WANs and the right ports to LANs. At least one port must be allocated to WAN and one to LAN.

Each uCPE device needs a unique identifier. This identifier is used to match the registration in the Enea Edge Management application and the offline configuration of the uCPE device during ZTP (Zero Touch Provisioning). Select a text string to represent the uCPE device, e.g. uCPE-1 or fwa-t1012vc_boston_1234. It can have any length and any type of characters with the exception of quotation characters (' or ") or line terminators (\n or \r).

The factory configuration of the BIOS may not match the requirements of Enea Edge Runtime. The BIOS configuration needs to be reviewed and potentially reconfigured to prepare for a successful installation. Access the BIOS using a serial cable between the uCPE device and the laptop, to review and configure the BIOS correctly. The whitebox vendor is expected to provide the right serial cable for the box. A terminal emulator (such as putty) is needed on the laptop. Enable the following BIOS features/configurations: EFI Intel Virtualization Technology (VT-x) Intel Virtualization Technology for Directed I/O (VT-d) SR-IOV The boot order may also need to be modified to support installation and execution of the Enea Edge Runtime on the uCPE device. The following boot order is recommended for a base configuration: Boot from USB Boot from Disk By arranging the above boot order there is no need for a further configuration of the BIOS during installation and deployment.

The Enea Edge Management application can be installed using a fresh (first-time) configuration or using a backup file of a previous installation, created within the Enea Edge Management GUI.

On the CentOS 7 server open a terminal, log into a bash shell with the root account and perform the following: Extract Enea_Edge_Management_<version>-build<build_number>.tar.gz The directory in which the archive has been unpacked will be denoted as: <EEMg-installerdir>. Enter <EEMg-installerdir>/dist. Choose the target installation folder, e.g. /opt/ems. Everything will be installed under a folder called /ucpemanager within the target installation folder. The application files will be installed in /opt/ems/ucpemanager/application. The database will be installed in /opt/ems/ucpemanager/database. Run the following interactive command: ./install.sh /opt/ems \ Enea_Edge_Management_<version>-build<build_number>.tar.gz The default configuration values are specified in brackets. If no other value is preferred and typed in, pressing ENTER will keep the default values. When there is an option within parentheses (i.e.Y/N), a value must be specified. The same configuration values set now will need to be provided when upgrading or uninstalling the Enea Edge Management application. Database Configurations: Are you using the embedded PostgreSQL database? [Y/N]: Y. Specify the database process password [postgres]: Specify the database ID (or name) [ucpemanager]: Specify the database server port [5432]: Specify a database user name [postgres]: Specify a database password [postgres]: Specify the database startup thread pool size [1]: Service Configurations: Specify a service username [EneaEdgeManagement]: Specify a service password [EneaEdgeManagement]: High Availability Configurations: Specify the IP address of the local interface: The CentOS 7 Server loopback address: 127.0.0.1. Is this server part of a cluster? [Y/N]: N. Create the self-signed certificate: Specify IP or domain name (or press Enter to skip): The Tomcat self-signed certificate can be generated again by running the createCertificate.sh. For more details, please see Tomcat Certificate Generation in the Manual. The generation of the Tomcat self-signed certificate should be skipped only if another certificate will be provided. Heap Configuration: Please enter the new Maximum Heap Size [4g]: This command will: Extract the application files from the compressed installation kit. Install the bundled database. Install the Enea Edge Management application as a service with the name ucpemanager. Start the ucpemanager service. Using the IPv4 address of the CentOS 7 Server in a web browser, running on the laptop, log into the Enea Edge Management GUI using the default username and password: admin/admin. The IPv4 address of the CentOS 7 Server will be used as a configuration parameter when setting up the uCPE devices. If the CentOS 7 Server is installed behind NAT, the IPv4 address used will be the public IP of the NAT device and port forwarding rules must be created to ensure the uCPE device can access the Enea Edge Management application. For more details, please see Firewall Configuration.

The Enea Edge Management application can be restored if a backup file has been previously created. A backup file can be created by accessing the System menu, and clicking System Backup, from the Enea Edge Management GUI. The resulting zip archive will be located in the /opt/ems/ucpemanager/application/backup folder and will be named SystemBackup_MMMDD_YYYY_HHMM_SS.zip (e.g System-Backup_Feb19_2013_2257_42.zip). Save the archive to another location outside the Enea Edge Management installation folder for future use. The System Back-up file obtained from the Enea Edge Management GUI (SystemBackup_MMMDD_YYYY_HHMM_SS.zip) is different from the snapshot obtained during an Enea Edge Management Upgrade or Uninstall operation (EneaEdgeManagement-Backup-YYYYddMMHHmm.tar.gz) needed for recovery of the Enea Edge Management application. For more details, see Restoring a previous Enea Edge Management installation in the Manual. To install the Enea Edge Management application with the restore option provide an additional argument as shown below during installation: ./install.sh \ /opt/ems Enea_Edge_Management_<version>-build<build_number>.tar.gz \ SystemBackup_MMMDD_YYYY_HHMM_SS.zip

To install the Enea Edge Runtime, create a bootable USB stick with the image you intend to install. In the example below, step by step instructions are provided for the CentOS 7 distribution. It's possible with the appropriate tools to also use Windows OS or MacOS. The .hddimg image is available in the Enea_Edge_Runtime_<processor>_<version>-build<build_number>.tar.gz file you downloaded with your release. Create a bootable USB stick image Copy the .hddimg image file provided by Enea, onto the CentOS 7 server. Connect the USB stick to the CentOS 7 Server and identify the USB device name given by the system with lsblk: NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 1 28.7G 0 disk sdb 8:0 0 111.8G 0 disk |-sdb1 8:1 0 111.8G 0 part Copy the .hddimg image onto the USB stick, e.g: sudo dd if=./enea-edge-runtime-<processor>.hddimg \ of=/dev/sdb bs=4M conv=fsync Where enea-edge-runtime-<processor>.hddimg is the .hddimg file and sdb is the assigned USB device name.

While the uCPE device is powered off, in order to install and configure the Enea Edge Runtime (using the prepared USB stick), connect the laptop to a uCPE device LAN port. For this purpose, a Layer 2 switch or direct cable connection can be used.

To initiate the installation of the Enea Edge Runtime do the following: Plug the USB stick into the uCPE device. Power up the uCPE device and boot the USB stick. The Web-installer application will start automatically and can be accessed in a web browser on the laptop at http://172.16.1.1 (port 80). On the Requirements page of the Web-installer, the user must confirm the the current state of the installation prerequisites is inline with the desired state: Requirements table. Minimum values apply to the installation process only. For runtime operations, additional resources should be available depending on the specific workload. Requirements are color coded (green when met, red when mandatory and not met, orange when optional and not met). The Requirements table has the following fields: Disk size (mandatory). 2GB or more are required for the installation. CPU cores (mandatory). 2 cores or more are required for the installation. RAM (mandatory). 2GB or more are required for the installation. VT-x (mandatory). Intel Virtualization Technology must be enabled. VT-d (optional, recommended). Intel Virtualization Technology for Directed I/O should be enabled. IOMMU Group separation (optional). If the hardware does not support IOMMU Group separation, there are certain limitations regarding how the vfio-pci driver can be used. For more details, see the Known Issues and Limitations in this Release in the Manual. Force installation checkbox. When enabled, the installation can be performed even if some of the mandatory requirements are not met or if non-fatal problems are detected during the process. On the Enea Edge Management settings page of the Web-installer, the user must fill in: The static Enea Edge Management IP Address or FQDN. This can be either: The IP address of the Enea Edge Management host machine, if the device can directly access it. The IP address of the NAT device, if the Enea Edge Management host is located behind a NAT. For more details, please see Firewall Configuration. The Fully Qualified Domain Name (FQDN) of the Enea Edge Management host machine. The unique identifier of the uCPE device (called "DeviceId" in this Manual). Customer Tags. They are used for Zero Touch Provisioning (ZTP) and can be left empty for a base configuration. What can be entered here (if needed), are the tag(s) specified when creating an offline configuration in the Enea Edge Management application. A later addition of customer tags can only be done by re-installing the uCPE devices. Connect the WAN cable to the uCPE device (see Figure 2.1 Preparing for Hardware Installation). This will be used as the uCPE management network interface, as described below. On the Network Setup page of the Web-installer, the user must do the following: Select a WAN interface to use as the management network interface. This interface is used by the Enea Edge Management application to communicate with the uCPE device. Plug in additional WAN interfaces (if applicable) and provide their Layer 3 configuration. An interface can be configured in dhcp or static mode. When configured in static mode, the following options are available: Static IP (mandatory) Netmask (mandatory) Gateway (mandatory) DNS Server List (a comma separated list of IPv4 addresses) (optional). If left empty it will use the Gateway as the DNS, with 1.1.1.1 as fallback. When the user has completed the configuration steps in the Web-installer, Enea Edge Runtime is installed on the hard drive. At this stage, the user should remove the USB stick and the LAN cable, and shutdown the uCPE device. It will be started after necessary configurations are done in the Enea Edge Management application, as described below. If errors are detected during installation, full logs will be available on the last page of the Web-installer. Please contact Enea for log analysis. The system is not expected to be usable if errors are reported during installation. If the USB stick was booted in UEFI mode, a UEFI boot entry is automatically created and the system will start booting from the hard drive without further user configuration.

The following network configuration is needed for managing the uCPE device and service deployment: Network connection between the server running the Enea Edge Management application and the laptop. Network connection between the server running the Enea Edge Management application and the uCPE device.

When the installation is complete the uCPE device can be managed in the Enea Edge Management application.

Zero Touch Provisioning is always turned on when a uCPE device connects to the Enea Edge Management application. To enable it in the Enea Edge Management application, an offline configuration needs to be registered for Day-0 configuration. Day-0 configuration is a software lifecycle term referring to early configurations used to put the uCPE device in an active state. Day-1 Configurations are applied after Day-0 and set the uCPE device and its service in an active state. Day-2 Configurations are live configurations on the uCPE device and its service, applied after they have been activated. The offline configuration consists of data and parameters that are meant to be automatically set when a uCPE device connects to the Enea Edge Management application for the first time. The configuration is typically focused on setting up the network management of the uCPE device, e.g. configuring network interfaces, WAN and LAN networking and service chains. For this base configuration, the offline configuration will be left blank. The blank offline configuration can be filled with user-specific values and data once the service is created, which is done after the installation is complete. If the offline configuration is not configured, an alarm will be raised: Day-0 Config:ZTP:Major when the uCPE device tries to connect to the Enea Edge Management application, informing the user that the ZTP setup failed for the uCPE device. Creating an offline configuration In a browser, access the Enea Edge Management application, open Applications and select Offline Config. Create a new offline configuration in the GUI by selecting the Add button and filling in the mandatory fields: name, deviceVersion and deviceId. The name is user defined and can be set to any unique text string identifying the configuration. The deviceVersion must match the Enea Edge Runtime version of the uCPE device and the deviceId must be the previously set identifier of the uCPE device (DeviceId).

In order to enroll a uCPE device in the management system and establish a management connection, the user will add uCPE device information in the Enea Edge Management application. This is accomplished by going to Devices, selecting Manage and then clicking the Add button. The relevant parameters are: Type. The type of device to be added, i.e Enea universal CPE. Name. The name by which the uCPE device is referred to in the Enea Edge Management application. (Mandatory). SSH Port. The NETCONF Port used for communications. Default is set to 830. SSH User Name. The user name for SSH connectivity. Default user is root. SSH Password. Leave this blank. Device Calls Home. This checkbox indicates the direction of uCPE device communications. For a base configuration, leave this flag unchecked. Device ID. The unique identifier of the uCPE device. (Mandatory). For more details concerning Device Calls Home, please see Device Call Home Connection for Deployment behind NAT in the Manual.

When connectivity is established with the Enea Edge Management application and a uCPE device is already registered with a matching Device ID, the installation is complete, and the connection is established. When a uCPE device is registered it can be manually added to the map for overview. Right-click on the map and select Place Device to put the uCPE device on the map. In case of management connection failure (e.g. due to a misconfiguration), the uCPE device status will be seen as RED (disconnected) in the Enea Edge Management application. The uCPE device configuration can be corrected by removing the WAN cable(s), reconnecting the laptop to the LAN interface of the uCPE device and rebooting it. At this point, the Web-installer can be accessed from the laptop as described in Installing Enea Edge - uCPE Device installation in the Manual.

Once the uCPE device is connected to the Enea Edge Management application, it is ready for central management. Two important functions available in the Enea Edge Management GUI are alarm checking and resource allocation. Additionally, the device can be rebooted, the factory settings can be restored or simply the vCPE service can be restarted.

The Enea Edge Management application dashboard presents alarms in a specific window on the front page. An alarm can be easily triggered by disconnecting and reconnecting the WAN ethernet cable from the uCPE device. The management system will detect the broken link and raise an alarm: Device Disconnected::Critical. A separate Alarm Management window can be accessed from the Enea Edge Management menu for in-depth access and programming of Alarms and Events.

When the uCPE device is connected to the Enea Edge Management application it is of interest to check the amount of hardware resources in use. To check CPU, RAM and disk utilization simply select the uCPE device and go to the Virtual Machines tab in the map view. The same view will show active VNFs running on the uCPE device once instantiated.

When the uCPE device is connected to the Enea Edge Management application, it can be rebooted, the factory settings can be restored or simply the vCPE service can be restarted. Select the uCPE device and go to the Operations menu, where the following options are available: Reboot. Reboots the device. Settings will be preserved. Factory reset. Resets the device to its default factory settings. All current configuration settings are lost. All running VNFs are destroyed. All uploaded VM image files are deleted. Existing log files will be kept. Only the vCPE service will be restarted, the device will not be rebooted. No reboot is needed. Once the vCPE service restart completes, appropriate day-0 provisioning will take place. Previously installed custom scripts will be reinstalled on the uCPE device, and upon receiving the custom script(s), the device will reboot. Restart Vcpe. Restarts the vCPE service on the device. The device will not be rebooted.

As a final check to make sure the uCPE device was installed and configured correctly, access the uCPE device Linux CLI by selecting the uCPE device on the map and using the SSH button from the panel. A new window will appear for CLI access. The default user and password are root and blank, respectively. This is a pure Linux CLI providing access to standard Linux CLI commands. The CLI is a central feature for running custom scripting. In case the uCPE device was installed behind a NAT device, the reverse SSH connection will be used. For more details, please see Device Call Home Connection for deployment behind NAT in the Manual.