本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
使用 AWS Ground Station 代理(宽带)的公共广播卫星
此示例建立在用户指南JPSS-1-公共广播卫星 (PBS)-评估 部分所做的分析的基础上。
要完成此示例,您需要假设一个场景,即您要将HRD通信路径捕获为宽带数字中频 (digiF),并使用在 A EC2 mazon 实例 AWS Ground Station 上的代理接收到通信路径时对其进行处理。SDR
注意
实际的JPSSHRD通信路径信号的带宽为 30MHz,但您将配置天线下行链路配置,将其视为带MHz宽为 100 的信号,以便它可以流经正确的路径,供 AWS Ground Station 代理接收。
通信路径
本节介绍第 2 步:规划您的数据流通信路径入门。在本示例中,您需要在 AWS CloudFormation 模板中添加一个未在其他示例(Mappings 部分)中使用过的部分。
注意
有关 AWS CloudFormation 模板内容的更多信息,请参阅模板部分。
首先,您需要在 AWS CloudFormation 模板中为按区域划分 AWS Ground Station 的前缀列表设置映射部分。这样,Amazon EC2 实例安全组就可以轻松引用前缀列表。有关使用前缀列表的更多信息,请参阅VPC使用 AWS Ground Station 代理进行配置。
Mappings: PrefixListId: us-east-2: groundstation: pl-087f83ba4f34e3bea us-west-2: groundstation: pl-0cc36273da754ebdc us-east-1: groundstation: pl-0e5696d987d033653 eu-central-1: groundstation: pl-03743f81267c0a85e sa-east-1: groundstation: pl-098248765e9effc20 ap-northeast-2: groundstation: pl-059b3e0b02af70e4d ap-southeast-1: groundstation: pl-0d9b804fe014a6a99 ap-southeast-2: groundstation: pl-08d24302b8c4d2b73 me-south-1: groundstation: pl-02781422c4c792145 eu-west-1: groundstation: pl-03fa6b266557b0d4f eu-north-1: groundstation: pl-033e44023025215c0 af-south-1: groundstation: pl-0382d923a9d555425
在 “参数” 部分,您将添加以下参数。在通过 AWS CloudFormation 控制台创建堆栈时,您将为这些值指定值。
Parameters: EC2Key: Description: The SSH key used to access the EC2 receiver instance. Choose any SSH key if you are not creating an EC2 receiver instance. For instructions on how to create an SSH key see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: must be the name of an existing EC2 KeyPair. AZ: Description: "The AvailabilityZone that the resources of this stack will be created in. (e.g. us-east-2a)" Type: AWS::EC2::AvailabilityZone::Name ReceiverAMI: Description: The Ground Station Agent AMI ID you want to use. Please note that AMIs are region specific. For instructions on how to retrieve an AMI see https://docs.aws.amazon.com/ground-station/latest/ug/dataflows.ec2-configuration.html#dataflows.ec2-configuration.amis Type: AWS::EC2::Image::Id
注意
您需要创建密钥对,并提供 Amazon EC2 EC2Key 参数的名称。请参阅为您的 Amazon EC2 实例创建密钥对。
此外,在创建 AWS CloudFormation 堆栈时,您需要提供正确的区域特定 AMI ID。请参阅 AWS Ground Station Amazon 机器映像 (AMIs)。
其余的模板片段属于 AWS CloudFormation 模板的 “资源” 部分。
Resources: # Resources that you would like to create should be placed within the Resources section.
考虑到我们向 Amazon EC2 实例提供单一通信路径的场景,您知道您将拥有一条同步传输路径。根据本同步数据传输节,您必须使用 AWS Ground Station 代理设置和配置 Amazon EC2 实例,并创建一个或多个数据流终端节点组。首先,您将首先VPC为 AWS Ground Station 代理设置 Amazon。
ReceiverVPC: Type: AWS::EC2::VPC Properties: EnableDnsSupport: 'true' EnableDnsHostnames: 'true' CidrBlock: 10.0.0.0/16 Tags: - Key: "Name" Value: "AWS Ground Station Example - PBS to AWS Ground Station Agent VPC" - Key: "Description" Value: "VPC for EC2 instance receiving AWS Ground Station data" PublicSubnet: Type: AWS::EC2::Subnet Properties: VpcId: !Ref ReceiverVPC MapPublicIpOnLaunch: 'true' AvailabilityZone: !Ref AZ CidrBlock: 10.0.0.0/20 Tags: - Key: "Name" Value: "AWS Ground Station Example - PBS to AWS Ground Station Agent Public Subnet" - Key: "Description" Value: "Subnet for EC2 instance receiving AWS Ground Station data" RouteTable: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref ReceiverVPC Tags: - Key: Name Value: AWS Ground Station Example - RouteTable RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref RouteTable SubnetId: !Ref PublicSubnet Route: Type: AWS::EC2::Route DependsOn: InternetGateway Properties: RouteTableId: !Ref RouteTable DestinationCidrBlock: '0.0.0.0/0' GatewayId: !Ref InternetGateway InternetGateway: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: AWS Ground Station Example - Internet Gateway GatewayAttachment: Type: AWS::EC2::VPCGatewayAttachment Properties: VpcId: !Ref ReceiverVPC InternetGatewayId: !Ref InternetGateway
注意
有关代理支持的VPC配置的更多信息,请参阅 AWS Ground Station AWS Ground Station 代理要求-VPC 图表。
接下来,您将设置 Receiver Amazon EC2 实例。
# The placement group in which your EC2 instance is placed. ClusterPlacementGroup: Type: AWS::EC2::PlacementGroup Properties: Strategy: cluster # This is required for the EIP if the receiver EC2 instance is in a private subnet. # This ENI must exist in a public subnet, be attached to the receiver and be associated with the EIP. ReceiverInstanceNetworkInterface: Type: AWS::EC2::NetworkInterface Properties: Description: Floating network interface GroupSet: - !Ref InstanceSecurityGroup SubnetId: !Ref PublicSubnet # An EIP providing a fixed IP address for AWS Ground Station to connect to. Attach it to the receiver instance created in the stack. ReceiverInstanceElasticIp: Type: AWS::EC2::EIP Properties: Tags: - Key: Name Value: !Join [ "-" , [ "EIP" , !Ref "AWS::StackName" ] ] # Attach the ENI to the EC2 instance if using a separate public subnet. # Requires the receiver instance to be in a public subnet (SubnetId should be the id of a public subnet) ReceiverNetworkInterfaceAttachment: Type: AWS::EC2::NetworkInterfaceAttachment Properties: DeleteOnTermination: false DeviceIndex: 1 InstanceId: !Ref ReceiverInstance NetworkInterfaceId: !Ref ReceiverInstanceNetworkInterface # Associate EIP with the ENI if using a separate public subnet for the ENI. ReceiverNetworkInterfaceElasticIpAssociation: Type: AWS::EC2::EIPAssociation Properties: AllocationId: !GetAtt [ReceiverInstanceElasticIp, AllocationId] NetworkInterfaceId: !Ref ReceiverInstanceNetworkInterface # The EC2 instance that will send/receive data to/from your satellite using AWS Ground Station. ReceiverInstance: Type: AWS::EC2::Instance DependsOn: PublicSubnet Properties: DisableApiTermination: false IamInstanceProfile: !Ref GeneralInstanceProfile ImageId: !Ref ReceiverAMI AvailabilityZone: !Ref AZ InstanceType: c5.24xlarge KeyName: !Ref EC2Key Monitoring: true PlacementGroupName: !Ref ClusterPlacementGroup SecurityGroupIds: - Ref: InstanceSecurityGroup SubnetId: !Ref PublicSubnet Tags: - Key: Name Value: !Join [ "-" , [ "Receiver" , !Ref "AWS::StackName" ] ] # agentCpuCores list in the AGENT_CONFIG below defines the cores that the AWS Ground Station Agent is allowed to run on. This list can be changed to suit your use-case, however if the agent isn't supplied with enough cores data loss may occur. UserData: Fn::Base64: Fn::Sub: - | #!/bin/bash yum -y update AGENT_CONFIG_PATH="/opt/aws/groundstation/etc/aws-gs-agent-config.json" cat << AGENT_CONFIG > "$AGENT_CONFIG_PATH" { "capabilities": [ "arn:aws:groundstation:${AWS::Region}:${AWS::AccountId}:dataflow-endpoint-group/${DataflowEndpointGroupId}" ], "device": { "privateIps": [ "127.0.0.1" ], "publicIps": [ "${EIP}" ], "agentCpuCores": [ 24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92 ] } } AGENT_CONFIG systemctl start aws-groundstation-agent systemctl enable aws-groundstation-agent # <Tuning Section Start> # Visit the AWS Ground Station Agent Documentation in the User Guide for more details and guidance updates # Set IRQ affinity with list of CPU cores and Receive Side Scaling mask # Core list should be the first two cores (and hyperthreads) on each socket # Mask set to everything currently # https://github.com/torvalds/linux/blob/v4.11/Documentation/networking/scaling.txt#L80-L96 echo "@reboot sudo /opt/aws/groundstation/bin/set_irq_affinity.sh '0 1 48 49' 'ffffffff,ffffffff,ffffffff' >>/var/log/user-data.log 2>&1" >>/var/spool/cron/root # Reserving the port range defined in the GS agent ingress address in the Dataflow Endpoint Group so the kernel doesn't steal any of them from the GS agent. These ports are the ports that the GS agent will ingress data # across, so if the kernel steals one it could cause problems ingressing data onto the instance. echo net.ipv4.ip_local_reserved_ports="42000-50000" >> /etc/sysctl.conf # </Tuning Section End> # We have to reboot for linux kernel settings to apply shutdown -r now - DataflowEndpointGroupId: !Ref DataflowEndpointGroup EIP: !Ref ReceiverInstanceElasticIp
# The AWS Ground Station Dataflow Endpoint Group that defines the endpoints that AWS Ground # Station will use to send/receive data to/from your satellite. DataflowEndpointGroup: Type: AWS::GroundStation::DataflowEndpointGroup Properties: ContactPostPassDurationSeconds: 180 ContactPrePassDurationSeconds: 120 EndpointDetails: - AwsGroundStationAgentEndpoint: Name: !Join [ "-" , [ !Ref "AWS::StackName" , "Downlink" ] ] # needs to match DataflowEndpointConfig name EgressAddress: SocketAddress: Name: 127.0.0.1 Port: 55000 IngressAddress: SocketAddress: Name: !Ref ReceiverInstanceElasticIp PortRange: Minimum: 42000 Maximum: 55000
您还需要相应的策略、角色和配置文件,以便 AWS Ground Station 在您的账户中创建 elastic network interface (ENI)。
# The security group for your EC2 instance. InstanceSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: AWS Ground Station receiver instance security group. VpcId: !Ref ReceiverVPC SecurityGroupEgress: - CidrIp: 0.0.0.0/0 Description: Allow all outbound traffic by default IpProtocol: "-1" SecurityGroupIngress: # To allow SSH access to the instance, add another rule allowing tcp port 22 from your CidrIp - IpProtocol: udp Description: Allow AWS Ground Station Incoming Dataflows ToPort: 50000 FromPort: 42000 SourcePrefixListId: Fn::FindInMap: - PrefixListId - Ref: AWS::Region - groundstation # The EC2 instance assumes this role. InstanceRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Principal: Service: - "ec2.amazonaws.com" Action: - "sts:AssumeRole" Path: "/" ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess - arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role - arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy - arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM - arn:aws:iam::aws:policy/AWSGroundStationAgentInstancePolicy Policies: - PolicyDocument: Statement: - Action: - sts:AssumeRole Effect: Allow Resource: !GetAtt GroundStationKmsKeyRole.Arn Version: "2012-10-17" PolicyName: InstanceGroundStationApiAccessPolicy # The instance profile for your EC2 instance. GeneralInstanceProfile: Type: AWS::IAM::InstanceProfile Properties: Roles: - !Ref InstanceRole # The IAM role that AWS Ground Station will assume to access and use the KMS Key for data delivery GroundStationKmsKeyRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Action: sts:AssumeRole Effect: Allow Principal: Service: - groundstation.amazonaws.com Condition: StringEquals: "aws:SourceAccount": !Ref AWS::AccountId ArnLike: "aws:SourceArn": !Sub "arn:${AWS::Partition}:groundstation:${AWS::Region}:${AWS::AccountId}:mission-profile/*" - Action: sts:AssumeRole Effect: Allow Principal: AWS: !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:root" GroundStationKmsKeyAccessPolicy: Type: AWS::IAM::Policy Properties: PolicyDocument: Statement: - Action: - kms:Decrypt Effect: Allow Resource: !GetAtt GroundStationDataDeliveryKmsKey.Arn PolicyName: GroundStationKmsKeyAccessPolicy Roles: - Ref: GroundStationKmsKeyRole GroundStationDataDeliveryKmsKey: Type: AWS::KMS::Key Properties: KeyPolicy: Statement: - Action: - kms:CreateAlias - kms:Describe* - kms:Enable* - kms:List* - kms:Put* - kms:Update* - kms:Revoke* - kms:Disable* - kms:Get* - kms:Delete* - kms:ScheduleKeyDeletion - kms:CancelKeyDeletion - kms:GenerateDataKey - kms:TagResource - kms:UntagResource Effect: Allow Principal: AWS: !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:root" Resource: "*" - Action: - kms:Decrypt - kms:GenerateDataKeyWithoutPlaintext Effect: Allow Principal: AWS: !GetAtt GroundStationKmsKeyRole.Arn Resource: "*" Condition: StringEquals: "kms:EncryptionContext:sourceAccount": !Ref AWS::AccountId ArnLike: "kms:EncryptionContext:sourceArn": !Sub "arn:${AWS::Partition}:groundstation:${AWS::Region}:${AWS::AccountId}:mission-profile/*" - Action: - kms:CreateGrant Effect: Allow Principal: AWS: !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:root" Resource: "*" Condition: ForAllValues:StringEquals: "kms:GrantOperations": - Decrypt - GenerateDataKeyWithoutPlaintext "kms:EncryptionContextKeys": - sourceArn - sourceAccount ArnLike: "kms:EncryptionContext:sourceArn": !Sub "arn:${AWS::Partition}:groundstation:${AWS::Region}:${AWS::AccountId}:mission-profile/*" StringEquals: "kms:EncryptionContext:sourceAccount": !Ref AWS::AccountId Version: "2012-10-17" EnableKeyRotation: true
AWS Ground Station 配置
本节介绍步骤 3:创建配置入门。
你需要一个跟踪配置来设置你使用自动追踪的偏好。选择PREFERRED自动跟踪可以提高信号质量,但由于星历质量足够 JPSS -1,因此不需要满足信号质量。
TrackingConfig: Type: AWS::GroundStation::Config Properties: Name: "JPSS Tracking Config" ConfigData: TrackingConfig: Autotrack: "PREFERRED"
根据通信路径,您需要定义代表卫星部分的天线下行链路配置,以及用于引用定义端点详细信息的数据流端点组的数据流端点配置。
# The AWS Ground Station Antenna Downlink Config that defines the frequency spectrum used to # downlink data from your satellite. SnppJpssDownlinkDigIfAntennaConfig: Type: AWS::GroundStation::Config Properties: Name: "SNPP JPSS Downlink WBDigIF Antenna Config" ConfigData: AntennaDownlinkConfig: SpectrumConfig: Bandwidth: Units: "MHz" Value: 100 CenterFrequency: Units: "MHz" Value: 7812 Polarization: "RIGHT_HAND" # The AWS Ground Station Dataflow Endpoint Config that defines the endpoint used to downlink data # from your satellite. DownlinkDigIfEndpointConfig: Type: AWS::GroundStation::Config Properties: Name: "Aqua SNPP JPSS Terra Downlink DigIF Endpoint Config" ConfigData: DataflowEndpointConfig: DataflowEndpointName: !Join [ "-" , [ !Ref "AWS::StackName" , "Downlink" ] ] DataflowEndpointRegion: !Ref AWS::Region
AWS Ground Station 任务简介
本节介绍步骤 4:创建任务档案入门。
现在你已经有了相关的配置,你可以用它们来构造数据流。其余参数将使用默认值。
# The AWS Ground Station Mission Profile that groups the above configurations to define how to # uplink and downlink data to your satellite. SnppJpssMissionProfile: Type: AWS::GroundStation::MissionProfile Properties: Name: !Sub 'JPSS WBDigIF gs-agent EC2 Delivery' ContactPrePassDurationSeconds: 120 ContactPostPassDurationSeconds: 120 MinimumViableContactDurationSeconds: 180 TrackingConfigArn: !Ref TrackingConfig DataflowEdges: - Source: !Ref SnppJpssDownlinkDigIfAntennaConfig Destination: !Ref DownlinkDigIfEndpointConfig StreamsKmsKey: KmsKeyArn: !GetAtt GroundStationDataDeliveryKmsKey.Arn StreamsKmsRole: !GetAtt GroundStationKmsKeyRole.Arn
把它放在一起
利用上述资源,您现在可以安排 JPSS -1 个联系人,以便从任何已上线人员同步传送数据。 AWS Ground Station AWS Ground Station 地点
以下是一个完整的 AWS CloudFormation 模板,其中包括本节中描述的所有资源,这些资源组合成一个可以直接在中使用的模板 AWS CloudFormation。
名DirectBroadcastSatelliteWbDigIfEc2DataDelivery.yml为的 AWS CloudFormation 模板旨在让你快速访问开始接收 Aqua SNPP、JPSS NOAA -1/ -20 和 Terra 卫星的数字化中频 (digiF) 数据。它包含一个 Amazon EC2 实例和使用 AWS Ground Station 代理接收原始的 digiF 直接广播数据所需的 AWS CloudFormation 资源。
如果您的账户未加SNPP载 Aqua、、JPSS NOAA -1/ -20 和 Terra,请参阅。第 1 步:机载卫星
注意
您可以通过访问客户入门的 Amazon S3 存储桶来访问该模板。以下链接使用区域性 Amazon S3 存储桶。更改us-west-2区域代码以表示要在其中创建 AWS CloudFormation
堆栈的相应区域。
此外,还使用以下说明YAML。但是,模板有两种YAMLJSON格式可供选择。要使用JSON,请在下载模板.json时将.yml文件扩展名替换为。
要使用下载模板 AWS CLI,请使用以下命令:
aws s3 cp s3://groundstation-cloudformation-templates-us-west-2/agent/ec2_delivery/DirectBroadcastSatelliteWbDigIfEc2DataDelivery.yml .
通过在浏览器中导航到以下内容,可以在控制台URL中查看和下载模板:
https://s3.console.aws.amazon.com/s3/object/groundstation-cloudformation-templates-us-west-2/agent/ec2_delivery/DirectBroadcastSatelliteWbDigIfEc2DataDelivery.yml
您可以使用以下链接直接在中 AWS CloudFormation 指定模板:
https://groundstation-cloudformation-templates-us-west-2.s3.us-west-2.amazonaws.com/agent/ec2_delivery/DirectBroadcastSatelliteWbDigIfEc2DataDelivery.yml
该模板定义了哪些其他资源?
该DirectBroadcastSatelliteWbDigIfEc2DataDelivery模板包括以下其他资源:
-
接收方实例弹性网络接口-(视情况而定)在指定的子网中创建弹性网络接口(PublicSubnetId如果提供)。如果接收方实例位于私有子网中,则需要这样做。elastic network interface 将与关联EIP并连接到接收器实例。
-
接收器实例弹性 IP- AWS Ground Station 将连接到的弹性 IP。这会连接到接收器实例或 elastic network 接口。
-
以下弹性 IP 关联之一:
-
接收器实例与弹性 IP 关联-弹性 IP 与您的接收器实例的关联(如果PublicSubnetId未指定)。这需要SubnetId引用公有子网。
-
接收方实例与弹性 IP 关联的弹性网络接口-弹性 IP 与接收方实例弹性网络接口的关联(PublicSubnetId如果已指定)。
-
-
(可选)CloudWatch 事件触发器-使用联系 AWS Ground Station 前后发送 CloudWatch 的事件触发的 AWS Lambda 函数。该 AWS Lambda 函数将启动并有选择地停止您的接收器实例。
-
(可选)亚马逊联系人EC2验证-使用 Lambda 为带有SNS通知的联系人设置亚马逊EC2实例的验证系统的选项。需要注意的是,这可能会产生费用,具体取决于您当前的使用情况。
-
其他任务概况 ——其他公共广播卫星(Aqua和Terra)的任务概况。SNPP
-
其他天线下行链路配置——其他公共广播卫星(Aqua 和Terra)的天线下行链路配置。SNPP
已填充此模板中卫星的值和参数。这些参数使您可以轻松地 AWS Ground Station 立即使用这些卫星。使用此模板 AWS Ground Station 时,您无需配置自己的值即可使用。但是,您可以自定义这些值以使模板适用于您的使用案例。
我可以在哪里接收我的数据?
数据流终端节点组设置为使用此模板的一部分创建的接收实例网络接口。接收器实例使用 AWS Ground Station 代理从数据流端 AWS Ground Station 点定义的端口接收数据流。有关设置数据流终端节点组的更多信息,请参阅 AWS::GroundStation::DataflowEndpoint组。有关 AWS Ground Station 代理的更多信息,请参阅什么是代 AWS Ground Station 理?
