本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
公共廣播衛星利用 AWS Ground Station 代理 (寬帶)
此範例以使用者指南一JPSS-1-公共廣播衛星(PBS)-評估 節中完成的分析為基礎。
若要完成此範例,您需要假設一個案例-您想要以寬頻數位中間頻率 (DigIF) 的形 AWS Ground Station 式擷取HRD通訊路徑 EC2 Amazon 並使用. SDR
注意
實際JPSSHRD通訊路徑訊號的頻寬為 30MHz,但您需要設定天線下行連結設定,將其視為具有 100 MHz 頻寬的訊號,以便在此範例中流經 AWS Ground Station 代理程式接收的正確路徑。
通訊路徑
本節表示入門步驟 2:規劃資料流通訊路徑的內容。在此範例中,您需要範 AWS CloudFormation 本中的其他區段,而其他範例「對應」區段中尚未使用過。
注意
如需 AWS CloudFormation 範本內容的詳細資訊,請參閱範本區段。
首先,您可以在 AWS CloudFormation 模板中為按地區設置 AWS Ground Station 前綴列表的映射部分。這可讓 Amazon EC2 執行個體安全群組輕鬆參考前置詞清單。如需有關使用字首清單的更多資訊,請參閱VPC 使用 AWS Ground Station 客服人員進行組態。
Mappings: PrefixListId: us-east-2: groundstation: pl-087f83ba4f34e3bea us-west-2: groundstation: pl-0cc36273da754ebdc us-east-1: groundstation: pl-0e5696d987d033653 eu-central-1: groundstation: pl-03743f81267c0a85e sa-east-1: groundstation: pl-098248765e9effc20 ap-northeast-2: groundstation: pl-059b3e0b02af70e4d ap-southeast-1: groundstation: pl-0d9b804fe014a6a99 ap-southeast-2: groundstation: pl-08d24302b8c4d2b73 me-south-1: groundstation: pl-02781422c4c792145 eu-west-1: groundstation: pl-03fa6b266557b0d4f eu-north-1: groundstation: pl-033e44023025215c0 af-south-1: groundstation: pl-0382d923a9d555425
對於參數部分,您將添加以下參數。透過 AWS CloudFormation 主控台建立堆疊時,您將指定這些值。
Parameters: EC2Key: Description: The SSH key used to access the EC2 receiver instance. Choose any SSH key if you are not creating an EC2 receiver instance. For instructions on how to create an SSH key see https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: must be the name of an existing EC2 KeyPair. AZ: Description: "The AvailabilityZone that the resources of this stack will be created in. (e.g. us-east-2a)" Type: AWS::EC2::AvailabilityZone::Name ReceiverAMI: Description: The Ground Station Agent AMI ID you want to use. Please note that AMIs are region specific. For instructions on how to retrieve an AMI see https://docs.aws.amazon.com/ground-station/latest/ug/dataflows.ec2-configuration.html#dataflows.ec2-configuration.amis Type: AWS::EC2::Image::Id
注意
您需要創建一個 key pair,並提供 Amazon EC2 EC2Key
參數的名稱。請參閱為您的 Amazon EC2 執行個體建立 key pair。
此外,在建立 AWS CloudFormation 堆疊時,您需要提供正確的區域特定 AMI ID。請參閱AWS Ground Station Amazon Machine Images (AMIs)。
其餘的範本程式碼片段屬於範 AWS CloudFormation 本的 [資源] 區段中。
Resources: # Resources that you would like to create should be placed within the Resources section.
根據我們提供單一通訊路徑到 Amazon EC2 執行個體的案例,您知道您將擁有單一同步交付路徑。根據此同步資料傳送區段,您必須使用 AWS Ground Station 代理程式設定和設定 Amazon EC2 執行個體,以及建立一或多個資料流端點群組。首先,您將首先VPC為 AWS Ground Station 代理設置 Amazon 開始。
ReceiverVPC: Type: AWS::EC2::VPC Properties: EnableDnsSupport: 'true' EnableDnsHostnames: 'true' CidrBlock: 10.0.0.0/16 Tags: - Key: "Name" Value: "AWS Ground Station Example - PBS to AWS Ground Station Agent VPC" - Key: "Description" Value: "VPC for EC2 instance receiving AWS Ground Station data" PublicSubnet: Type: AWS::EC2::Subnet Properties: VpcId: !Ref ReceiverVPC MapPublicIpOnLaunch: 'true' AvailabilityZone: !Ref AZ CidrBlock: 10.0.0.0/20 Tags: - Key: "Name" Value: "AWS Ground Station Example - PBS to AWS Ground Station Agent Public Subnet" - Key: "Description" Value: "Subnet for EC2 instance receiving AWS Ground Station data" RouteTable: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref ReceiverVPC Tags: - Key: Name Value: AWS Ground Station Example - RouteTable RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref RouteTable SubnetId: !Ref PublicSubnet Route: Type: AWS::EC2::Route DependsOn: InternetGateway Properties: RouteTableId: !Ref RouteTable DestinationCidrBlock: '0.0.0.0/0' GatewayId: !Ref InternetGateway InternetGateway: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: AWS Ground Station Example - Internet Gateway GatewayAttachment: Type: AWS::EC2::VPCGatewayAttachment Properties: VpcId: !Ref ReceiverVPC InternetGatewayId: !Ref InternetGateway
注意
如需 AWS Ground Station 代理程式支援之VPC組態的詳細資訊,請參閱AWS Ground Station 代理程式需求-VPC 圖表。
接下來,您將設置接收器 Amazon EC2 實例。
# The placement group in which your EC2 instance is placed. ClusterPlacementGroup: Type: AWS::EC2::PlacementGroup Properties: Strategy: cluster # This is required for the EIP if the receiver EC2 instance is in a private subnet. # This ENI must exist in a public subnet, be attached to the receiver and be associated with the EIP. ReceiverInstanceNetworkInterface: Type: AWS::EC2::NetworkInterface Properties: Description: Floating network interface GroupSet: - !Ref InstanceSecurityGroup SubnetId: !Ref PublicSubnet # An EIP providing a fixed IP address for AWS Ground Station to connect to. Attach it to the receiver instance created in the stack. ReceiverInstanceElasticIp: Type: AWS::EC2::EIP Properties: Tags: - Key: Name Value: !Join [ "-" , [ "EIP" , !Ref "AWS::StackName" ] ] # Attach the ENI to the EC2 instance if using a separate public subnet. # Requires the receiver instance to be in a public subnet (SubnetId should be the id of a public subnet) ReceiverNetworkInterfaceAttachment: Type: AWS::EC2::NetworkInterfaceAttachment Properties: DeleteOnTermination: false DeviceIndex: 1 InstanceId: !Ref ReceiverInstance NetworkInterfaceId: !Ref ReceiverInstanceNetworkInterface # Associate EIP with the ENI if using a separate public subnet for the ENI. ReceiverNetworkInterfaceElasticIpAssociation: Type: AWS::EC2::EIPAssociation Properties: AllocationId: !GetAtt [ReceiverInstanceElasticIp, AllocationId] NetworkInterfaceId: !Ref ReceiverInstanceNetworkInterface # The EC2 instance that will send/receive data to/from your satellite using AWS Ground Station. ReceiverInstance: Type: AWS::EC2::Instance DependsOn: PublicSubnet Properties: DisableApiTermination: false IamInstanceProfile: !Ref GeneralInstanceProfile ImageId: !Ref ReceiverAMI AvailabilityZone: !Ref AZ InstanceType: c5.24xlarge KeyName: !Ref EC2Key Monitoring: true PlacementGroupName: !Ref ClusterPlacementGroup SecurityGroupIds: - Ref: InstanceSecurityGroup SubnetId: !Ref PublicSubnet Tags: - Key: Name Value: !Join [ "-" , [ "Receiver" , !Ref "AWS::StackName" ] ] # agentCpuCores list in the AGENT_CONFIG below defines the cores that the AWS Ground Station Agent is allowed to run on. This list can be changed to suit your use-case, however if the agent isn't supplied with enough cores data loss may occur. UserData: Fn::Base64: Fn::Sub: - | #!/bin/bash yum -y update AGENT_CONFIG_PATH="/opt/aws/groundstation/etc/aws-gs-agent-config.json" cat << AGENT_CONFIG > "$AGENT_CONFIG_PATH" { "capabilities": [ "arn:aws:groundstation:${AWS::Region}:${AWS::AccountId}:dataflow-endpoint-group/${DataflowEndpointGroupId}" ], "device": { "privateIps": [ "127.0.0.1" ], "publicIps": [ "${EIP}" ], "agentCpuCores": [ 24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92 ] } } AGENT_CONFIG systemctl start aws-groundstation-agent systemctl enable aws-groundstation-agent # <Tuning Section Start> # Visit the AWS Ground Station Agent Documentation in the User Guide for more details and guidance updates # Set IRQ affinity with list of CPU cores and Receive Side Scaling mask # Core list should be the first two cores (and hyperthreads) on each socket # Mask set to everything currently # https://github.com/torvalds/linux/blob/v4.11/Documentation/networking/scaling.txt#L80-L96 echo "@reboot sudo /opt/aws/groundstation/bin/set_irq_affinity.sh '0 1 48 49' 'ffffffff,ffffffff,ffffffff' >>/var/log/user-data.log 2>&1" >>/var/spool/cron/root # Reserving the port range defined in the GS agent ingress address in the Dataflow Endpoint Group so the kernel doesn't steal any of them from the GS agent. These ports are the ports that the GS agent will ingress data # across, so if the kernel steals one it could cause problems ingressing data onto the instance. echo net.ipv4.ip_local_reserved_ports="42000-50000" >> /etc/sysctl.conf # </Tuning Section End> # We have to reboot for linux kernel settings to apply shutdown -r now - DataflowEndpointGroupId: !Ref DataflowEndpointGroup EIP: !Ref ReceiverInstanceElasticIp
# The AWS Ground Station Dataflow Endpoint Group that defines the endpoints that AWS Ground # Station will use to send/receive data to/from your satellite. DataflowEndpointGroup: Type: AWS::GroundStation::DataflowEndpointGroup Properties: ContactPostPassDurationSeconds: 180 ContactPrePassDurationSeconds: 120 EndpointDetails: - AwsGroundStationAgentEndpoint: Name: !Join [ "-" , [ !Ref "AWS::StackName" , "Downlink" ] ] # needs to match DataflowEndpointConfig name EgressAddress: SocketAddress: Name: 127.0.0.1 Port: 55000 IngressAddress: SocketAddress: Name: !Ref ReceiverInstanceElasticIp PortRange: Minimum: 42000 Maximum: 55000
您也需要適當的原則、角色和設定檔,才能 AWS Ground Station 在您的帳戶中建立 elastic network interface (ENI)。
# The security group for your EC2 instance. InstanceSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: AWS Ground Station receiver instance security group. VpcId: !Ref ReceiverVPC SecurityGroupEgress: - CidrIp: 0.0.0.0/0 Description: Allow all outbound traffic by default IpProtocol: "-1" SecurityGroupIngress: # To allow SSH access to the instance, add another rule allowing tcp port 22 from your CidrIp - IpProtocol: udp Description: Allow AWS Ground Station Incoming Dataflows ToPort: 50000 FromPort: 42000 SourcePrefixListId: Fn::FindInMap: - PrefixListId - Ref: AWS::Region - groundstation # The EC2 instance assumes this role. InstanceRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Principal: Service: - "ec2.amazonaws.com" Action: - "sts:AssumeRole" Path: "/" ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess - arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role - arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy - arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM - arn:aws:iam::aws:policy/AWSGroundStationAgentInstancePolicy Policies: - PolicyDocument: Statement: - Action: - sts:AssumeRole Effect: Allow Resource: !GetAtt GroundStationKmsKeyRole.Arn Version: "2012-10-17" PolicyName: InstanceGroundStationApiAccessPolicy # The instance profile for your EC2 instance. GeneralInstanceProfile: Type: AWS::IAM::InstanceProfile Properties: Roles: - !Ref InstanceRole # The IAM role that AWS Ground Station will assume to access and use the KMS Key for data delivery GroundStationKmsKeyRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Action: sts:AssumeRole Effect: Allow Principal: Service: - groundstation.amazonaws.com Condition: StringEquals: "aws:SourceAccount": !Ref AWS::AccountId ArnLike: "aws:SourceArn": !Sub "arn:${AWS::Partition}:groundstation:${AWS::Region}:${AWS::AccountId}:mission-profile/*" - Action: sts:AssumeRole Effect: Allow Principal: AWS: !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:root" GroundStationKmsKeyAccessPolicy: Type: AWS::IAM::Policy Properties: PolicyDocument: Statement: - Action: - kms:Decrypt Effect: Allow Resource: !GetAtt GroundStationDataDeliveryKmsKey.Arn PolicyName: GroundStationKmsKeyAccessPolicy Roles: - Ref: GroundStationKmsKeyRole GroundStationDataDeliveryKmsKey: Type: AWS::KMS::Key Properties: KeyPolicy: Statement: - Action: - kms:CreateAlias - kms:Describe* - kms:Enable* - kms:List* - kms:Put* - kms:Update* - kms:Revoke* - kms:Disable* - kms:Get* - kms:Delete* - kms:ScheduleKeyDeletion - kms:CancelKeyDeletion - kms:GenerateDataKey - kms:TagResource - kms:UntagResource Effect: Allow Principal: AWS: !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:root" Resource: "*" - Action: - kms:Decrypt - kms:GenerateDataKeyWithoutPlaintext Effect: Allow Principal: AWS: !GetAtt GroundStationKmsKeyRole.Arn Resource: "*" Condition: StringEquals: "kms:EncryptionContext:sourceAccount": !Ref AWS::AccountId ArnLike: "kms:EncryptionContext:sourceArn": !Sub "arn:${AWS::Partition}:groundstation:${AWS::Region}:${AWS::AccountId}:mission-profile/*" - Action: - kms:CreateGrant Effect: Allow Principal: AWS: !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:root" Resource: "*" Condition: ForAllValues:StringEquals: "kms:GrantOperations": - Decrypt - GenerateDataKeyWithoutPlaintext "kms:EncryptionContextKeys": - sourceArn - sourceAccount ArnLike: "kms:EncryptionContext:sourceArn": !Sub "arn:${AWS::Partition}:groundstation:${AWS::Region}:${AWS::AccountId}:mission-profile/*" StringEquals: "kms:EncryptionContext:sourceAccount": !Ref AWS::AccountId Version: "2012-10-17" EnableKeyRotation: true
AWS Ground Station 配置
本節表示入門第 3 步:創建配置的內容。
您需要一個跟踪配置來設置使用自動跟踪的首選項。選擇PREFERRED自動追蹤可以改善訊號品質,但由於足夠的 JPSS -1 星曆品質,因此不需要符合訊號品質。
TrackingConfig: Type: AWS::GroundStation::Config Properties: Name: "JPSS Tracking Config" ConfigData: TrackingConfig: Autotrack: "PREFERRED"
根據通訊路徑,您需要定義一個天線下載連結配置來代表衛星部分,以及一個資料遠端配置,以參照定義端點詳細資訊的資料流端點群組。
# The AWS Ground Station Antenna Downlink Config that defines the frequency spectrum used to # downlink data from your satellite. SnppJpssDownlinkDigIfAntennaConfig: Type: AWS::GroundStation::Config Properties: Name: "SNPP JPSS Downlink WBDigIF Antenna Config" ConfigData: AntennaDownlinkConfig: SpectrumConfig: Bandwidth: Units: "MHz" Value: 100 CenterFrequency: Units: "MHz" Value: 7812 Polarization: "RIGHT_HAND" # The AWS Ground Station Dataflow Endpoint Config that defines the endpoint used to downlink data # from your satellite. DownlinkDigIfEndpointConfig: Type: AWS::GroundStation::Config Properties: Name: "Aqua SNPP JPSS Terra Downlink DigIF Endpoint Config" ConfigData: DataflowEndpointConfig: DataflowEndpointName: !Join [ "-" , [ !Ref "AWS::StackName" , "Downlink" ] ] DataflowEndpointRegion: !Ref AWS::Region
AWS Ground Station 任務設定檔
本節表示入門步驟 4:建立任務檔案的內容。
現在您已經擁有了關聯的配置,您可以使用它們來構建數據流。您將使用其餘參數的預設值。
# The AWS Ground Station Mission Profile that groups the above configurations to define how to # uplink and downlink data to your satellite. SnppJpssMissionProfile: Type: AWS::GroundStation::MissionProfile Properties: Name: !Sub 'JPSS WBDigIF gs-agent EC2 Delivery' ContactPrePassDurationSeconds: 120 ContactPostPassDurationSeconds: 120 MinimumViableContactDurationSeconds: 180 TrackingConfigArn: !Ref TrackingConfig DataflowEdges: - Source: !Ref SnppJpssDownlinkDigIfAntennaConfig Destination: !Ref DownlinkDigIfEndpointConfig StreamsKmsKey: KmsKeyArn: !GetAtt GroundStationDataDeliveryKmsKey.Arn StreamsKmsRole: !GetAtt GroundStationKmsKeyRole.Arn
把它放在一起
有了上述資源,您現在可以安排 JPSS -1 個聯繫人,以便從任何已登 AWS Ground Station AWS Ground Station 位置錄的同步數據傳遞。
以下是一個完整的 AWS CloudFormation 模板,其中包括本節中描述的所有資源合併為可直接在中使用的單個模板 AWS CloudFormation。
命名的 AWS CloudFormation 模板DirectBroadcastSatelliteWbDigIfEc2DataDelivery.yml
旨在讓您快速訪問開始接收數字化中間頻率(DigIF)數據的水族SNPP,JPSS-1/ NOAA -20 和兵馬俑衛星。它包含 Amazon EC2 執行個體和使用 AWS Ground Station 代理程式接收原始 DigIF 直接廣播資料所需的 AWS CloudFormation 資源。
如果 Aqua SNPP、JPSS -1/ NOAA -20 和 Terra 尚未登入您的帳戶,請參閱。步驟 1:加入衛星
注意
您可以存取客戶上線 Amazon S3 儲存貯體來存取範本。以下連結使用區域性 Amazon S3 儲存貯體。變更us-west-2
區域代碼以代表您要在其中建立 AWS CloudFormation
堆疊的對應區域。
此外,下列指示也會使用YAML。但是,範本以YAML和JSON格式提供。若要使用JSON,請在下載範本.json
時將副.yml
檔名取代為。
若要使用下載範本 AWS CLI,請使用下列命令:
aws s3 cp s3://groundstation-cloudformation-templates-us-west-2/agent/ec2_delivery/DirectBroadcastSatelliteWbDigIfEc2DataDelivery.yml .
您可以在瀏覽器中瀏覽至下列項目,在主控台URL中檢視和下載範本:
https://s3.console.aws.amazon.com/s3/object/groundstation-cloudformation-templates-us-west-2/agent/ec2_delivery/DirectBroadcastSatelliteWbDigIfEc2DataDelivery.yml
您可以使用以下連結直 AWS CloudFormation 接在中指定樣板:
https://groundstation-cloudformation-templates-us-west-2.s3.us-west-2.amazonaws.com/agent/ec2_delivery/DirectBroadcastSatelliteWbDigIfEc2DataDelivery.yml
範本定義了哪些其他資源?
該DirectBroadcastSatelliteWbDigIfEc2DataDelivery
模板包括以下其他資源:
-
接收器執行個體 elastic network interface-(條件式) 在指定的子網路中建立彈性網路介面 (PublicSubnetId若有提供)。如果接收器執行個體位於私有子網路中,這是必要的。elastic network interface 將與接收器執行個體相關聯,EIP並連接至接收器執行個體。
-
接收器實例彈性 IP- AWS Ground Station 將連接到的彈性 IP。這附加到接收器實例或 elastic network interface。
-
下列其中一個彈性 IP 關聯:
-
接收者執行個體與彈性 IP 關聯-如果PublicSubnetId未指定彈性 IP 與接收器執行個體的關聯。這需要SubnetId引用公共子網路。
-
接收者執行個體 elastic network interface 與彈性 IP 關聯-彈性 IP 與接收者執行個體彈性網路介面的關聯 (若PublicSubnetId有指定)。
-
-
(選擇性) CloudWatch 事件觸發 AWS Lambda 器-使用連絡人 AWS Ground Station 前後傳送的 CloudWatch 事件觸發的函數。該 AWS Lambda 功能將啟動並選擇性地停止您的接收者實例。
-
(選用) Amazon 聯絡人EC2驗證-使用 Lambda 為具有SNS通知的聯絡人設定 Amazon EC2 執行個體驗證系統的選項。重要的是要注意,這可能會產生費用,具體取決於您當前的使用情況。
-
其他任務配置文件-額外的公共廣播衛星(水族SNPP,和 Terra)的任務配置文件。
-
額外的天線下行配置-額外的公共廣播衛星(水族和 T erra)的天線下行鏈路配置。SNPP
在此範本中,衛星的值和參數已經產生。這些參數使您可以輕鬆地 AWS Ground Station 立即與這些衛星一起使用。您不需要配置自己的值,以便在使用此模板 AWS Ground Station 時使用。但是,您可以自訂這些值,讓範本適用於您的使用案例。
我可以在什麼地方接收我的資料?
資料流程端點群組的設定,是使用以範本的一部分建立的接收器執行個體網路界面。接收器執行個體使用 AWS Ground Station 代理程式從資料流端 AWS Ground Station 點定義的連接埠接收資料串流。如需有關設定資料流端點群組的詳細資訊,請參閱 AWS::GroundStation::DataflowEndpoint群組。如需 AWS Ground Station 代理程式的詳細資訊,請參閱什麼是 AWS Ground Station 代理程式?