{"id":225,"date":"2016-08-31T06:13:34","date_gmt":"2016-08-31T06:13:34","guid":{"rendered":"http:\/\/bene.webtopia.ch\/?p=225"},"modified":"2016-08-31T06:13:34","modified_gmt":"2016-08-31T06:13:34","slug":"unifi-install-a-unifi-cloud-controller-on-amazon-web-services","status":"publish","type":"post","link":"https:\/\/bene.webtopia.ch\/?p=225","title":{"rendered":"UniFi &#8211; Install a UniFi Cloud Controller on Amazon Web Services"},"content":{"rendered":"<header class=\"article__header\">\n<h1><time title=\"2016-08-10 23:48\" datetime=\"2016-08-10T21:48:14Z\" data-datetime=\"calendar\">August 10, 2016 23:48<\/time><\/h1>\n<\/header>\n<div class=\"article-body markdown\">\n<p><span class=\"wysiwyg-font-size-x-large\">Overview<\/span><\/p>\n<hr \/>\n<p>Readers will learn how to launch an Amazon Web Services (AWS) Virtual Machine\u00a0using the Ubuntu Server x64 AMI, connect to the server using SSH, and install the latest UniFi Controller software.<\/p>\n<p>Amazon Web Services currently offers a &#8222;<a href=\"https:\/\/aws.amazon.com\/free\/\" target=\"_blank\">Free Tier<\/a>&#8220; VM\u00a0for twelve months for new users consisting of a t2.micro instance with 1 vCPU, 1GiB of memory and 30GiB of Storage with a variety of operating systems. \u00a0When the Free Tier period expires, your VM will continue to operate as normal and the services will be billed on a monthly basis. \u00a0For more details on pricing, see <a href=\"https:\/\/aws.amazon.com\/ec2\/pricing\/\" target=\"_blank\">Amazon EC2 Pricing<\/a>.<\/p>\n<p>This article walks you through the process of launching an instance that meets the Free Tier eligibility criteria, but you are free to choose a larger instance type or a larger storage volume.<\/p>\n<p>The Free Tier type typically provides\u00a0enough resources to support\u00a0small to medium UniFi deployments. \u00a0You can always upgrade your Instance Type and Storage Volume in the future after you have launched your VM.<\/p>\n<p><span class=\"wysiwyg-font-size-x-large\">Log In \/ Register and Launch an Instance<\/span><\/p>\n<hr \/>\n<p>Step 1: Log in or register\u00a0a new AWS account at <a href=\"https:\/\/aws.amazon.com\/\" target=\"_blank\">https:\/\/aws.amazon.com\/<\/a><\/p>\n<p>Step 2: Once logged in to the AWS Console, choose the datacenter Region closest to where your UniFi devices will be deployed\u00a0by using the link at the top-right of the screen, between your name and the Support link. This will ensure the lowest latency between your UniFi Controller and the devices it manages.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/203015968\/Screen_Shot_2015-09-07_at_5.03.32_PM.png\" alt=\"\" width=\"799\" height=\"476\" \/><\/p>\n<p>Step 3: From the AWS Console, under Computer, choose EC2.<\/p>\n<p>Step 4: Under Create Instance, click\u00a0Launch Instance to start the Create Instance Wizard.<\/p>\n<p><span class=\"wysiwyg-font-size-x-large\">Create the AWS Instance<\/span><\/p>\n<hr \/>\n<p><strong>Step 1:<\/strong> Choose an Amazon Machine Image (AMI). \u00a0For this article, we will be using Ubuntu, but you can select Debian if you prefer. \u00a0Search for and select <em>Ubuntu Server 14.04 LTS (HVM), SSD Volume Type<\/em>. Notice it is labelled\u00a0\u201cFree tier eligible\u201d. Click Next.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/203015808\/Screen_Shot_2015-09-07_at_5.04.19_PM.png\" alt=\"\" width=\"800\" height=\"476\" \/><\/p>\n<p><strong>Step 2:<\/strong> Choose an Instance Type. Select the General purpose, <em>t2.micro<\/em> instance type. The t2.micro has 1 vCPU, 1GiB of memory, and is Free tier eligible. Click Next.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/202945457\/Screen_Shot_2015-09-07_at_5.04.30_PM.png\" alt=\"\" width=\"801\" height=\"477\" \/><\/p>\n<p><strong>Step 3:<\/strong> Configure Instance Details. Leave all settings as default. You may wish to check\u00a0<em>Enable termination protection &#8211; Protect against accidental termination<\/em>, which makes sure you can&#8217;t\u00a0delete the instance\u00a0by accident (this can be disabled in the future). Click Next.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/202945467\/Screen_Shot_2015-09-07_at_5.04.57_PM.png\" alt=\"\" width=\"799\" height=\"476\" \/><\/p>\n<p><strong>Step 4:<\/strong> Add Storage. AWS provides up to 30 GiB of EBS storage. Change the Size (GiB) of \/dev\/sda1 to <em>30GiB<\/em>. Click Next.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/203015818\/Screen_Shot_2015-09-07_at_5.05.15_PM.png\" alt=\"\" width=\"799\" height=\"476\" \/><\/p>\n<p><strong>Step 5:<\/strong> Tag Instance. Tags are optional, and not required in our scenario. Click Next.<\/p>\n<p><strong>Step 6:<\/strong> Configure Security Group. AWS uses Security Groups to define firewall rules.<\/p>\n<ul>\n<li>Assign a security group: <em>Create a new security group<\/em><\/li>\n<li>Security group name: <em>UniFi Controller<\/em><\/li>\n<li>Description: <em>(describe your controller)<\/em><\/li>\n<li>Configure the rules as follows:<\/li>\n<\/ul>\n<table border=\"1\">\n<tbody>\n<tr>\n<td class=\"wysiwyg-text-align-center\"><strong>Type<\/strong><\/td>\n<td class=\"wysiwyg-text-align-center\"><strong>Protocol<\/strong><\/td>\n<td class=\"wysiwyg-text-align-center\"><strong>Port Range<\/strong><\/td>\n<td class=\"wysiwyg-text-align-center\"><strong>Source<\/strong><\/td>\n<\/tr>\n<tr>\n<td class=\"wysiwyg-text-align-center\">SSH<\/td>\n<td class=\"wysiwyg-text-align-center\">TCP<\/td>\n<td class=\"wysiwyg-text-align-center\">22<\/td>\n<td class=\"wysiwyg-text-align-center\">Anywhere 0.0.0.0\/0<\/td>\n<\/tr>\n<tr>\n<td class=\"wysiwyg-text-align-center\">Custom TCP Rule<\/td>\n<td class=\"wysiwyg-text-align-center\">TCP<\/td>\n<td class=\"wysiwyg-text-align-center\">8080<\/td>\n<td class=\"wysiwyg-text-align-center\">Anywhere 0.0.0.0\/0<\/td>\n<\/tr>\n<tr>\n<td class=\"wysiwyg-text-align-center\">Custom TCP Rule<\/td>\n<td class=\"wysiwyg-text-align-center\">TCP<\/td>\n<td class=\"wysiwyg-text-align-center\">8443<\/td>\n<td class=\"wysiwyg-text-align-center\">Anywhere 0.0.0.0\/0<\/td>\n<\/tr>\n<tr>\n<td class=\"wysiwyg-text-align-center\">Custom TCP Rule<\/td>\n<td class=\"wysiwyg-text-align-center\">TCP<\/td>\n<td class=\"wysiwyg-text-align-center\">8843<\/td>\n<td class=\"wysiwyg-text-align-center\">Anywhere 0.0.0.0\/0<\/td>\n<\/tr>\n<tr>\n<td class=\"wysiwyg-text-align-center\">Custom TCP Rule<\/td>\n<td class=\"wysiwyg-text-align-center\">TCP<\/td>\n<td class=\"wysiwyg-text-align-center\">8880<\/td>\n<td class=\"wysiwyg-text-align-center\">Anywhere 0.0.0.0\/0<\/td>\n<\/tr>\n<tr>\n<td class=\"wysiwyg-text-align-center\">Custom UDP Rule<\/td>\n<td class=\"wysiwyg-text-align-center\">UDP<\/td>\n<td class=\"wysiwyg-text-align-center\">3478<\/td>\n<td class=\"wysiwyg-text-align-center\">Anywhere 0.0.0.0\/0<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/204074208\/security-group.png\" alt=\"\" width=\"800\" height=\"476\" \/><\/p>\n<p><strong>Security Tip:<\/strong> \u00a0If you have a static WAN IP address for your local Internet connection, consider specifying a Source IP for the SSH Port 22 entry to ensure the server will only accept SSH connections from your IP address. \u00a0This can be changed in the future from the console by modifying the\u00a0Security Group.<\/p>\n<p><strong>Step 7:<\/strong> Review Instance Launch. Use this page to review your configuration, and when ready, click Launch.<\/p>\n<p>You will be prompted to Select an existing key pair or create a new key pair. An AWS Key Pair allows you to securely connect to your AWS instance via SSH.<\/p>\n<p>Provide a Key Pair name, and click Download Key Pair. Once you have saved the .pem file to a safe place on your computer, click\u00a0Launch Instances.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/203015848\/Screen_Shot_2015-09-07_at_5.09.57_PM.png\" alt=\"\" width=\"800\" height=\"476\" \/><\/p>\n<p>You will now see a confirmation window saying your instances are now launching. Click View Instances to be taken to the list of instances.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/203020048\/Screen_Shot_2015-09-08_at_7.30.04_AM.png\" alt=\"\" width=\"800\" height=\"476\" \/><\/p>\n<p><span class=\"wysiwyg-font-size-x-large\">Assign an Elastic IP (Static Public IP)<\/span><\/p>\n<hr \/>\n<p>While you wait for your new VM to launch, you can create a Static Public IP address to assign to the instance. \u00a0Known as an Elastic IP in AWS, it is permanently allocated to your AWS account and can be moved between different instances. \u00a0Unlike the regular Public IP, an Elastic IP\u00a0address will\u00a0persist even if the server is stopped.<\/p>\n<p>Step 1: Click on Elastic IPs on the left menu, under Network &amp; Security.<\/p>\n<p>Step 2: Click Allocate New Address. In the confirmation dialog, select EIP used in: VPC, then click Yes, Allocate.<\/p>\n<p>Step 3: In the confirmation popup, take note of your new Elastic IP address, and click Close. \u00a0For the rest of this article, replace any mention\u00a0of\u00a0<em>&lt;elastic-ip&gt;<\/em> in commands with this IP address.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/203015878\/Screen_Shot_2015-09-07_at_5.41.48_PM.png\" alt=\"\" width=\"801\" height=\"477\" \/><\/p>\n<p>Step 4: Select your Elastic IP from the list, and click the Actions menu button. Click Associate Address.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/203015908\/Screen_Shot_2015-09-07_at_5.41.57_PM.png\" alt=\"\" width=\"800\" height=\"476\" \/><\/p>\n<p>Step 5: In the Associate Address window, click the Instance text box, and choose your UniFi Instance. Click Associate.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/202945527\/Screen_Shot_2015-09-07_at_5.42.25_PM.png\" alt=\"\" width=\"800\" height=\"476\" \/><\/p>\n<p>Note: If you ever terminate your instance, remember to Release the Elastic IP as\u00a0Elastic IP addresses that are not assigned to an instance are billed monthly by AWS.<\/p>\n<p><span class=\"wysiwyg-font-size-x-large\">Connecting Via SSH\u00a0to the Instance:<\/span><\/p>\n<hr \/>\n<p><span class=\"wysiwyg-font-size-large\">Using Windows (PuTTY):<\/span><\/p>\n<hr \/>\n<p>If you are using a Windows computer, you can use PuTTY to connect to the server via SSH. You will need to convert the Key Pair (UniFiController.pem) file you created earlier from a .pem file to a .ppk file that is supported by PuTTY.<\/p>\n<p>For detailed instructions on how to convert your .pem to a .ppk file and connect to the server using PuTTY on Windows,\u00a0please read\u00a0<a href=\"https:\/\/docs.aws.amazon.com\/console\/ec2\/instances\/connect\/putty\" target=\"_blank\">Amazon&#8217;s PuTTY Setup Guide<\/a>.<\/p>\n<p><span class=\"wysiwyg-font-size-large\">Using Mac OS X or Linux:<\/span><\/p>\n<hr \/>\n<p>If you are using a Linux or Mac OS X computer, you can use the built-in SSH client.<\/p>\n<p>Open a Terminal and enter the following commands:<\/p>\n<p><strong>Step 1:<\/strong> Edit permissions for the .pem file as required for SSH:<\/p>\n<pre>chmod 400 \/location\/to\/UniFiController.pem<\/pre>\n<p><strong>Step 2:<\/strong> Connect to server using SSH and the .pem file, where &lt;elastic-ip&gt; is the Elastic IP Address configured previously:<\/p>\n<pre>ssh -i \u201c\/location\/to\/UniFiController.pem\" ubuntu@&lt;elastic-ip&gt;<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/202945357\/Screen_Shot_2015-09-07_at_5.45.04_PM.png\" alt=\"\" width=\"501\" height=\"344\" \/><\/p>\n<p><span class=\"wysiwyg-font-size-x-large\">Installing the UniFi Controller<\/span><\/p>\n<hr \/>\n<p>Once you connect to the Server and are greeted with the Ubuntu Command Line Interface (CLI), execute the following commands:<\/p>\n<p><strong>Step 1:<\/strong> Add the Ubiquiti repository to \/etc\/apt\/sources.list:<\/p>\n<pre>echo \"deb http:\/\/www.ubnt.com\/downloads\/unifi\/debian unifi5 ubiquiti\" | sudo tee -a \/etc\/apt\/sources.list<\/pre>\n<p><strong>Step 2:<\/strong> Add the Ubiquiti GPG Key:<\/p>\n<pre>sudo apt-key adv --keyserver keyserver.ubuntu.com --recv C0A52C50<\/pre>\n<p><strong>Step 3:<\/strong> Update the server&#8217;s repository information:<\/p>\n<pre>sudo apt-get update<\/pre>\n<p><strong><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/203019988\/Screen_Shot_2015-09-07_at_5.51.40_PM.png\" alt=\"\" width=\"500\" height=\"343\" \/><\/strong><\/p>\n<p><strong>Step 4:<\/strong> Install UniFi:<\/p>\n<pre>sudo apt-get install unifi<\/pre>\n<p><strong><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/203019998\/Screen_Shot_2015-09-07_at_5.52.46_PM.png\" alt=\"\" width=\"500\" height=\"343\" \/><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/202949567\/Screen_Shot_2015-09-07_at_5.53.01_PM.png\" alt=\"\" width=\"500\" height=\"343\" \/><\/strong><\/p>\n<p><strong>Step 5:<\/strong>\u00a0Disconnect from the server:<\/p>\n<pre>exit<\/pre>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/202949557\/Screen_Shot_2015-09-07_at_5.53.50_PM.png\" alt=\"\" width=\"500\" height=\"343\" \/><\/p>\n<p>You may\u00a0now close the Terminal or PuTTY window.<\/p>\n<p><strong>Step 6:<\/strong> Open your browser and navigate to <em>https:\/\/&lt;elastic-ip&gt;:8443\/<\/em><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wysiwyg-text-align-center\" src=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/article_attachments\/202945397\/Screen_Shot_2015-09-07_at_5.54.28_PM.png\" alt=\"\" width=\"800\" height=\"476\" \/><\/p>\n<p><strong>Step 7:<\/strong> Complete the UniFi Setup Wizard. \u00a0You will need to skip Step 2: Discover as no devices will be available for adoption since the controller is not on the same subnet.<\/p>\n<p><strong>Step 8:\u00a0<\/strong>Your controller setup is now complete! \u00a0You may now proceed to adopt\u00a0your UniFi devices using <a href=\"https:\/\/ubnt.zendesk.com\/hc\/en-us\/articles\/204909754-UniFi-Layer-3-methods-for-UAP-adoption-and-management\" target=\"_blank\">Layer 3 Adoption<\/a>.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>August 10, 2016 23:48 Overview Readers will learn how to launch an Amazon Web Services (AWS) Virtual Machine\u00a0using the Ubuntu Server x64 AMI, connect to the server using SSH, and install the latest UniFi Controller software. Amazon Web Services currently offers a &#8222;Free Tier&#8220; VM\u00a0for twelve months for new users consisting of a t2.micro instance [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"footnotes":""},"categories":[11],"tags":[],"class_list":["post-225","post","type-post","status-publish","format-standard","hentry","category-edv-ecke"],"_links":{"self":[{"href":"https:\/\/bene.webtopia.ch\/index.php?rest_route=\/wp\/v2\/posts\/225","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bene.webtopia.ch\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bene.webtopia.ch\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bene.webtopia.ch\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bene.webtopia.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=225"}],"version-history":[{"count":1,"href":"https:\/\/bene.webtopia.ch\/index.php?rest_route=\/wp\/v2\/posts\/225\/revisions"}],"predecessor-version":[{"id":226,"href":"https:\/\/bene.webtopia.ch\/index.php?rest_route=\/wp\/v2\/posts\/225\/revisions\/226"}],"wp:attachment":[{"href":"https:\/\/bene.webtopia.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=225"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bene.webtopia.ch\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=225"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bene.webtopia.ch\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=225"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}