Update a network instance in AWS TNB - AWS Telco Network Builder
ConsiderationsParameters that you can updateUpdating a network instance

Update a network instance in AWS TNB

After a network instance is instantiated, you might need to update the infrastructure or application. To do so, you update the network package and parameter values for the network instance and deploy the update operation to apply the changes.

Considerations

  • You can update a network instance that is in the Instantiated or Updated state.

  • When you update a network instance, the UpdateSolNetworkService API uses the new network package and parameter values to update the topology of the network instance.

  • AWS TNB verifies that the number of NSD and VNFD parameters in the network instance does not exceed 200. This limit is enforced to protect from bad actors passing erroneous or huge payloads that affect the service.

Parameters that you can update

You can update the following parameters when you update an instantiated network instance:

Parameter Description Example: Before Example: After

Amazon EKS cluster version

You can update the value for the Amazon EKS cluster control plane version parameter to the next minor version. You cannot downgrade the version.

 
EKSCluster:
    type: tosca.nodes.AWS.Compute.EKS
    properties:
      version: "1.28"
 
EKSCluster:
    type: tosca.nodes.AWS.Compute.EKS
    properties:
      version: "1.29"

Amazon EKS worker nodes

You can update the value for the EKSManagedNode kubernetes_version parameter to upgrade your node group to a newer Amazon EKS version, or you can update the ami_id parameter to upgrade your node group to the latest EKS-optimzed AMI.

You can update the AMI ID for EKSSelfManagedNode. The Amazon EKS version of the AMI must be the same as or up to 2 versions lower than the Amazon EKS cluster version. For example if the Amazon EKS cluster version is 1.31, then the Amazon EKS AMI version must be 1.31, 1.30, or 1.29.

 
EKSManagedNodeGroup01:
    ...
    properties:
      kubernetes_version: "1.28"
    EKSSelfManagedNode01:
      compute:
        compute:
          properties:
            ami_id: "ami-123123OLD"
 
EKSManagedNodeGroup01:
    ...
    properties:
      kubernetes_version: "1.29"
    EKSSelfManagedNode01:
      compute:
        compute:
          properties:
            ami_id: "ami-123123NEW"

Amazon EKS node groups

You can add or remove node groups as per your compute needs.

When deleting existing node groups and adding new ones, ensure that the new node groups have different IDs than the deleted node groups, otherwise the operation will be treated as a node group modification instead of a deletion and addition. Note that for existing node groups, only a limited set of parameters can be updated. Scroll through this table to see which parameters you can update.

 
Free5GCEKSNode01:
  type: tosca.nodes.AWS.Compute.EKSManagedNode
  ...
    scaling:
      properties:
        desired_size: 1
        min_size: 1
        max_size: 1
  ...
Free5GCEKSNode02: # Deleted Nodegroup
  type: tosca.nodes.AWS.Compute.EKSManagedNode
  ...
    scaling:
      properties:
        desired_size: 1
        min_size: 1
        max_size: 1
  ...
Free5GCEKSNode03: # Deleted Nodegroup  
  type: tosca.nodes.AWS.Compute.EKSSelfManagedNode
  ...
    scaling:
      properties:
        desired_size: 1
        min_size: 1
        max_size: 1
  ...
 
Free5GCEKSNode01:
  type: tosca.nodes.AWS.Compute.EKSManagedNode
  ...
    scaling:
      properties:
        desired_size: 1
        min_size: 1
        max_size: 1
  ...
Free5GCEKSNode04: # New Nodegroup
  type: tosca.nodes.AWS.Compute.EKSSelfManagedNode
  ...
    scaling:
      properties:
        desired_size: 1
        min_size: 1
        max_size: 1
  ...
Free5GCEKSNode05: # New Nodegroup  
  type: tosca.nodes.AWS.Compute.EKSManagedNode
  ...
    scaling:
      properties:
        desired_size: 1
        min_size: 1
        max_size: 1
  ...

Scaling properties

You can update the scaling properties of the EKSManagedNode and EKSSelfManagedNode TOSCA nodes.

 
EKSNodeGroup01:
    ...
    scaling:
        properties:
            desired_size: 1
            min_size: 1
            max_size: 1
 
EKSNodeGroup01:
    ...
    scaling:
        properties:
            desired_size: 2
            min_size: 0
            max_size: 2

Amazon EBS CSI plugin properties

You can enable or disable the Amazon EBS CSI plugin on your Amazon EKS clusters. You can also change the plugin version.

 
EKSCluster:
  capabilities:
   ...
    ebs_csi:
      properties:
        enabled: false
 
EKSCluster:
  capabilities:
   ...
    ebs_csi:
      properties:
        enabled: true
        version: "v1.30.0-eksbuild.1"

Root volume size

You can add, remove, or update the root volume size property of the EKSManagedNode and EKSSelfManagedNode TOSCA nodes.

 
Free5GCEKSNode01:
      ...
      capabilities:        
        compute:
          properties:
            root_volume_size: 50
 
Free5GCEKSNode01:
      ...
      capabilities:
        compute:
          properties:            
            root_volume_size: 100

VNF

You can reference the VNFs in the NSD and deploy them to the cluster created in NSD using VNFDeployment TOSCA node. As part of the update, you will be able to add, update, and delete VNFs to the network.

 
vnfds:
  - descriptor_id: "43c012fa-2616-41a8-a833-0dfd4c5a049e"
    namespace: "vnf1"
  - descriptor_id: "64222f98-ecd6-4871-bf94-7354b53f3ee5"
    namespace: "vnf2" // Deleted VNF
...
SampleVNF1HelmDeploy:
      type: tosca.nodes.AWS.Deployment.VNFDeployment
      requirements:
        cluster: EKSCluster
        vnfs:
          - vnf1.SampleVNF1
          - vnf2.SampleVNF2
 
vnfds:
  - descriptor_id: "59f77222-79e9-4dc1-be53-5712ad06e31b"
    namespace: "vnf1" // Updated VNF
  - descriptor_id: "b7e072dc-839d-4fac-916c-561a166da1fc"
    namespace: "vnf3" // Added VNFn
....
SampleVNF1HelmDeploy:
      type: tosca.nodes.AWS.Deployment.VNFDeployment
      requirements:
        cluster: EKSCluster
        vnfs:
          - vnf1.SampleVNF1
          - vnf3.SampleVNF3

Hooks

To run life cycle operations before and after you create a network function, add the pre_create and post_create hooks to the VNFDeployment node.

In this example, the PreCreateHook hook will run before vnf3.SampleVNF3 is instantiated and the PostCreateHook hook will run after vnf3.SampleVNF3 is instantiated.

 
vnfds:
  - descriptor_id: "43c012fa-2616-41a8-a833-0dfd4c5a049e"
    namespace: "vnf1"
  - descriptor_id: "64222f98-ecd6-4871-bf94-7354b53f3ee5"
    namespace: "vnf2"
...
SampleVNF1HelmDeploy:
  type: tosca.nodes.AWS.Deployment.VNFDeployment
  requirements:
    cluster: EKSCluster
    vnfs:
      - vnf1.SampleVNF1
      - vnf2.SampleVNF2 // Removed during update
 
vnfds:
  - descriptor_id: "43c012fa-2616-41a8-a833-0dfd4c5a049e"
    namespace: "vnf1"
  - descriptor_id: "b7e072dc-839d-4fac-916c-561a166da1fc"
    namespace: "vnf3"
....

SampleVNF1HelmDeploy:
  type: tosca.nodes.AWS.Deployment.VNFDeployment
  requirements:
    cluster: EKSCluster
    vnfs:
      - vnf1.SampleVNF1 // No change to this function, as the namespace and uuid remain the same
      - vnf3.SampleVNF3 // New VNF as the namespace, vnf3, was not previously present
  interfaces:
    Hook:
      post_create: PostCreateHook
      pre_create: PreCreateHook

Hooks

To run life cycle operations before and after you update a network function, you can add the pre_update hook and the post_update hook to the VNFDeployment node.

In this example, PreUpdateHook will run before vnf1.SampleVNF1 is updated and PostUpdateHook will run after vnf1.SampleVNF1 is updated to the vnf package indicated by the updated uuid for the namespace vnf1.

 
vnfds:
  - descriptor_id: "43c012fa-2616-41a8-a833-0dfd4c5a049e"
    namespace: "vnf1"
  - descriptor_id: "64222f98-ecd6-4871-bf94-7354b53f3ee5"
    namespace: "vnf2"
...

SampleVNF1HelmDeploy:
  type: tosca.nodes.AWS.Deployment.VNFDeployment
  requirements:
    cluster: EKSCluster
    vnfs:
      - vnf1.SampleVNF1
      - vnf2.SampleVNF2 

vnfds:
  - descriptor_id: "0ebe4e95-bd87-44bd-b8a1-918466606a14"
    namespace: "vnf1"
  - descriptor_id: "64222f98-ecd6-4871-bf94-7354b53f3ee5"
    namespace: "vnf2"

...

SampleVNF1HelmDeploy:
  type: tosca.nodes.AWS.Deployment.VNFDeployment
  requirements:
    cluster: EKSCluster
    vnfs:
      - vnf1.SampleVNF1 // A VNF update as the uuid changed for namespace "vnf1"
      - vnf2.SampleVNF2 // No change to this function as namespace and uuid remain the same
  interfaces:
    Hook:
      pre_update: PreUpdateHook
      post_update: PostUpdateHook

Subnets

You can add and delete subnets from the network. Before deleting a subnet, verify that the subnet is not used by any resources in the network.

 
Free5GCSubnet01: #Deleted Subnet
  type: tosca.nodes.AWS.Networking.Subnet
  properties:
    type: "PUBLIC"
    availability_zone: { get_input: subnet_01_az }
    cidr_block: { get_input: subnet_01_cidr_block }
  requirements:
    route_table: Free5GCRouteTable
    vpc: Free5GCVPC
 
Free5GCSubnet02: #New Subnet
  type: tosca.nodes.AWS.Networking.Subnet
  properties:
    type: "PUBLIC"
    availability_zone: { get_input: subnet_02_az }
    cidr_block: { get_input: subnet_02_cidr_block }
  requirements:
    route_table: Free5GCRouteTable
    vpc: Free5GCVPC

Security groups

You can add and delete security groups from the network. Before deleting a security group, verify that the security group is not used by any resources in the network.

 
Free5GCSecurityGroup01: #Deleted Security Group
  type: tosca.nodes.AWS.Networking.SecurityGroup
  properties:
    description: "SecurityGroup for Free5GC cluster"
    name: "Free5GCSecurityGroup01"
    tags:
      - "Name=Free5GCEKSAdditionalSecurityGroup"
  requirements:
    vpc: Free5GCVPC

Free5GCSecurityGroupEgressRule01: #Deleted Security Group Egress Node
  type: tosca.nodes.AWS.Networking.SecurityGroupEgressRule
  properties:
    ip_protocol: "tcp"
    from_port: 8000
    to_port: 9000
    description: "Egress Rule for free5GC cluster"
    cidr_ip : "172.10.10.1/24"
  requirements:
    security_group: Free5GCSecurityGroup01

Free5GCSecurityGroupIngressRule01: #Deleted Security Group Ingress Node
  type: tosca.nodes.AWS.Networking.SecurityGroupIngressRule
  properties:
    ip_protocol: "tcp"
    from_port: 8000
    to_port: 9000
    description: "Ingress Rule for free5GC cluster"
    cidr_ip: "172.10.10.1/24"
  requirements:
    security_group: Free5GCSecurityGroup01
 
Free5GCSecurityGroup02: #New Security Group
  type: tosca.nodes.AWS.Networking.SecurityGroup
  properties:
    description: "SecurityGroup for Free5GC cluster"
    name: "Free5GCSecurityGroup02"
    tags:
      - "Name=Free5GCEKSAdditionalSecurityGroup"
  requirements:
    vpc: Free5GCVPC
   
Free5GCSecurityGroupEgressRule02: #New Security Group Egress Node
  type: tosca.nodes.AWS.Networking.SecurityGroupEgressRule
  properties:
    ip_protocol: "tcp"
    from_port: 8000
    to_port: 9000
    description: "Egress Rule for free5GC cluster"
    cidr_ip: "172.10.10.1/24"
  requirements:
    security_group: Free5GCSecurityGroup02
   
Free5GCSecurityGroupIngressRule02: #New Security Group Ingress Node
  type: tosca.nodes.AWS.Networking.SecurityGroupIngressRule
  properties:
    ip_protocol: "tcp"
    from_port: 8000
    to_port: 9000
    description: "Ingress Rule for free5GC cluster"
    cidr_ip: "172.10.10.1/24"
  requirements:
    security_group: Free5GCSecurityGroup02

Network interfaces

You can add, modify, and delete ENIs from the network.

 
Free5GCENI01: #Modified ENI
  type: tosca.nodes.AWS.Networking.ENI
  properties:
    device_index: 2
  requirements:
    subnet: Free5GCENISubnet01
    security_groups:
      - Free5GCSecurityGroup01

Free5GCENI02: #Modified ENI
  type: tosca.nodes.AWS.Networking.ENI
  properties:
    device_index: 3
    source_dest_check: true
  requirements:
    subnet: Free5GCENISubnet01

Free5GCENI04: #Deleted ENI
  type: tosca.nodes.AWS.Networking.ENI
  properties:
    device_index: 4
    source_dest_check: true
  requirements:
    subnet: Free5GCENISubnet01

Free5GCENI01: #Modified ENI
  type: tosca.nodes.AWS.Networking.ENI
  properties:
    device_index: 2
  requirements:
    subnet: Free5GCENISubnet02
    security_groups:
      - Free5GCSecurityGroup01

Free5GCENI02: #Modified ENI
  type: tosca.nodes.AWS.Networking.ENI
  properties:
    device_index: 3
    source_dest_check: true
  requirements:
    subnet: Free5GCENISubnet01
    security_groups:
      - Free5GCSecurityGroup01

Free5GCENI03: #New ENI
  type: tosca.nodes.AWS.Networking.ENI
  properties:
    device_index: 3
  requirements:
    subnet: Free5GCSubnet01
    security_groups:
      - Free5GCSecurityGroup01

Updating a network instance

Console
To update a network instance using the console

  1. Open the AWS TNB console at https://console.aws.amazon.com/tnb/.

  2. In the navigation pane, choose Networks.

  3. Select the network instance. You can update a network instance only if its state is Instantiated or Updated.

  4. Choose Actions and Update.

    The Update instance page appears with the network details and a list of parameters in the current infrastructure.

  5. Choose a new network package.

    The parameters in the new network package appear in the Updated parameters section.

  6. Optionally, update parameter values in the Updated parameters section. For the list of parameter values you can update, see Parameters that you can update.

  7. Choose Update network.

    AWS TNB validates the request and starts the deployment. The Deployment status page appears.

  8. Use the Refresh icon to track the deployment status of your network instance. You can also enable Auto refresh in the Deployment tasks section to track the progress of each task.

    When the deployment status changes to Completed, the network instance is updated.

    • If validation fails, the network instance remains in the same state as it was before you requested the update - either Instantiated or Updated.

    • If the update fails, the network instance state shows Update failed. Choose the link for each failed task to determine the reason.

    • If the update succeeds, the network instance state shows Updated.

AWS CLI
Use the CLI to update a network instance

Use the update-sol-network-instance command with the UPDATE_NS update type to update a network instance.

aws tnb update-sol-network-instance --ns-instance-id ^ni-[a-f0-9]{17}$ --update-type UPDATE_NS --update-ns "{\"nsdInfoId\":\"^np-[a-f0-9]{17}$\", \"additionalParamsForNs\": {\"param1\": \"value1\"}}"