Versions Compared

Version Old Version 14 New Version Current
Changes made by

Rakesh Chandran

Harish Agrawal

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Image Removed

  1. ALB with proper certificates

  2. EC2 Instance (t3.medium) x 2

  3. RDS Database

  4. OAuth Details ( Okta/ GoogleAuth etc)

  1. EC2 Instance 1: Roost Control Plane

...

AMI

...

Choose Ubuntu 20 (ubuntu-focal-20.04)

...

Instance Type

...

t3.medium

...

Storage

...

Root Volume: 20GB
EBS: 100GB ( Disable Delete on termination)

...

Termination protection

...

Enable

...

Security Group Rules

...

  1. SSH (port 22)

  2. HTTP (port 80)

  3. HTTPS (port 443)

  4. Custom TCP Port 2502 (for Stun)

  5. TCP Port 5000 for Docker Host

  6. TCP Port 5002 for Docker Insecure Registry

  7. TCP Port 60001 for JumpHost RoostApi Server

  8. TCP Port 60002 for ClusterLauncher

  9. TCP Port 60003 for EaaS API Server

  10. TCP Port 60005 for Cypress Video Server

  11. TCP Port 60006 for Web-console(gotty) default service - ubuntu user

  12. TCP Port 62020-62050 for dynamic gotty ports - mapped to individual users

2. EC2 Instance 2: Roost EAAS Server

...

AMI

...

Choose Ubuntu 20 (ubuntu-focal-20.04)

...

Instance Type

...

t3.medium

...

Storage

...

Root Volume: 20GB
EBS: 100GB ( Disable Delete on termination)

...

Termination protection

...

Enable

...

Security Group Rules

...

  1. SSH (port 22)

  2. HTTP (port 80)

  3. HTTPS (port 443)

  4. Custom TCP Port 2502 (for Stun)

  5. TCP Port 5000 for Docker Host

  6. TCP Port 5002 for Docker Insecure Registry

  7. TCP Port 60001 for JumpHost RoostApi Server

  8. TCP Port 60002 for ClusterLauncher

  9. TCP Port 60003 for EaaS API Server

  10. TCP Port 60005 for Cypress Video Server

  11. TCP Port 60006 for Web-console(gotty) default service - ubuntu user

  12. TCP Port 62020-62050 for dynamic gotty ports - mapped to individual users

3. Database : Amazon Aurora

Select “Easy create” option with recommended best practice configuration from AWS

EaaS Home Next

...

Please note Roost has other configurations:

  1. EAAS Server can be in a public subnet (default)

  2. AWS ALB can be in private subnet as well

Overall Flow of Roost

User Browser → Route53 → ALB → Target-Group → EC2 → Roost Application

Roost Application → EAAS Server → Launch Ephemeral Environments

Roost Application → JumpHost Server → Connect to User or Managed Clusters like EKS, GKE, AKS

Infrastructure Requirements

  1. ALB with proper certificates

  2. OAuth Details ( Okta/ GoogleAuth etc)

  3. EC2 Instance (c5.2xlarge) x 3 and (t2.micro) x 1

  4. RDS Database (AWS Aurora)

  5. Execute Roost Control plane Script

Oath Setup >>