ALB with proper certificates
EC2 Instance (t3.medium) x 2
OAuth Details ( Okta/ GoogleAuth etc)
RDS Database
EC2 Instance 1: Roost Control Plane (Launch 2 instances)
You can use the AWS option to launch 2 instances.
Roost Control Plane
EaaS Server
...
Attribute
...
Selection
...
AMI
...
Choose Ubuntu 20 (ubuntu-focal-20.04) SSD Volume Type
...
Instance Type
...
t3a.large
Shutdown behaviour (Stop)
Enable Termination Protection
...
Storage
...
Root Volume: 30GB (gp3)
EBS: 100GB ( Disable Delete on termination)
...
Termination protection
...
Enable
...
Security Group Rules
...
SSH (port 22)
HTTP (port 80)
HTTPS (port 443)
Custom TCP Port 2502 (for Stun)
TCP Port 5000 for Docker Host
TCP Port 5002 for Docker Insecure Registry
TCP Port 60001 for JumpHost RoostApi Server
TCP Port 60002 for ClusterLauncher
TCP Port 60003 for EaaS API Server
TCP Port 60005 for Cypress Video Server
TCP Port 60006 for Web-console(gotty) default service - ubuntu user
TCP Port 62020-62050 for dynamic gotty ports - mapped to individual users
2. EC2 Instance 2: Roost EAAS Server
Similar to EC2 Instance 1
Use the tags to give a different “Name” for ease of identification
...
Please note Roost has other configurations:
EAAS Server can be in a public subnet (default)
AWS ALB can be in private subnet as well
Overall Flow of Roost
User Browser → Route53 → ALB → Target-Group → EC2 → Roost Application
Roost Application → EAAS Server → Launch Ephemeral Environments
Roost Application → JumpHost Server → Connect to User or Managed Clusters like EKS, GKE, AKS
Infrastructure Requirements
ALB with proper certificates
OAuth Details ( Okta/ GoogleAuth etc)
EC2 Instance (c5.2xlarge) x 3 and (t2.micro) x 1
RDS Database (AWS Aurora)
Execute Roost Control plane Script