Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 4 Next »

  1. ALB with proper certificates

  2. EC2 Instance (t3.medium) x 2

  3. Amazon Aurora Database

  4. OAuth Details ( Okta/ GoogleAuth etc)

  1. EC2 Instance 1: Roost Control Plane

AMI

Choose Ubuntu 20 (ubuntu-focal-20.04)

Instance Type

t3.medium

Storage

Root Volume: 20GB
EBS: 100GB ( Disable Delete on termination)

Termination protection

Enable

Security Group Rules

  1. SSH (port 22)

  2. HTTP (port 80)

  3. HTTPS (port 443)

  4. Custom TCP Port 2502 (for Stun)

2. EC2 Instance 2: Roost Proxy

AMI

Choose Ubuntu 20 (ubuntu-focal-20.04)

Instance Type

t3.medium

Storage

Root Volume: 20GB
EBS: 100GB ( Disable Delete on termination)

Termination protection

Enable

Security Group Rules

  1. Security group for the web-console proxy to allow TCP traffic from VPC or any source IP

    1. TCP Port 5000 for Docker Host

    2. TCP Port 5002 for Docker Insecure Registry

    3. TCP Port 60001 for JumpHost RoostApi Server

    4. TCP Port 60002 for ClusterLauncher

    5. TCP Port 60003 for EaaS API Server

    6. TCP Port 60005 for Cypress Video Server

    7. TCP Port 60006 for Web-console(gotty) default service - ubuntu user

    8. TCP Port 62020-62050 for dynamic gotty ports - mapped to individual users

3. Database : Amazon Aurora

Select “Easy create” option with recommended best practice configuration from AWS

  • No labels