Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Version 1 Next »

This instance will be facing the team members for any Roost activity.

4.1 Launch Control Plane Instance

Create an EC2 instance with the steps mentioned below.

  1. Launch EC2 instance

  2. Choose Ubuntu 20 (ubuntu-focal-20.04) AMI

  3. Instance Type as t3.medium

  4. Security group to allow control-plane traffic from any source IP or just the private VPC/Subnets.

    1. SSH (port 22)

    2. HTTP (port 80)

    3. HTTPS (port 443) and

    4. Custom TCP Port 2502 (for Stun)

  5. Root volume storage should be 20 GB or more.

  6. Preferred separate EBS volume of 100GB

  7. Enable Avoid Accidental Termination and disable EBS delete on termination

  8. Add tags and key-pair and launch.

  9. Download key-pair; change permissions to 0400

  10. Review configuration and Launch Instance

  11. Connect to EC2 using SSH once it is running

4.2 Mount EBS volume


Check the 100GB disk NAME

lsblk

Use the EBS disk name that is not mounted

sudo mkfs -t ext4 /dev/nvme1n1
sudo mkdir /var/tmp/Roost
sudo mount /dev/nvme1n1 /var/tmp/Roost
sudo chown `id -u`:`id -g` /var/tmp/Roost/
if [ ! -d /var/tmp/Roost ]; then
  sudo mkdir /var/tmp/Roost
  sudo chown `id -u`:`id -g` /var/tmp/Roost/
fi

4.3 Install SSL Certs

mkdir /var/tmp/Roost/certs;

cd /var/tmp/Roost/certs
# Copy your organisation SSL certs here 
# OR generate SSL certs

4.4 Roost Installation

  1. Download Roost Installation Script

    cd /var/tmp/Roost
curl -L https://remote-roostprod.s3.us-west-1.amazonaws.com/roost-enterprise.sh -o roost-enterprise.sh
chmod +x roost-enterprise.sh

  2. Download config.json

    curl -L https://remote-roostprod.s3.us-west-1.amazonaws.com/main-config.json -o config.json

    Sample Config looks like the below

    1. Replace the values to reflect for your organisation

    2. Keep values empty of the client_id/secrets for the 3rd party that is not needed

    3. Keep ENV_DATABASE detail unchanged if database is not external

    4. Add JWT_SECRET

    5. Recommend value of remote_console_proxy is same as enterprise_dns unless you want to start proxy elsewhere.

    6. If your servers are behind Load Balancer user load_balancer : “true” for different configuration.

    {
  "enterprise_name": "MyCompany",
  "enterprise_logo": "https://mycompany.ai/logos/LOGO-mycompany.png",
  "enterprise_email_domain": "mycompany.io",
  "enterprise_dns": "mycompany.io",
  "remote_console_proxy": "mycompany.io"
  "admin_email": "admin@mycompany.io",
  "email_sender": "noreply@mycompany.io",
  "email_sender_pass": "",
  "load_balancer": "false",

  "enterprise_ssl_certificate_path": "/var/tmp/Roost/certs/server.cer",
  "enterprise_ssl_certificate_key_path": "/var/tmp/Roost/certs/server.key",

  "ENV_SERVER": {
    "DEFAULT_PORT": 3000,
    "JWT_SECRET": "32-character-secure-long-secret",

    "GOOGLE_CLIENT_ID": "",
    "GOOGLE_CLIENT_SECRET": "",
    "AZURE_CLIENT_ID": "",
    "AZURE_CLIENT_SECRET": "",
    "GITHUB_CLIENT_ID": "",
    "GITHUB_CLIENT_SECRET": "",
    "LINKEDIN_CLIENT_ID": "",
    "LINKEDIN_CLIENT_SECRET": ""
  },

  "is_own_sql": "true",
  "ENV_DATABASE": {
    "MYSQL_HOST": "database-1-instance-1.region.rds.amazonaws.com",
    "MYSQL_PORT": 3306,

    "MYSQL_USERNAME": "MyUser",
    "MYSQL_PASSWORD": "MyPassword",
    "MYSQL_ROOT_PASSWORD": "AdminPassword"
  }
}


  3. Start Roost Control Plane Server

    cd /var/tmp/Roost
./roost-enterprise.sh -i all -c config.json

  4. Verifying the Roost.ai components

    1. Connect to the public_ip/login using a browser

    2. Use the 3rd party auth to connect to the control-plane

  5. Next Steps:

    Go to Admin Settings and

    1. Enable cloud vendor of choice and provide default settings

    2. Add the webconsole-proxy EC2 details in the “Configure EC2 Launcher”

    3. Enable JumpHost and refresh the page

    4. Go to JumpHost settings and add the webconsole-proxy EC2 details as 'default' jumpHost

  • No labels