/
5. EC2 Instance Setup

5. EC2 Instance Setup

Owned by Rakesh Chandran
Last updated: Nov 20, 2022 by Harish Agrawal
2 min read

Launch 2 instances with below attributes

You can use the AWS option to launch 3 instances.

  • Public Jump for accessing Private EC2 Instance

  • Private Roost Control Plane

  • Private EaaS Server Or Jump Host Server for Managed/User K8s

1. Public EC2 Instance: For access to private instance

Attribute

Selection

Attribute

Selection

AMI

Choose Ubuntu 20 (ubuntu-focal-20.04) SSD Volume Type

Instance Type

t2.micro

Shutdown behaviour (Stop)

Enable Termination Protection

Storage

Root Volume: 8GB (gp2)

Termination protection

Enable

Security Group Rules

 

Default Security Group

Inbound Rules with “Source as MyIP or Anywhere”

  1. SSH (port 22)

Tag

Name: RoostAccessJump

Public IP

Enabled

VPC and AZ

Same as the entire setup (suggest that you create a dedicated VPC and other networking components for Roost)

 

  1. Download key-pair; change permissions to 0400

  2. Review configuration and Launch Instance

2. EC2 Instance: Roost Control Plane

Below configuration is good for 2-3 team size

Attribute

Selection

Attribute

Selection

AMI

Choose Ubuntu 20 (ubuntu-focal-20.04) SSD Volume Type

Instance Type

c5.2xlarge or bigger in CPU & memory

Shutdown behaviour (Stop)

Enable Termination Protection

Storage

Root Volume: 30GB (gp3)
EBS: 100GB (gp3) (Disable Delete on termination)

Termination protection

Enable

Security Group Rules

 

Inbound Rules with “Source as VPC Default SG”

  1. SSH (port 22)

  2. HTTPS (port 443)

Tag

Name: Roost Control Plane

Public IP

Disabled

 

  1. Download key-pair; change permissions to 0400

  2. SCP the PEM key to the public instance (created in Part 1)

  3. Review configuration and Launch Instance

3: EC2 Instance: Roost EAAS Server or JumpHost

Similar to EC2 Instance 1 with few changes

Use the tags to give a different “Name” like “Roost EAAS Server” for ease of identification

This instance will also act as the default “JumpHost” for user managed clusters. Optionally, it can host a Docker Host and Docker Insecure Registry.

Attribute

Selection

Attribute

Selection

AMI

Choose Ubuntu 20 (ubuntu-focal-20.04) SSD Volume Type

Instance Type

c5.2xlarge or bigger in CPU & memory

Shutdown behaviour (Stop)

Enable Termination Protection

Storage

Root Volume: 30GB (gp3)
EBS: 100GB (gp3) ( Disable Delete on termination)

Termination protection

Enable

Security Group Rules

Please note if Controlplane and EaaS Server are in the same VPC, then we can use just Private IP and configure “All TCP” from security-group of the controlplane

If this instance is in a different region/VPC then we have to enable Public/External IP and open below traffic from anywhere

Inbound Rules with “Source as Roost Control plane SG”

  1. SSH (port 22)

  2. HTTPS (port 443)

  3. TCP Port 5000 for Docker Host

  4. TCP Port 5002 for Docker Insecure Registry

  5. TCP Port 60001 for Jump Host RoostApi Server

  6. TCP Port 60002 for Roost Cluster Launcher

  7. TCP Port 60003 for EaaS API Server

  8. TCP Port 60005 for Cypress Video Server

  9. TCP Port 60006 for Web-console(gotty) default service - ubuntu user

  10. TCP Port 62020-62120 for dynamic gotty ports - mapped to individual users

Tag

Name: Roost EaaS Server

Public IP

Disabled

  1. Download key-pair; change permissions to 0400

  2. SCP the PEM key to the public instance (created in Part 1)

  3. Review configuration and Launch Instance

 

Further configuration of EaaS Server and JumpHost is enabled via the Admin page on Roost Enterprise Control Plane

 

<< VPC, Subnet & NAT Setup 6. AWS Route 53, ALB, ACM >>

 

Related content

1. High Level Design
1. High Level Design
Roost EaaS User Guide
More like this
8. Start Roost Control Plane Server
8. Start Roost Control Plane Server
Roost EaaS User Guide
More like this
4. Networking setup for Private Roost ControlPlane
4. Networking setup for Private Roost ControlPlane
Roost EaaS User Guide
More like this
6. AWS Route 53, ALB, ACM and Target Group Configuration
6. AWS Route 53, ALB, ACM and Target Group Configuration
Roost EaaS User Guide
Read with this
7. Roost Control Plane Setup
7. Roost Control Plane Setup
Roost EaaS User Guide
More like this
3. Database Setup
3. Database Setup
Roost EaaS User Guide
Read with this