lightspeed-operator/rhelai_cloud_formation.yaml at main · openshift/lightspeed-operator · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
# aws cloudformation create-stack --stack-name $USERNAME-stack --template-body file://rhelai_cloud_formation.yaml --parameters ParameterKey=username,ParameterValue=$USERNAME
# aws cloudformation delete-stack --stack-name $USERNAME-stack

Parameters:
  username:
    Type: String
    Description: "The username used to prefix AWS resource names."

Resources:
  # Create a VPC
  VPC:
    Type: "AWS::EC2::VPC"
    Properties:
      CidrBlock: "10.0.0.0/16"
      EnableDnsSupport: true
      EnableDnsHostnames: true
      Tags:
        - Key: "Name"
          Value: !Sub "${username}-vpc"

  # Create a Public Subnet in the VPC
  PublicSubnet:
    Type: "AWS::EC2::Subnet"
    Properties:
      VpcId: !Ref VPC
      CidrBlock: "10.0.1.0/24"
      MapPublicIpOnLaunch: true
      AvailabilityZone: !Select [0, !GetAZs ""]  # Selects the first availability zone in the region
      Tags:
        - Key: "Name"
          Value: !Sub "${username}-subnet"

  # Create an Internet Gateway
  InternetGateway:
    Type: "AWS::EC2::InternetGateway"
    Properties:
      Tags:
        - Key: "Name"
          Value: !Sub "${username}-internet-gateway"

  # Attach the Internet Gateway to the VPC
  VPCGatewayAttachment:
    Type: "AWS::EC2::VPCGatewayAttachment"
    Properties:
      VpcId: !Ref VPC
      InternetGatewayId: !Ref InternetGateway

  # Create a Route Table
  RouteTable:
    Type: "AWS::EC2::RouteTable"
    Properties:
      VpcId: !Ref VPC
      Tags:
        - Key: "Name"
          Value: !Sub "${username}-route-table"

  # Create a Route for the Internet Gateway
  Route:
    Type: "AWS::EC2::Route"
    Properties:
      RouteTableId: !Ref RouteTable
      DestinationCidrBlock: "0.0.0.0/0"
      GatewayId: !Ref InternetGateway

  # Associate the Route Table with the Public Subnet
  SubnetRouteTableAssociation:
    Type: "AWS::EC2::SubnetRouteTableAssociation"
    Properties:
      SubnetId: !Ref PublicSubnet
      RouteTableId: !Ref RouteTable

  # Security Group for EC2 Instance
  SecurityGroup:
    Type: "AWS::EC2::SecurityGroup"
    Properties:
      GroupDescription: !Sub "Enable SSH, HTTP, and HTTPS access for ${username}"
      VpcId: !Ref VPC
      SecurityGroupIngress:
        - IpProtocol: "tcp"
          FromPort: 22  # SSH
          ToPort: 22
          CidrIp: "0.0.0.0/0"
        - IpProtocol: "tcp"
          FromPort: 80  # HTTP
          ToPort: 80
          CidrIp: "0.0.0.0/0"
        - IpProtocol: "tcp"
          FromPort: 8000  # HTTP
          ToPort: 8000
          CidrIp: "0.0.0.0/0"
        - IpProtocol: "tcp"
          FromPort: 443  # HTTPS
          ToPort: 443
          CidrIp: "0.0.0.0/0"
      SecurityGroupEgress:
        - IpProtocol: "-1"  # All traffic
          CidrIp: "0.0.0.0/0"
      Tags:
        - Key: "Name"
          Value: !Sub "${username}-security-group"

  # EC2 Instance
  EC2Instance:
    Type: "AWS::EC2::Instance"
    Properties:
      InstanceType: "g6.2xlarge"
      ImageId: "ami-0aa8fc2422063977a"
      KeyName: !Sub "${username}-keys"
      SubnetId: !Ref PublicSubnet
      SecurityGroupIds:
        - !Ref SecurityGroup
      BlockDeviceMappings:
        - DeviceName: "/dev/sda1"  # Primary volume (root device)
          Ebs:
            VolumeSize: 200  # Size in GB
            VolumeType: "gp3"
      Tags:
        - Key: "Name"
          Value: !Sub "${username}-rhel-ai"