System Requirements

To help organize the information, we’ve broken down requirements into four categories:

  • Tools (utilities we use for deploying or maintaining the cluster)

  • Resources (consumable, measurable artifacts like S3 buckets)

  • Permissions (access needed to perform deployment/maintenance actions)

  • Information (values we must know when deploying or maintaining the cluster, often involve making configuration decisions)

The lists below are meant to provide a working understanding of what is needed for deployment; however, we will work with your team to tailor a more comprehensive list beforehand based on your infrastructure needs.

Tools

  • Terraform v1.0.2 or above (install)

  • Helm 3.6.1 or above (install)

  • AWS CLI 2.2.29 or above (install)

    • Setup your AWS config & credentials.

    • Test that awscli works e.g. by trying to list your S3 buckets:

      aws s3api list-buckets

  • Kubernetes CLI 1.20 or above (install)

Resources

  • VPC x 1

    • Private Subnet x 2 (recommended at least 50 IP addresses per subnet)

    • Public Subnet x 2 (recommended at least 10 IP addresses per subnet)

  • S3 bucket x 3 (can add more as needed)

  • EC2 instances x 4 (can scale up as needed)

    • 3 for control plane services

      • recommended at least 8 GiB RAM

    • 1 for data plane services

      • recommended at least 16 GiB RAM

  • 2 Network Load Balancers

  • 2 SSL Certificates

  • 2 Domains

    • 1 with a rime sub-domain

    • 1 with a rime-backend sub-domain

Permissions

NOTE: Robust Intelligence will provide you with an updated list of specific IAM resources before deployment.

  • Administrator IAM Role

    • for creating and destroying resources for the cluster

  • Model Testing Service-Linked IAM Role

    • for the cluster to read models and data

  • Cluster Autoscaler IAM Role (Optional)

    • for EKS to automatically scale up the cluster

  • External DNS IAM Role (Optional)

    • for modifying DNS records in Route 53

  • Elastic Load Balancer Service-Linked IAM Role (Optional)

    • for managing Network Load Balancers

  • Blob Storage Service-Linked IAM Role (Optional)

    • for the cluster to read/write models and data to/from a dedicated S3 bucket

  • ECR Image Builder Service-Linked IAM Role (Optional)

    • for the cluster to build custom Docker images for containerizing model dependenceies

  • ECR Repo Manager Service-Linked IAM Role (Optional)

    • for the cluster to push custom Docker images for containerizing model dependenceies

Information

  • Desired AWS region(s)

  • Desired custom integrations (we will help you decide)

  • Designated cluster administrator email

  • Data Science team emails (to create their accounts)

  • OIDC Configuration Vales (Optional)

    • Client ID

    • Client Secret

    • Issuer URL

    • Callback URL

  • SMTP Configuration Values (Optional)

    • Server URL and port

    • Sender address

    • Sender address secret

    • Receiver address(es)