diff --git a/packages/pgml-rds-proxy/ec2/.gitignore b/packages/pgml-rds-proxy/ec2/.gitignore new file mode 100644 index 000000000..b3860e0bf --- /dev/null +++ b/packages/pgml-rds-proxy/ec2/.gitignore @@ -0,0 +1,4 @@ +.terraform +*.lock.hcl +*.tfstate +*.tfstate.backup diff --git a/packages/pgml-rds-proxy/ec2/README.md b/packages/pgml-rds-proxy/ec2/README.md new file mode 100644 index 000000000..a82c64e03 --- /dev/null +++ b/packages/pgml-rds-proxy/ec2/README.md @@ -0,0 +1,7 @@ +# Terraform configuration for pgml-rds-proxy on EC2 + +This is a sample Terraform deployment for running pgml-rds-proxy on EC2. This will spin up an EC2 instance +with a public IP and a working security group & install the community Docker runtime. + +Once the instance is running, you can connect to it using the root key and run the pgml-rds-proxy Docker container +with the correct PostgresML `DATABASE_URL`. diff --git a/packages/pgml-rds-proxy/ec2/ec2-deployment.tf b/packages/pgml-rds-proxy/ec2/ec2-deployment.tf new file mode 100644 index 000000000..f724e3666 --- /dev/null +++ b/packages/pgml-rds-proxy/ec2/ec2-deployment.tf @@ -0,0 +1,84 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.46" + } + } + + required_version = ">= 1.2.0" +} + +provider "aws" { + region = "us-west-2" +} + +data "aws_ami" "ubuntu" { + most_recent = true + + filter { + name = "name" + values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"] + } + + filter { + name = "virtualization-type" + values = ["hvm"] + } + + owners = ["099720109477"] # Canonical +} + +resource "aws_security_group" "pgml-rds-proxy" { + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + ingress { + from_port = 6432 + to_port = 6432 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } +} + +resource "aws_instance" "pgml-rds-proxy" { + ami = data.aws_ami.ubuntu.id + instance_type = "t3.micro" + key_name = var.root_key + + root_block_device { + volume_size = 30 + delete_on_termination = true + } + + vpc_security_group_ids = [ + "${aws_security_group.pgml-rds-proxy.id}", + ] + + associate_public_ip_address = true + user_data = file("${path.module}/user_data.sh") + user_data_replace_on_change = false + + tags = { + Name = "pgml-rds-proxy" + } +} + +variable "root_key" { + type = string + description = "The name of the SSH Root Key you'd like to assign to this EC2 instance. Make sure it's a key you have access to." +} diff --git a/packages/pgml-rds-proxy/ec2/user_data.sh b/packages/pgml-rds-proxy/ec2/user_data.sh new file mode 100644 index 000000000..afa0609c0 --- /dev/null +++ b/packages/pgml-rds-proxy/ec2/user_data.sh @@ -0,0 +1,21 @@ +#!/bin/bash +# +# Cloud init script to install Docker on an EC2 instance running Ubuntu 22.04. +# + +sudo apt-get update +sudo apt-get install ca-certificates curl +sudo install -m 0755 -d /etc/apt/keyrings +sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc +sudo chmod a+r /etc/apt/keyrings/docker.asc + +# Add the repository to Apt sources: +echo \ + "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \ + $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ + sudo tee /etc/apt/sources.list.d/docker.list > /dev/null +sudo apt-get update + +sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin +sudo groupadd docker +sudo usermod -aG docker ubuntu