AWSTemplateFormatVersion: 2010-09-09 Description: | Deploys a full EDA computing infrastructure that includes a new VPC, login server with remote desktop, LSF management server, and a shared NFS file system. This root stack launches a nested stack for each infrastructure component. **WARNING** This template creates AWS resources. You will be billed for the AWS resources used if you create a stack from this template. Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network configuration Parameters: - VpcCIDR - PublicSubnet1CIDR - PrivateSubnet1CIDR - VpcAz - SshSource - AdminKeyPair - Label: default: File system configuration Parameters: - FileSystemMountPoint - ScratchDir - ProjectDir - Label: default: LSF configuration Parameters: - LSFInstallPath - LSFClusterName - CustomerLSFInstallUri - CustomerLSFBinsUri - CustomerLSFEntitlementUri - CustomerLSFFixPackUri - MasterInstanceType - MasterServerAMI - ComputeAMI - Label: default: Login server configuration Parameters: - LoginServerInstanceType - LoginServerAMI - UserName ParameterLabels: AdminKeyPair: default: EC2 KeyPair SshSource: default: SSH source CIDR MasterInstanceType: default: Master instance type MasterServerAMI: default: Master server AMI ComputeAMI: default: Compute node AMI LSFClusterName: default: Cluster name LSFInstallPath: default: LSF install path FileSystemMountPoint: default: File system mount point ScratchDir: default: Scratch subdirectory ProjectDir: default: Project subdirectory VpcCIDR: default: VPC CIDR range VpcAz: default: Availability zone PublicSubnet1CIDR: default: CIDR block for the public subnet PrivateSubnet1CIDR: default: CIDR block for the private subnet CustomerLSFInstallUri: default: LSF 10.1 install script package CustomerLSFBinsUri: default: LSF 10.1 Linux base distribution package CustomerLSFEntitlementUri: default: LSF 10.1 entitlement file CustomerLSFFixPackUri: default: LSF 10.1 Fix Pack LoginServerInstanceType: default: Login server instance type LoginServerAMI: default: Login server AMI UserName: default: DCV remote desktop login username Parameters: AdminKeyPair: Description: "The name of an existing EC2 KeyPair to enable SSH access to the master server." Type: "AWS::EC2::KeyPair::KeyName" AllowedPattern: ".+" MasterInstanceType: Description: "The instance type for the LSF master host of the cluster." Type: String Default: "m5.2xlarge" AllowedValues: - m4.xlarge - m4.2xlarge - m5.xlarge - m5.2xlarge MasterServerAMI: Description: "The AMI for the LSF master server. Amazon Linux 2 is recommended." Type: String Default: ALinux2 AllowedValues: - ALinux2 ComputeAMI: Description: > 'FPGADev' provides access to the Xilinx Vivado EDA software. Use this when deploying the AWS EDA workshop. Choose 'CentOS' if you intend to run your own workloads in this environment. NOTE: You must first subscribe to these AMIs in the AWS Marketplace. See included documentation for details. Type: String Default: FPGADev AllowedValues: - FPGADev - CentOS75 LSFClusterName: Description: The name of the computing environment. This will also be the name of the LSF cluster. Type: String Default: myawscluster LSFInstallPath: Description: Path where LSF will be installed. Type: "String" Default: "/tools/ibm/lsf" AllowedPattern: ^/.+ FileSystemMountPoint: Description: The local directory on which the NFS file system is mounted Type: String Default: /fsxn AllowedPattern: ^/.+ ScratchDir: Description: The name for the runtime scratch data subdirectory Type: String Default: scratch AllowedPattern: ^.+ ProjectDir: Description: The name for the project design data subdirectory Type: String Default: proj AllowedPattern: ^.+ SshSource: Description: The CIDR range that is permitted to ssh into the infrastructure instances. Use your public IP address (http://checkip.amazonaws.com). Type: String Default: 0.0.0.0/32 AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/32 ConstraintDescription: This must be a valid IP CIDR range of the form x.x.x.x/32. LoginServerInstanceType: Description: The instance type for the login server. Type: String Default: m5.4xlarge AllowedValues: - t3.medium - t3.xlarge - m4.xlarge - m4.2xlarge - m5.xlarge - m5.2xlarge - m5.4xlarge - c5d.9xlarge LoginServerAMI: Description: This should be the same AMI that is used for the compute nodes. AMI (OS image) for the master server. NOTE You must first subscribe to this AMI in the AWS Marketplace at https://aws.amazon.com/marketplace/pp/B06VVYBLZZ" Type: String Default: FPGADev AllowedValues: - CentOS75 - FPGADev VpcAz: Description: The availability zone for this compute environment Type: 'AWS::EC2::AvailabilityZone::Name' VpcCIDR: Default: 172.30.0.0/16 Description: The IP range in CIDR notation for the new VPC. This should be a /16. Type: String AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: The CIDR block parameter must be in the form x.x.x.x/16-28 PublicSubnet1CIDR: Default: 172.30.32.0/24 Description: The login/remote desktop server will reside in this subnet. Enter the IP range in CIDR notation for the public subnet. This should be a /24. Type: String AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: The CIDR block parameter must be in the form x.x.x.x/16-28 PrivateSubnet1CIDR: Default: 172.30.0.0/19 Description: The LSF management, compute nodes, and NFS server will reside in this subnet. Enter the IP range in CIDR notation for the private subnet. This should be a /19. Type: String AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: The CIDR block parameter must be in the form x.x.x.x/16-28 CustomerLSFInstallUri: Description: The S3 URI to the LSF installer script package, lsf10.1_lsfinstall_linux_x86_64.tar.Z. Select object in the S3 console and choose Copy Path and paste here. Type: String Default: s3:///lsf10.1_lsfinstall_linux_x86_64.tar.Z AllowedPattern: s3\:\/\/.*\/lsf10.1_lsfinstall_linux_x86_64.tar.Z ConstraintDescription: S3 path invalid. Please verify LSF package name matches the example in the parameter description. CustomerLSFBinsUri: Description: The S3 URI to the LSF 10.1 Linux 2.6 kernel glibc version 2.3 base distribution package, lsf10.1_linux2.6-glibc2.3-x86_64.tar.Z. This must be a full distribution and not a patch or Fix Pack package. Select object in the S3 console and choose Copy Path and paste here. Type: String Default: s3:///lsf10.1_linux2.6-glibc2.3-x86_64.tar.Z AllowedPattern: s3\:\/\/.*\/lsf10.1_linux2.6-glibc2.3-x86_64.tar.Z ConstraintDescription: S3 path invalid. Please verify LSF package name matches the example in the parameter description. CustomerLSFFixPackUri: Description: > The S3 URI to the LSF 10.1 Fix Pack package. This must the lastest cumulative Fix Pack package. Select package object in the console and choose Copy Path and paste here. Type: "String" Default: "s3:///lsf10.1_linux2.6-glibc2.3-x86_64.545500.tar.Z" #AllowedPattern: ^s3\:\/\/.*\/lsf10.1_linux2.6-glibc2.3-x86_64.tar.Z$ CustomerLSFEntitlementUri: Description: The S3 URI to the LSF entitlement file, lsf_std_entitlement.dat or lsf_adv_entitlement.dat. Select object in the S3 console and choose Copy Path and paste here. Type: String Default: s3:///lsf_std_entitlement.dat AllowedPattern: s3\:\/\/.* ConstraintDescription: S3 path invalid. Please verify LSF file name matches the example in the parameter description. UserName: Default: simuser Description: User name for DCV remote desktop login. Default is "simuser". MinLength: '4' Type: String Resources: NetworkStack: Type: AWS::CloudFormation::Stack Properties: Parameters: VpcCIDR: !Ref VpcCIDR VpcAz: !Ref VpcAz PublicSubnet1CIDR: !Ref PublicSubnet1CIDR PrivateSubnet1CIDR: !Ref PrivateSubnet1CIDR LSFClusterName: !Ref LSFClusterName SshSource: !Ref SshSource TemplateURL: https://s3.amazonaws.com/aws-eda-workshop-files/workshops/eda-workshop-lsf/templates/01-network.yaml LSFServiceStack: Type: AWS::CloudFormation::Stack DependsOn: NFSServerStack Properties: Parameters: MasterInstanceType: !Ref MasterInstanceType MasterServerAMI: !Ref MasterServerAMI ComputeAMI: !Ref ComputeAMI LSFClusterName: !Ref LSFClusterName LSFInstallPath: !Ref LSFInstallPath FileSystemMountPoint: !Ref FileSystemMountPoint CustomerLSFInstallUri: !Ref CustomerLSFInstallUri CustomerLSFBinsUri: !Ref CustomerLSFBinsUri CustomerLSFFixPackUri: !Ref CustomerLSFFixPackUri CustomerLSFEntitlementUri: !Ref CustomerLSFEntitlementUri AdminKeyPair: !Ref AdminKeyPair DCVUserName: !Ref UserName TemplateURL: https://s3.amazonaws.com/aws-eda-workshop-files/workshops/eda-workshop-lsf/templates/02-lsf-master.yaml NFSServerStack: Type: AWS::CloudFormation::Stack DependsOn: NetworkStack Properties: Parameters: LSFClusterName: !Ref LSFClusterName TemplateURL: https://s3.amazonaws.com/aws-eda-workshop-files/workshops/eda-workshop-lsf/templates/fsxn-filesystem.yaml LoginServerStack: Type: AWS::CloudFormation::Stack DependsOn: LSFServiceStack Properties: Parameters: LoginServerInstanceType: !Ref LoginServerInstanceType LoginServerAMI: !Ref LoginServerAMI LSFClusterName: !Ref LSFClusterName AdminKeyPair: !Ref AdminKeyPair LSFInstallPath: !Ref LSFInstallPath FileSystemMountPoint: !Ref FileSystemMountPoint ScratchDir: !Ref ScratchDir ProjectDir: !Ref ProjectDir UserName: !Ref UserName TemplateURL: https://s3.amazonaws.com/aws-eda-workshop-files/workshops/eda-workshop-lsf/templates/03-dcv-login-server.yaml Outputs: RootStackName: Description: The name of the root CloudFormation stack Value: !Ref 'AWS::StackName' Export: Name: !Join [ '-', [ !Ref LSFClusterName, "RootStackName" ] ] LoginServerSsh: Description: Login server SSH command Value: !Sub 'ssh -i /path/to/${AdminKeyPair}.pem centos@${LoginServerStack.Outputs.LoginServerPublicIp}' LoginServerRemoteDesktop: Description: Connect to the DCV Remote Desktop with this URL via web browser or native DCV client Value: !GetAtt LoginServerStack.Outputs.DCVConnectionLink SSHTunnelCommand: Description: > Command for setting up an SSH tunnel from your local host to the remote desktop. Use "localhost:18443" as the connection address in the DCV client. This is helpful if outbound port 8443 is blocked by a proxy. Value: !Sub 'ssh -i /path/to/${AdminKeyPair}.pem -L 18443:localhost:8443 -l centos ${LoginServerStack.Outputs.LoginServerPublicIp}'