Install the manager on AWS
Before you begin, make sure you have the prerequisites and your AWS account meets the requirements.
The AI Unlimited manager orchestrates the engine's deployment and includes a web-based user interface for setup.
You'll use a CloudFormation template provided by Teradata to install the manager from the AWS Management Console. You'll deploy a server instance, on which the manager runs in a container controlled by systemd.
For installation help, email the support team or ask the community.
Clone the repository
The deployments folder in the AI Unlimited GitHub repository provided by Teradata contains template, parameter, and policy files for installing AI Unlimited.
Open a terminal window, and clone the repository.
Locate the manager template
CloudFormation templates for the manager are here in the AI Unlimited GitHub repository:
deployments/aws/templates/ai-unlimited/
Choose a template based on whether you intend to use a load balancer and what type.
You might want to ask a cloud admin at your organization for guidance.
ai-unlimited-with-alb.yaml—Hosts the manager behind an application load balancerai-unlimited-with-nlb.yaml—Hosts the manager behind a network load balancerai-unlimited-without-lb.yaml—No load balancer. If you're unsure about which template to use, we recommend this one.
Load the template
- Sign in to the AWS console.
NoteReferences to AWS Management Console are up-to-date as of May 29, 2024.
- Select the AWS region in which to deploy AI Unlimited.
We recommend selecting the region closest to your primary work location. - Search for and go to CloudFormation.
- Select Create Stack, then With new resources (standard).
- Select Choose an existing template, then Upload a template file.
- Select the template file you chose to use, and click Next.
Specify stack details and options
- Provide a stack name.
- Review the parameters. Provide values for the required parameters. Your organization might require others.
AWS and manager parameters
The parameters for each template vary. You might see some parameters here that you don't see in the console.
| Parameter | Description | Notes |
|---|---|---|
| Stack name | The identifier that helps you find the AI Unlimited stack from a list of stacks. | Required Default: NA The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and can't be longer than 128 characters. |
| AiUnlimitedName | The name of the AI Unlimited instance. | Required with default Default: ai-unlimited The name can contain only alphanumeric characters (case-sensitive) and hyphens. It must start with an alphabetic character and can't be longer than 20 characters. |
| InstanceType | The EC2 instance type for the manager. | Required with default Default: t3.micro IMPORTANT: If the instance is not adequately sized, engine deploy and suspend failures may occur, and you will have to re-install the manager on a larger instance. See Learn more: Manager instance type (size) recommendations below the parameters section. |
| RootVolumeSize | The size of the root disk you want to attach to the instance, in GB. | Required with default Default: 20 Supports values between 8 and 1000. |
| TerminationProtection | Enables instance termination protection. | Required with default Default: false |
| IamRole | Specifies whether CloudFormation should create a new IAM role or use an existing one. | Required with default Default: New Supported options are: New or Existing |
| IamRoleName | The name of the IAM role to assign to the instance, either an existing IAM role or a newly created one. | Optional with default Default: ai-unlimited-iam-role If naming a new IAM role, CloudFormation requires the CAPABILITY_NAMED_IAM capability. Leave this blank to use an autogenerated name. |
| IamPermissionsBoundary | The ARN of the IAM permissions boundary to associate with the IAM role assigned to the instance. | Optional Default: NA |
| AvailabilityZone | The availability zone to which you want to deploy the instance. | Required Default: NA The value must match the subnet, the zone of any pre-existing volumes, and the instance type must be available in the selected zone. |
| LoadBalancerScheme | If a load balancer is used, this field specifies whether the instance is accessible from the Internet or only from within the VPC. | Optional with default Default: Internet-facing The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the Internet. The nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the personal IP addresses of the nodes. Therefore, internal load balancers can route requests from clients with access to the VPC for the load balancer. |
| LoadBalancerSubnetOne | The subnet where the load balancer is hosted. The subnet determines load balancer availability zones, IP addresses, and endpoints. | Optional with default Default: NA You must define a minimum of one available subnet to create a Network Load Balancer (NLB) and two subnets for an Application Load Balancer (ALB). |
| LoadBalancerSubnetTwo | The subnet where the load balancer is hosted. | Optional. This option is only available in the template with ALB. Default: NA |
| HostedZoneID | The ID that Amazon Route 53 assigned to the hosted zone when you created it. | Optional Default: NA Each hosted zone corresponds to a domain name, or possibly a subdomain. The hosted zone is the container for DNS records, where you configure how the world interacts with your domain, such as pointing it to an IP address with a record. On the AWS console, go to Route 53 > Hosted zones. Find your registered domain name and the corresponding Hosted zone ID. |
| DnsName | The name of the domain. For public hosted zones, this is the name you registered with your DNS registrar. | Optional Default: NA For information about how to specify characters other than a-z, 0-9, and - (hyphen) and how to specify internationalized domain names, see Create Hosted Zone. |
| Private | Specifies whether the service is deployed in a private network without public IPs. | Required Default: false Make sure you select the Enable auto-assign public IPv4 address option in the subnet where the manager resides. If this option is not selected, the installation may fail. |
| Session | Specifies whether you can use the AWS Session Manager to access the instance. | Required Default: false |
| Vpc | The network to which you want to deploy the instance. | Required Default: NA |
| Subnet | The subnetwork to which you want to deploy the instance. | Required Default: NA The subnet must reside in the selected availability zone. |
| KeyName | The public/private key pair which allows you to connect securely to your instance after it launches. When you create an AWS account, this is the key pair you create in your preferred region. | Optional Default: NA Leave this field blank if you do not want to include the SSH keys. |
| AccessCIDR | The CIDR IP address range that is permitted to access the instance. | Optional Default: NA We recommend setting this value to a trusted IP range. Define at least one of AccessCIDR, PrefixList, or SecurityGroup to allow inbound traffic unless you create custom security group ingress rules. |
| PrefixList | The prefix list you can use to communicate with the instance. It is a collection of CIDR blocks that define a set of IP address ranges that require the same policy enforcement. | Optional Default: NA Define at least one of AccessCIDR, PrefixList, or SecurityGroup to allow inbound traffic unless you create custom security group ingress rules. Make sure to enter the prefix list name, not the ID. |
| SecurityGroup | The virtual firewall that controls inbound and outbound traffic to the instance. | Optional Default: NA Implemented as a set of rules that specify which protocols, ports, and IP addresses or CIDR blocks are allowed to access the instance. Define at least one of AccessCIDR, PrefixList, or SecurityGroup to allow inbound traffic unless you create custom security group ingress rules. |
| AIUnlimitedHttpPort | The port to access the AI Unlimited UI. | Required with default Default: 3000 |
| AIUnlimitedGrpcPort | The port to access the AI Unlimited API. | Required with default Default: 3282 |
| AIUnlimitedVersion | The version of AI Unlimited you want to deploy. | Required with default Default: latest The value is a container version tag. |
| UsePersistentVolume | Specifies whether you want to use a new or existing persistent volume to store data. See Learn more: Using a persistent volume below the parameters section. | Optional with default Default: New Supported options are a new persistent volume or an existing one, depending on your use case. |
| PersistentVolumeSize | The size of the persistent volume that you attach to the instance, in GB. | Required with default Default: 20 Supports values between 8 and 1000. |
| ExistingPersistentVolumeId | The ID of the existing persistent volume that you attach to the instance. | Required if UsePersistentVolume is set to Existing. Default: NA The persistent volume must be in the same availability zone as the AI Unlimited instance. |
| PersistentVolume DeletionPolicy | The persistent volume behavior when you delete the CloudFormation deployment. | Required with default |
| LatestAmiId | The ID of the image that points to the latest version of AMI. This value is used for the SSM lookup. | Required with default Default: NA This deployment uses the latest ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2 image available. IMPORTANT: Changing this value may break the stack. |
Learn more: Manager instance type (size) recommendations
For the AI Unlimited paid public preview, based on quantity of concurrent engine deploy and suspend operations, we recommend these t3 instance types. The performance of the other available instance types may vary.
| Instance type | Concurrent operations |
|---|---|
| t3.micro | 1 |
| t3.small | up to 5 |
| t3.medium | up to 10 |
| t3.large | up to 20 |
| t3.xlarge | more than 21 |
The concurrency will increase when AI Unlimited is released for general availability.
Learn more: Using a persistent volume
The manager instance runs in a container and saves its configuration data in a database in the root volume of the instance. This data persists if you shut down, restart, or snapshot and relaunch the instance.
A persistent volume stores data for a containerized application beyond the lifetime of the container, pod, or node in which it runs.
Without a persistent volume
If the container, pod, or node crashes or terminates, you lose the manager's configuration data. You can deploy a new manager instance, but not to the same state as the one that was lost.
With a persistent volume
If the container, pod, or node crashes or terminates, and the manager's configuration data is stored in a persistent volume, you can deploy a new manager instance that has the same configuration as the one that was lost.
Example
- Deploy the manager, and include these parameters:
UsePersistentVolume: NewPersistentVolumeDeletionPolicy: Retain
- After you create the stack, on the Outputs tab, note the
volume-id. - Use AI Unlimited.
- If the manager instance is lost, deploy the manager again, and include these parameters:
UsePersistentVolume: NewPersistentVolumeDeletionPolicy: RetainExistingPersistentVolumeId: the value you noted in step 2
The new manager instance has the same configuration as the one that was lost.
- Select Next.
- Configure stack options based on your needs, then select Next.
Review and create the stack
- Review the template settings.
- Select the check box to acknowledge that the template will create IAM resources.
- Select Submit to deploy the stack.
On the Events tab, you can monitor progress. When the status of all the resources isCREATE_COMPLETE, the manager is ready.
The Outputs tab shows the values generated for the created resources.
You'll need the URL to access the manager and set up AI Unlimited.
What's next
Create an OAuth app to allow authentication between AI Unlimited and your Git provider account.