Installing Pivotal Platform on AWS
Page last updated:
This guide describes how to install Pivotal Platform on Amazon Web Services (AWS).
You can install Pivotal Platform on AWS with either the Pivotal Application Service (PAS) or Enterprise Pivotal Container Service (Enterprise PKS) runtime. There are resource requirements specific to each runtime. Ensure you meet the requirements for your runtime and the requirements specific to AWS before installing Pivotal Platform on AWS.
This section lists the following resource requirements for installing Pivotal Platform on AWS:
- General Pivotal Platform resource requirements. See Pivotal Platform Resource Requirements.
- AWS-specific resource requirements. See AWS Resource Requirements.
This section lists Pivotal Platform resource requirements for installing Pivotal Platform on AWS. It includes general Pivotal Platform resource requirements for both the PAS and Enterprise PKS runtimes.
View one of the following, depending on your Pivotal Platform runtime:
- PAS-specific Pivotal Platform resource requirements. See PAS Resource Requirements.
- Enterprise PKS-specific Pivotal Platform resource requirements. See Enterprise PKS Resource Requirements.
The following are general resource requirements for deploying and managing a Pivotal Platform deployment with Ops Manager and PAS:
- PAS requires sufficient IP allocation. The following lists the minimum required IP allocations:
- One static IP address for either HAProxy or one of your Gorouters
- One static IP address for each job in the Ops Manager tile. See the Ops Manager Resource Config pane for each tile for a full list.
- One static IP address for each job listed below:
- File Storage
- MySQL Proxy
- MySQL Server
- Backup Restore Node
- MySQL Monitor
- Diego Brain
- TCP Router
- One IP for each VM instance created by the service.
- An additional IP address for each compilation worker. Use the following formula to determine the total IPs required:
IPs needed = static IPs + VM instances + compilation workers.
- Pivotal recommends that you allocate at least 36 dynamic IP addresses when deploying Ops Manager and PAS. BOSH requires additional dynamic IP addresses during installation to compile and deploy VMs, install PAS, and connect to services.
- Pivotal recommends using a network without DHCP for deploying PAS VMs.
Note: If you have DHCP, refer to the Troubleshooting Guide to avoid issues with your installation.
For Enterprise PKS-specific resource requirements, see AWS Prerequisites and Resource Requirements.
The following are AWS-specific resource requirements for installing Pivotal Platform on AWS with an external database and external file storage:
- Installing Pivotal Platform on AWS requires a minimum of the following VM instance limits in your AWS account. The number of VMs required depends on the number of tiles and availability zones (AZs) you plan to deploy. The following VM guidelines apply to the PAS, Small Footprint PAS, and Enterprise PKS runtimes:
- PAS: At a minimum, a new AWS deployment requires the following VMs for PAS:
AWS Requirements VM Name VM Type Default VM Count Required or Optional VM PAS NATS t3.micro 2 Required File Storage m5.large 1 Optional MySQL Proxy t3.micro 2 Optional MySQL Server r5.large 3 Optional Backup Restore Node t3.micro 1 Optional Diego BBS t3.micro 3 Required UAA m5.large 2 Required Cloud Controller m5.large 2 Required HAProxy t3.micro 0 Optional Router t3.micro 3 Required MySQL Monitor t3.micro 1 Optional Clock Global t3.medium 2 Required Cloud Controller Worker t3.micro 2 Required Diego Brain t3.small 3 Required Diego Cell r5.xlarge 3 Required Loggregator Traffic Controller t3.micro 2 Required Doppler Server m5.large 3 Required TCP Router t3.micro 0 Optional CredHub r5.large 2 Optional Istio Router r5.large 0 Optional Istio Control r5.large 0 Optional Route Syncer r5.large 0 Optional Ops Manager BOSH Director m5.large 1 Required
Note: If you are deploying a test or sandbox deployment that does not require high availability, then you can scale down the number of VM instances in your deployment. For more information, see Scaling PAS.
- Small Footprint PAS: To run Small Footprint PAS, a new AWS deployment requires:
AWS Requirements VM Name VM Type Default VM Count Minimum HA VM Count Required or Optional VM Small Footprint PAS Compute r5.xlarge 1 3 Required Control r5.xlarge 1 2 Required Database r5.large 1 3 Required Router t3.micro 1 3 Required File Storage m5.large 1 N/A Optional Backup Restore Node t3.micro 1 1 Optional MySQL Monitor t3.micro 1 1 Optional HAProxy t3.micro 0 2 Optional TCP Router t3.micro 0 1 Optional Istio Router r5.large 0 1 Optional Istio Control r5.large 0 2 Optional Route Syncer r5.large 0 1 Optional Ops Manager BOSH Director m5.large 1 N/A Required
- Enterprise PKS: See AWS Prerequisites and Resource Requirements.
- PAS: At a minimum, a new AWS deployment requires the following VMs for PAS:
- The following AWS resources are required for installing Pivotal Platform on AWS with PAS:
- 3 Elastic Load Balancers (ELBs)
- 1 Relational Database Service. As a minimum, Pivotal recommends using a db.m5.xlarge instance with at least 100 GB of allocated storage.
- 5 S3 Buckets
To install Pivotal Platform on AWS, you must:
Increase or remove the VM instance limits in your AWS account. Installing Pivotal Platform requires more than the default 20 concurrent instances. For more information about VM resource requirements, see Requirements.
Configure your AWS account with the appropriate AWS region. For more information about selecting the correct region for your deployment, see Region and Availability Zone Concepts in the AWS documentation.
Install the AWS CLI. Configure the AWS CLI with the user credentials that have admin access to your AWS account. To download the AWS CLI, see AWS CLI.
Configure an AWS EC2 key pair to use with your Pivotal Platform deployment. For more information, see Creating an EC2 Key Pair in the AWS documentation.
Register a wildcard domain for your Pivotal Platform installation. For more information, see SSL/TLS Certificates for Classic Load Balancers in the AWS documentation.
Create an SSL certificate for your Pivotal Platform domain. For more information, see the AWS documentation about SSL certificates.
Note: To deploy Pivotal Platform to a production environment, you must obtain a certificate from a certificate authority. Pivotal recommends using a self-signed certificate generated by Ops Manager for development and testing purposes only.
(PAS-only) Configure sufficient IP allocation. For more information about IP allocation requirements, see PAS Resource Requirements above.
(Optional) (PAS only) Configure external storage. VMware recommends using external storage if possible. For more information about how file storage location affects platform performance and stability during upgrades, see Configure File Storage in Configuring PAS for Upgrades.
(Optional) (PAS and Ops Manager-only) Configure external databases. Pivotal recommends using external databases in production deployments for BOSH Director and PAS. An external database must be configured to use the UTC timezone.
(Optional) (PAS and Ops Manager-only) Configure external user stores. When you deploy Pivotal Platform, you can select a SAML user store for Ops Manager or a SAML or LDAP user store for PAS, to integrate existing user accounts.
To install Pivotal Platform on AWS, see Installing Pivotal Platform on AWS.
The following are additional resources related to installing Pivotal Platform on AWS:
For information about AWS identity and access management, see What is IAM? in the AWS documentation.
For information about users, groups, and roles in AWS, see Identities (Users, Groups, and Roles) in the AWS documentation.
For best practices for managing IaaS users and permissions, see Temporary Security Credentials in the AWS documentation.
For recommendations on how to create and scope AWS accounts for Pivotal Platform, see AWS Permissions Guidelines.
For more information about certificate requirements for installing Pivotal Platform, see Certificate Requirements.