Installing Pivotal Cloud Foundry on AWS

This guide describes how to install Pivotal Cloud Foundry (PCF) on Amazon Web Services (AWS).

Overview

You can install PCF on AWS with either the Pivotal Application Service (PAS) or Pivotal Container Service (PKS) runtime. There are resource requirements specific to each runtime. Ensure you meet the requirements for your runtime and the requirements specific to AWS before installing PCF on AWS.

Requirements

This section lists the following resource requirements for installing PCF on AWS:

PCF Resource Requirements

This section lists PCF resource requirements for installing PCF on AWS. It includes general PCF resource requirements for both the PAS and PKS runtimes.

View one of the following, depending on your PCF runtime:

PAS Resource Requirements

The following are general resource requirements for deploying and managing a PCF deployment with Ops Manager and PAS:

  • PAS requires sufficient IP allocation. The following lists the minimum required IP allocations:
    • One static IP address for either HAProxy or one of your Gorouters
    • One static IP address for each job in the Ops Manager tile. See the Ops Manager Resource Config pane for each tile for a full list.
    • One static IP address for each job listed below:
      • Consul
      • NATS
      • File Storage
      • MySQL Proxy
      • MySQL Server
      • Backup Restore Node
      • HAProxy
      • Router
      • MySQL Monitor
      • Diego Brain
      • TCP Router
    • One IP for each VM instance created by the service.
    • An additional IP address for each compilation worker. Use the following formula to determine the total IPs required: IPs needed = static IPs + VM instances + compilation workers.
    • Pivotal recommends that you allocate at least 36 dynamic IP addresses when deploying Ops Manager and PAS. BOSH requires additional dynamic IP addresses during installation to compile and deploy VMs, install PAS, and connect to services.
  • Pivotal recommends using a network without DHCP for deploying PAS VMs.

    Note: If you have DHCP, refer to the Troubleshooting Guide to avoid issues with your installation.

PKS Resource Requirements

For PKS-specific resource requirements, see AWS Prerequisites and Resource Requirements.

AWS Resource Requirements

The following are AWS-specific resource requirements for installing PCF on AWS with an external database and external file storage:

  • Installing PCF on AWS requires a minimum of the following VM instance limits in your AWS account. The number of VMs required depends on the number of tiles and availability zones you plan to deploy. The following VM guidelines apply to the PAS, Small Footprint PAS, and PKS runtimes:

    • PAS: At a minimum, a new AWS deployment requires the following VMs for PAS:
      AWS Requirements VM Name VM Type Default VM Count Required or Optional VM
      PAS NATS t3.micro 2 Required
      File Storage m5.large 1 Optional
      MySQL Proxy t3.micro 2 Optional
      MySQL Server r5.large 3 Optional
      Backup Restore Node t3.micro 1 Optional
      Diego BBS t3.micro 3 Required
      UAA m5.large 2 Required
      Cloud Controller m5.large 2 Required
      HAProxy t3.micro 0 Optional
      Router t3.micro 3 Required
      MySQL Monitor t3.micro 1 Optional
      Clock Global t3.medium 2 Required
      Cloud Controller Worker t3.micro 2 Required
      Diego Brain t3.small 3 Required
      Diego Cell r5.xlarge 3 Required
      Loggregator Traffic Controller t3.micro 2 Required
      Syslog Adapter t3.micro 3 Required
      Syslog Scheduler t3.micro 2 Required
      Doppler Server m5.large 3 Required
      TCP Router t3.micro 0 Optional
      CredHub r5.large 2 Optional
      Istio Router r5.large 0 Optional
      Istio Control r5.large 0 Optional
      Route Syncer r5.large 0 Optional
      Ops Manager BOSH Director m5.large 1 Required

      Note: If you are deploying a test or sandbox PCF that does not require high availability, then you can scale down the number of VM instances in your deployment. For more information, see Scaling PAS.

    • Small Footprint PAS: To run Small Footprint PAS, a new AWS deployment requires:
      AWS Requirements VM Name VM Type Default VM Count Minimum HA VM Count Required or Optional VM
      Small Footprint PAS Compute r5.xlarge 1 3 Required
      Control r5.xlarge 1 2 Required
      Database r5.large 1 3 Required
      Router t3.micro 1 3 Required
      File Storage m5.large 1 N/A Optional
      Backup Restore Node t3.micro 1 1 Optional
      MySQL Monitor t3.micro 1 1 Optional
      HAProxy t3.micro 0 2 Optional
      TCP Router t3.micro 0 1 Optional
      Istio Router r5.large 0 1 Optional
      Istio Control r5.large 0 2 Optional
      Route Syncer r5.large 0 1 Optional
      Ops Manager BOSH Director m5.large 1 N/A Required

    • PKS: See AWS Prerequisites and Resource Requirements.
  • The following AWS resources are required for installing PCF on AWS with PAS:

    • 3 Elastic Load Balancers (ELBs)
    • 1 Relational Database Service. As a minimum, Pivotal recommends using a db.m5.xlarge instance with at least 100 GB of allocated storage.
    • 5 S3 Buckets

Prerequisites

To install PCF on AWS, you must do the following:

  • Increase or remove the VM instance limits in your AWS account. Installing PCF requires more than the default 20 concurrent instances. For more information about VM resoure requirements, see Requirements.

  • Configure your AWS account with the appropriate AWS region. For more information about selecting the correct region for your deployment, see Region and Availability Zone Concepts in the AWS documentation.

  • Install the AWS CLI. Configure the AWS CLI with the user credentials that have admin access to your AWS account. To download the AWS CLI, see AWS CLI.

  • Configure an AWS EC2 key pair to use with your PCF deployment. For more information, see Creating an EC2 Key Pair in the AWS documentation.

  • Register a wildcard domain for your PCF installation. For more information, see SSL/TLS Certificates for Classic Load Balancers in the AWS documentation.

  • Create an SSL certificate for your PCF domain. For more information, see the AWS documentation about SSL certificates.

    Note: To deploy PCF to a production environment, you must obtain a certificate from a certificate authority. Pivotal recommends using a self-signed certificate generated by Ops Manager for development and testing purposes only.

  • (PAS-only) Configure sufficient IP allocation. For more information about IP allocation requirements, see PAS Resource Requirements.

  • (Optional) (PAS-only) Configure external storage. Pivotal recommends using external storage if possible. For more information about how file storage location affects platform performance and stability during upgrades, see Configure File Storage.

  • (Optional) (PAS and Ops Manager-only) Configure external databases. Pivotal recommends using external databases in production deployments for BOSH Director and PAS. An external database must be configured to use the UTC timezone.

  • (Optional) (PAS and Ops Manager-only) Configure external user stores. When you deploy PCF, you can select a SAML user store for Ops Manager or a SAML or LDAP user store for PAS, to integrate existing user accounts.

Install PCF on AWS

You can install PCF on AWS either manually or using Terraform.

To install PCF on AWS, do one of the following:

Additional Resources

The following are additional resources related to installing PCF on AWS: