Chapter 3. Installing RHEL AI on AWS


To install and deploy Red Hat Enterprise Linux AI on AWS, you must first convert the RHEL AI image into an Amazon Machine Image (AMI). In this process, you create the following resources:

  • An S3 bucket with the RHEL AI image
  • AWS EC2 snapshots
  • An AWS AMI
  • An AWS instance

3.1. Converting the RHEL AI image to an AWS AMI

Before deploying RHEL AI on an AWS machine, you must set up a S3 bucket and convert the RHEL AI image to a AWS AMI.

Prerequisites

Procedure

  1. Install the AWS command-line tool by following the AWS documentation
  2. You need to create a S3 bucket and set the permissions to allow image file conversion to AWS snapshots.

    1. Create the necessary environment variables by running the following commands:

      $ export BUCKET=<custom_bucket_name>
      $ export RAW_AMI=nvidia-bootc.ami
      $ export AMI_NAME="rhel-ai"
      $ export DEFAULT_VOLUME_SIZE=1000
      Note

      On AWS, the DEFAULT_VOLUME_SIZE is measured GBs.

    2. You can create an S3 bucket by running the following command:

      $ aws s3 mb s3://$BUCKET
    3. You must create a trust-policy.json file with the necessary configurations for generating a S3 role for your bucket:

      $ printf '{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "vmie.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals":{ "sts:Externalid": "vmimport" } } } ] }' > trust-policy.json
    4. Create an S3 role for your bucket that you can name. In the following example command, vmiport is the name of the role.

      $ aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
    5. You must create a role-policy.json file with the necessary configurations for generating a policy for your bucket:

      $ printf '{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "s3:GetBucketLocation", "s3:GetObject", "s3:ListBucket" ], "Resource":[ "arn:aws:s3:::%s", "arn:aws:s3:::%s/*" ] }, { "Effect":"Allow", "Action":[ "ec2:ModifySnapshotAttribute", "ec2:CopySnapshot", "ec2:RegisterImage", "ec2:Describe*" ], "Resource":"*" } ] }' $BUCKET $BUCKET > role-policy.json
    6. Create a policy for your bucket by running the following command:

      $ aws iam put-role-policy --role-name vmimport --policy-name vmimport-$BUCKET --policy-document file://role-policy.json
  3. Now that your S3 bucket is set up, you need to download the RAW image from Red Hat Enterprise Linux AI download page
  4. Copy the RAW image link and add it to the following command:

    $ curl -Lo disk.raw <link-to-raw-file>
  5. Upload the image to the S3 bucket with the following command:

    $ aws s3 cp disk.raw s3://$BUCKET/$RAW_AMI
  6. Convert the image to a snapshot and store it in the task_id variable name by running the following commands:

    $ printf '{ "Description": "my-image", "Format": "raw", "UserBucket": { "S3Bucket": "%s", "S3Key": "%s" } }' $BUCKET $RAW_AMI > containers.json
    $ task_id=$(aws ec2 import-snapshot --disk-container file://containers.json | jq -r .ImportTaskId)
  7. You can check the progress of the disk image to snapshot conversion job with the following command:

    $ aws ec2 describe-import-snapshot-tasks --filters Name=task-state,Values=active
  8. Once the conversion job is complete, you can get the snapshot ID and store it in a variable called snapshot_id by running the following command:

    $ snapshot_id=$(aws ec2 describe-import-snapshot-tasks | jq -r '.ImportSnapshotTasks[] | select(.ImportTaskId=="'${task_id}'") | .SnapshotTaskDetail.SnapshotId')
  9. Add a tag name to the snapshot, so it’s easier to identify, by running the following command:

    $ aws ec2 create-tags --resources $snapshot_id --tags Key=Name,Value="$AMI_NAME"
  10. Register an AMI from the snapshot with the following command:

    $ ami_id=$(aws ec2 register-image  \
        --name "$AMI_NAME" \
        --description "$AMI_NAME" \
        --architecture x86_64 \
        --root-device-name /dev/sda1 \
        --block-device-mappings "DeviceName=/dev/sda1,Ebs={VolumeSize=${DEFAULT_VOLUME_SIZE},SnapshotId=${snapshot_id}}" \
        --virtualization-type hvm \
        --ena-support \
        | jq -r .ImageId)
  11. You can add another tag name to identify the AMI by running the following command:

    $ aws ec2 create-tags --resources $ami_id --tags Key=Name,Value="$AMI_NAME"

3.2. Deploying your instance on AWS using the CLI

You can launch the AWS instance with your new RHEL AI AMI from the AWS web console or the CLI. You can use whichever method of deployment you want to launch your instance. The following procedure displays how you can use the CLI to launch your AWS instance with the custom AMI.

If you choose to use the CLI as a deployment option, there are several configurations you have to create, as shown in "Prerequisites".

Prerequisites

  • You created your RHEL AI AMI. For more information, see "Converting the RHEL AI image to an AWS AMI".
  • You have the AWS command-line tool installed and is properly configured with your aws_access_key_id and aws_secret_access_key.
  • You configured your Virtual Private Cloud (VPC).
  • You created a subnet for your instance.
  • You created a SSH key-pair.
  • You created a security group on AWS.

Procedure

  1. For various parameters, you need to gather the ID of the variable.

    1. To access the image ID, run the following command:

      $ aws ec2 describe-images --owners self
    2. To access the security group ID, run the following command:

      $ aws ec2 describe-security-groups
    3. To access the subnet ID, run the following command:

      $ aws ec2 describe-subnets
  2. Populate environment variables for when you create the instance

    $ instance_name=rhel-ai-instance
    $ ami=<ami-id>
    $ instance_type=<instance-type-size>
    $ key_name=<key-pair-name>
    $ security_group=<sg-id>
    $ disk_size=<size-of-disk>
  3. Create your instance using the variables by running the following command:

    $ aws ec2 run-instances \
        --image-id $ami \
        --instance-type $instance_type \
        --key-name $key_name \
        --security-group-ids $security_group \
        --subnet-id $subnet \
        --block-device-mappings DeviceName=/dev/sda1,Ebs='{VolumeSize='$disk_size'}' \
        --tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value='$instance_name'}]'

User account

The default user account in the RHEL AI AMI is cloud-user. It has all permissions via sudo without password.

Verification

  • To verify that your Red Hat Enterprise Linux AI tools are installed correctly, you need to run the ilab command:

    $ ilab

    Example output

    $ ilab
    Usage: ilab [OPTIONS] COMMAND [ARGS]...
    
      CLI for interacting with InstructLab.
    
      If this is your first time running ilab, it's best to start with `ilab
      config init` to create the environment.
    
    Options:
      --config PATH  Path to a configuration file.  [default:
                     /home/cloud--user/.config/instructlab/config.yaml]
      -v, --verbose  Enable debug logging (repeat for even more verbosity)
      --version      Show the version and exit.
      --help         Show this message and exit.
    
    Commands:
      config    Command Group for Interacting with the Config of InstructLab.
      data      Command Group for Interacting with the Data generated by...
      model     Command Group for Interacting with the Models in InstructLab.
      system    Command group for all system-related command calls.
      taxonomy  Command Group for Interacting with the Taxonomy of InstructLab.
    
    Aliases:
      chat      model chat
      convert   model convert
      diff      taxonomy diff
      download  model download
      evaluate  model evaluate
      generate  data generate
      init      config init
      list      model list
      serve     model serve
      sysinfo   system info
      test      model test
      train     model train

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.