The DuploCloud platform installs in an EC2 instance within your AWS account. It can be accessed using a web interface, API, or Terraform provider.

You can log in to the DuploCloud portal, using single sign-on (SSO), with your GSuite or O365 login.

Before You Begin

Before getting started, complete the following steps:

• Read the DuploCloud Platform Overview and learn about DuploCloud terms like Infrastructure, Plan, and Tenant

• Set up the DuploCloud Portal

• Read the Access Control section and ensure at least one person has administrator access

• Connect to the DuploCloud Slack channel for support from the DuploCloud team

• Route 53 Hosted Zone

• ACM Certificate

• Shell access for Docker or ECS

• VPN setup

• Connect to the VPN

• For Kubernetes prerequisites, see the DuploCloud Kubernetes User Guide.

The DuploCloud Platform needs a wild character AWS Certificate Manager (ACM) certificate corresponding to the domain for the Route 53 Hosted Zone.

For example, if the Route 53 Hosted Zone created is apps.acme.com, the ACM certificate specifies *.apps.acme.com. You can add additional domains to this certificate (for example, *.acme.com).

The ACM certificate is used with AWS Elastic Load Balancers (ELBs) created during DuploCloud application deployment. Follow this AWS guide to issue an ACM certificate.

Once the certificate is issued, add the Amazon Resource Name (ARN) of the certificate to the DuploCloud Plan (starting with the DEFAULT Plan) so that it is available to subsequent configurations

Adding an ACM Certificate with ARN to a DuploCloud Plan

1. In the DuploCloud Platform, navigate to Administrator -> Plans. The Plans page displays.

2. Select the default Plan from the NAME column.

3. Click the Certificates tab.

4. Click Add.

5. In the Name field, enter a certificate name.

6. In the Certificate ARN field, enter the ARN.

7. Click Create. The ACM Certificate with ARN is created.

Enabling Automatic AWS ACM Certificate Creation

Configure DuploCloud to automatically generate Amazon Certificate Manager (ACM) certificates for your Plan's DNS.

1. From the DuploCloud portal, navigate to Administrator -> Systems Settings.

2. Select the System Config tab, and click Add. The Add Config pane displays.

3. From the Config Type list box, select Flags.

4. From the Key list box, select Other.

5. In the Key field that displays, enter enabledefaultdomaincert.

6. In the Value list box, select True.

7. Click Submit. DuploCloud automatically generates Amazon Certificate Manager (ACM) certificates for your Plan's DNS.

This Quick Start tutorial shows you how to set up an end-to-end cloud deployment. You will create DuploCloud Infrastructure and Tenants and, by the end of this tutorial, you can view a deployed sample web application.

Estimated time to complete tutorial: 75-95 minutes.

AWS Tutorial Roadmap

When you complete the AWS Quick Start Tutorial, you have three options or paths, as shown in the table below.

EKS (Elastic Kubernetes Service): Create a Service in DuploCloud using AWS Elastic Kubernetes Service and expose it using a Load Balancer within DuploCloud.

ECS (AWS Elastic Container Service): Create an app and Service in DuploCloud using AWS Elastic Container Service.

Native Docker: Create a Service in Docker and expose it using a Load Balancer within DuploCloud.

For information about the differences between these methods and to help you choose which method best suits your needs, skills, and environments, see this AWS blog and Docker documentation.

* Optional

AWS Video Demo

Click the card below to watch DuploCloud video demos.

Creating an AWS EKS Service uses technologies from AWS and the Kubernetes open-source container orchestration system.

Kubernetes uses worker nodes to distribute workloads within a cluster. The cluster automatically distributes the workload among its nodes, enabling seamless scaling as required system resources expand to support your applications.

Estimated time to complete Step 4: 5 minutes.

Prerequisites

Before creating a Host (essentially a Virtual Machine), verify that you completed the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both named NONPROD.

• The NONPROD infrastructure has EKS Enabled.

• A Tenant named dev01 has been created.

Select the Tenant You Created

In the Tenant list box, select the dev01 Tenant that you created.

Creating a Host

1. In the DuploCloud Portal, navigate to Cloud Services -> Hosts. The Hosts page displays.

2. In the EC2 tab, click Add. The Add Host page displays.

3. In the Friendly Name field, enter host01.

4. In the Instance Type list box, select 2 CPU 4 GB - t3a.medium.

5. Select the Advanced Options checkbox to display advanced configuration fields.

6. From the Agent Platform list box, select EKS Linux.

7. From the Image ID list box, select any Image ID with an EKS prefix (for example, EKS-Oregon-1.23).

8. Click Add. The Host is created, initialized, and started. In a few minutes, when the Status displays Running, the Host is available for use.

Checking Your Work

1. In the DuploCloud Portal, navigate to Cloud Services -> Hosts.

2. Select the EC2 tab.

3. Verify that the Host status is Running.

The DuploCloud Platform needs a unique Route 53 hosted zone to create DNS entries for Services that you deploy. The domain must be created out-of-band and set in DuploCloud. The zone is a subdomain such as apps.[MY-COMPANY].com.

Creating a Route 53 Hosted Zone Using AWS Console

1. Log in to AWS Console.

2. Navigate to Route 53 and Hosted Zones.

3. Create a new Route53 Hosted Zone with the desired domain name, for example, apps.acme.com.

4. Access the Hosted Zone and note the name server names.

5. Go to your root domain provider's site (e.g., acme.com), and create an NS record that references the domain name of the Hosted Zone you created (apps.acme.com). Add the zone name to the name servers that you noted above.

Once this is complete, provision the Route53 domain in every DuploCloud Plan, starting with the DEFAULT Plan. Add the Route53 Hosted Zone ID and domain name, preceded with a dot (.).

The Default Tenant in DuploCloud is the central management space for platform-wide resources and configurations, including monitoring and logging. Enabling logging in the Default Tenant deploys comprehensive Control Plane monitoring. This deployment uses OpenSearch and Kibana to retrieve and display log data. Once logging is enabled for the Default Tenant, you can enable logging for non-Default Tenants and configure logging per Tenant.

Prerequisites

• If needed, make changes to the Control Plane Configuration. You cannot modify the Control Plane Configuration after you set up logging.

• If needed, customize Elastic Filebeat logging. Docker applications use stdout to write log files, collect logs, place them in the Host directory, mount them into Filebeat containers, and send them to AWS Elasticsearch. If you need to customize log collection using folders other than stdout, follow this procedure. Log collection cannot be customized after logging is set up.

Enabling Default-Tenant Logging

1. From the Tenant list box at the top of the DuploCloud Portal, select the Default Tenant.

2. In the DuploCloud Portal, navigate to Administrator -> Observability -> Basic -> Settings, and select the Logging tab.

3. Click the Enable Logging link. The Enable Logging page displays.

4. In the Select Tenant list box, select Default.

5. In the Cert ARN field, enter the ARN certificate for the Default Tenant.

1. Enter the number of days to retain logs in the Log Retention in Index (Days) field.

2. Click Submit. Data gathering takes about fifteen (15) minutes. When data gathering is complete, graphical logging data is displayed on the Logging tab.

Once logging is enabled for the Default Tenant, you can enable logging for other Tenants.

How DuploCloud Configures Logging

When you perform the steps above to configure logging, DuploCloud does the following:

Control Plane deployment

1. An EC2 Host is added in the default Tenant, for example, duploservices-default-oc-diagnostics.

2. Services are added in the default Tenant, one for OpenSearch and one for Kibana. Both services are pinned to the EC2 host using allocation tags. Kibana is set up to point to ElasticSearch and exposed using an internal load balancer.

3. Security rules from within the internal network to port 443 are added in the default Tenant to allow log collectors that run on Tenant hosts to send logs to ElasticSearch.

Log Collector deployment

1. A Filebeat service (filebeat-duploinfrasvc) is deployed for each Tenant where central logging is enabled.

2. The /var/lib/docker/Containers are mounted from the Host into the Filebeat container. The Filebeat container references ElasticSearch, which runs in the Default Tenant. Inside the container, Filebeat is configured so that every log line is added with metadata information consisting of the Tenant name, Service names, Container ID, and Hostname, enabling ease of search using these parameters with ElasticSearch.

DuploCloud integrates with OpenVPN by provisioning VPN users that you add to the DuploCloud Portal. OpenVPN setup is a comprehensive process that includes accepting OpenVPN, provisioning the VPN, adding users, and managing connection limits to accommodate a growing team.

Accepting OpenVPN

Accept OpenVPN Free Tier (Bring Your Own License) in the AWS Marketplace:

1. Log into your AWS account. In the console, navigate to: https://aws.amazon.com/marketplace/pp?sku=f2ew2wrz425a1jagnifd02u5t.

2. Accept the agreement. Other than the regular EC2 instance cost, no additional license costs are added.

Provisioning the VPN

1. In the DuploCloud Portal, navigate to Administrator -> System Settings.

2. Select the VPN tab.

3. Click Provision VPN.

After the OpenVPN is provisioned, it is ready to use. DuploCloud automates the setup by launching a CloudFormation script to provision the OpenVPN.

Managing VPN Connection Limits

To support a growing team, you may need to increase the number of VPN connections. This can be achieved by purchasing a larger license from your VPN provider. Once acquired, update the license key in the VPN's web user interface through the DuploCloud team's assistance. Ensure the user count settings in the VPN reflect the new limit and verify team access to manage these changes efficiently.

Adding or Deleting a VPN User

For instructions to add or delete a VPN user, refer to the DuploCloud User Administration documentation.

Opening a VPN Port

To enable users connected to the VPN to access various services, including databases and ElastiCache, specific ports must be opened:

1. In the DuploCloud Portal, navigate to Administrator -> Tenants.

2. Select the Tenant from the NAME column.

3. Click the Security tab.

4. Click Add. The Add Tenant Security pane displays.

5. From the Source Type list box, select IP Address.

6. From the IP CIDR list box, select your IP CIDR.

7. Click Add.

This comprehensive guide ensures your VPN setup is not only up and running but also scalable to meet the needs of your growing team.

Enable and access shells for your DuploCloud Docker, EKS, and ECS containers directly through the DuploCloud Portal. This provides quick and easy access for managing and troubleshooting your containerized environments.

Native Docker Shell Access

Enabling the Shell for Docker

1. In the DuploCloud Portal, navigate to Docker -> Services.

2. From the Docker list box, select Enable Docker Shell. The Start Shell Service pane displays.

1. In the Platform list box, select Docker Native.

2. From the Certificate list box, select your certificate.

3. From the Visibility list box, select Public or Internal.

4. Click Update. DuploCloud provisions the dockerservices-shell Service, enabling you to access your Docker container shell.

Accessing the Shell for Docker

1. From the DuploCloud portal, navigate to Docker -> Containers.

3. Select Container Shell. A shell session launches directly into the running container.

EKS Shell Access

Enabling the Shell for Kubernetes

1. In the Tenant list box, select the Default Tenant.

2. In the DuploCloud Portal, navigate to Docker -> Services.

3. Click the Docker button, and select Enable Docker Shell. The Start Shell Service pane displays.

1. In the Platform list box, select Kubernetes.

2. In the Certificate list box, select your certificate.

3. In the Visibility list box, select Public or Internal.

4. Click Update. DuploCloud provisions the dockerservices-shell Service, enabling you to access your Kubernetes container shell.

Accessing the Shell for Kubernetes

1. From the DuploCloud Portal, navigate to Kubernetes -> Services.

2. Click the KubeCtl Shell button. The Kubernetes shell launches in your browser.

ECS Shell Access

Accessing the Shell for ECS

1. From the DuploCloud Portal, navigate to Cloud Services -> ECS. The ECS Task Definition page displays.

2. Select the name from the TASK DEFINITION FAMILY NAME column.

3. Select the Tasks tab.

4. In the row of the task you want to access, click the actions icon (>_).

5. Select the Task Shell option. The ECS task shell launches in your browser.

An AWS RDS is a managed Relational Database Service that is easy to set up and maintain in DuploCloud for AWS public cloud environments. RDSs support many databases including MySQL, PostgreSQL, MariaDB, Oracle BYOL, or SQL Server.

See the DuploCloud AWS Database documentation for more information.

Estimated time to complete Step 3: 5 minutes.

Prerequisites

Before creating an RDS, verify that you accomplished the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both with the name NONPROD.

• The NONPROD infrastructure has Kubernetes (EKS or ECS) Enabled.

• A Tenant with the name dev01 has been created.

Creating an RDS Database

1. In the Tenant list box, select the dev01 Tenant that you created.

2. Navigate to Cloud Services -> Database.

3. Select the RDS tab, and click Add. The Create a RDS page displays.

4. From the table below, enter the values that correspond to the fields on the Create a RDS page. Accept default values for fields not specified.

5. Click Create. The database displays with a status of Submitted in the RDS tab. Database creation takes approximately ten (10) minutes.

Validating RDS Database Creation

You can monitor the status of database creation using the RDS tab and the Status column.

When the database status reads Available on the RDS tab on the Database page, the database's endpoint is ready for connection to a DuploCloud Service, which you create and start in the next step.

Troubleshooting Database Creation Failures

• Invalid passwords - Passwords cannot have special characters like quotes, @, commas, etc. Use a combination of uppercase and lowercase letters and numbers.

• Invalid encryption - Encryption is not supported for small database instances (micro, small, or medium).

Verifying Database Endpoints

1. In the RDS tab, select the DUPLODOCS database you created.

2. Note the database endpoint, the name, and credentials. For security, the database is automatically placed in a private subnet to prevent access from the internet. Access to the database is automatically set up for all resources (EC2 instances, containers, Lambdas, etc.) in the DuploCloud dev01 Tenant. You need the endpoint to connect to the database from an application running in the EC2 instance.

Checking your work

When your database is available and you have verified the endpoint, choose one of these three paths to create a DuploCloud Service and continue this tutorial.

• Creating an AWS EKS Service in DuploCloud running Docker containers

• Creating an AWS ECS Service in DuploCloud running Docker containers

• Creating a DuploCloud native Docker Service

Now that the Infrastructure and Plan exist and a Kubernetes EKS or ECS cluster has been enabled, create one or more Tenants that use the configuration DuploCloud created.

Tenants in DuploCloud are similar to projects or workspaces and have a subordinate relationship to the Infrastructure. Think of the Infrastructure as a virtual "house" (cloud), with Tenants conceptually "residing" in the Infrastructure performing specific workloads that you define. As Infrastructure is an abstraction of a Virtual Private Cloud, Tenants abstract the segregation created by a Kubernetes Namespace, although Kubernetes Namespaces are only one component that Tenants can contain.

In AWS, cloud features such as IAM Roles, security groups, and KMS keys are exposed in Tenants, which reference these feature configurations.

Estimated time to complete Step 2: 10 minutes.

Tenant Use Cases

DuploCloud customers often create at least two Tenants for their production and non-production cloud environments (Infrastructures).

For example:

• Production Infrastructure

  • Pre-production Tenant - for preparing or reviewing production code

  • Production Tenant - for deploying tested code

• Non-production Infrastructure

  • Development Tenant - for writing and reviewing code

  • Quality Assurance Tenant - for automated testing

In larger organizations, some customers create Tenants based on application environments, such as one Tenant for Data Science applications, another for web applications, and so on.

Tenants are sometimes created to isolate a single customer workload, allowing more granular performance monitoring, scaling flexibility, or tighter security. This is referred to as a single-Tenant setup.

Prerequisites

Before creating a Tenant, verify that you accomplished the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both with the name NONPROD.

• The NONPROD infrastructure has Kubernetes (EKS or ECS) Enabled.

Creating a Tenant

Create a Tenant for your Infrastructure and Plan:

1. In the DuploCloud Portal, navigate to Administrator -> Tenants.

2. Click Add. The Create a Tenant pane displays.

3. Enter dev01 in the Name field.

4. Select the Plan that you created in the previous step (NONPROD).

5. Click Create.

Checking Your Work

1. Navigate to Administrator -> Tenants and verify that the dev01 Tenant displays in the list.
2. Navigate to Administrator -> Infrastructure and select dev01 from the Tenant list box. Ensure that the NONPROD Infrastructure appears in the list of Infrastructures with a status of Complete.

In this tutorial step, for the Application Load Balancer (ALB) you created in Step 6, you will:

• Enable access logging to monitor HTTP message details and record incoming traffic data. Access logs are crucial for analyzing traffic patterns and identifying potential threats, but they are not enabled by default. You must manually activate them in the Load Balancer settings.

• Protect against requests that contain invalid headers.

Estimated time to complete Step 7: 5 minutes.

Prerequisites

Before securing a Load Balancer, verify that you accomplished the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both named NONPROD.

• The NONPROD infrastructure has EKS Enabled.

• A Tenant named dev01 has been created.

• A Host named host01 has been created.

• A Service named demo-service has been created.

• An Load Balancer has been created.

Securing the Load Balancer

1. In the Tenant list box, select the dev01 Tenant.

2. In the DuploCloud Portal, navigate to Kubernetes -> Services.

3. From the NAME column, select the Service (demo-service).

4. Click the Load Balancers tab.

5. In the Other Settings card, click Edit. The Other Load Balancer Settings pane displays.

1. In the Web ACL list box, select None, because you are not connecting a Web Application Firewall.

2. Select the Enable Access Logs and Drop Invalid Headers options.
3. Accept the Idle Timeout default setting and click Save. The Other Settings card in the Load Balancers tab is updated with your selections.

Checking Your Work

Verify that the Other Settings card contains the selections you made above for:

• Web ACL - None

• HTTP to HTTPS Redirect - False

• Enable Access Logs - True

• Drop Invalid Headers - True

Enabling access logs enhances the security and monitoring capabilities of your Load Balancer and provides insights into the traffic accessing your application, for a more robust security posture.

Each DuploCloud Infrastructure is a connection to a unique Virtual Private Cloud (VPC) network that resides in a region that can host Kubernetes clusters, EKS or ECS clusters, or a combination of these, depending on your public cloud provider.

After you supply a few basic inputs, DuploCloud creates an Infrastructure within AWS and DuploCloud. Behind the scenes, DuploCloud does a lot with what little you supply, generating the VPC, subnets, NAT Gateway, routes, and EKS or ECS clusters.

With the Infrastructure as your foundation, you can customize an extensible, versatile platform engineering development environment by adding Tenants, Hosts, Services, and more.

Estimated time to complete Step 1: 40 minutes. Much of this time is consumed by DuploCloud's creation of the Infrastructure and enabling your EKS cluster with Kubernetes.

Prerequisites

Before starting this tutorial:

• Learn more about DuploCloud Infrastructures, Plans, and Tenants.

• Reference the Access Control documentation to create User IDs with the Administrator role. To perform the tasks in this tutorial, you must have Administrator privileges.

Creating a DuploCloud Infrastructure

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure.

2. Click Add. The Add Infrastructure page displays.

3. Enter the values from the table below in the corresponding fields on the Add Infrastructure page. Accept default values for fields not specified.

4. Select either the Enable EKS or Enable ECS Cluster option. You will follow different paths in the tutorial for creating Services with EKS, ECS, or DuploCloud Docker.

5. Click Create to create the Infrastructure. It may take up to half an hour to create the Infrastructure. While the Infrastructure is being created, a Pending status is displayed in the Infrastructure page Status column, often with additional information about what part of the Infrastructure DuploCloud is currently creating. When creation completes, a status of Complete displays.

DuploCloud begins creating and configuring your Infrastructure and EKS/ECS clusters using Kubernetes.

Verifying That a Plan Exists for Your Infrastructure

Every DuploCloud Infrastructure generates a Plan. Plans are sets of templates that are used to configure the Tenants or workspaces, in your Infrastructure. You will set up Tenants in the next tutorial step.

Before proceeding, confirm that a Plan exists that corresponds to your newly created Infrastructure.

1. In the DuploCloud Portal, navigate to Administrator -> Plans. The Plans page displays.

2. Verify that a Plan exists with the name NONPROD: the name of the Infrastructure you created.

Checking Your Work

You previously verified that your Infrastructure and Plan were created. Now verify that Kubernetes is enabled before proceeding to create a Tenant.

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays.

2. From the Name column, select the NONPROD Infrastructure.

3. Select the EKS or ECS tab. When Kubernetes has been Enabled for EKS or ECS, details are listed in the respective tab. For EKS, Enabled is displayed on the Kubernetes card. For ECS, the cluster name is listed in the ECS tab.

So far in this DuploCloud AWS tutorial, you created a VPC network with configuration templates (Infrastructure and Plan), an isolated workspace (Tenant), and an RDS database instance (optionally).

Now you need to create a DuploCloud Service on top of your Infrastructure and configure it to run and deploy your application. In this tutorial path, we'll deploy an application using Docker containers and leveraging AWS Elastic Kubernetes Service (EKS).

Alternatively, you can finish this tutorial by:

• Creating an AWS ECS Service in DuploCloud running Docker containers

• Creating a DuploCloud native Docker Service

For a deeper comparison of EKS and ECS, consult this AWS blog.

Estimated time to complete remaining tutorial steps: 30-40 minutes

Deploying an AWS EKS Service in DuploCloud

For the remaining steps in this tutorial, you will:

1. Create a Host (EC2 Instance) to serve as an AWS EKS worker node.

2. Create a Service and application using the premade Docker image: duplocloud/nodejs-hello:latest.

3. Expose the Service by creating and sharing a Load Balancer and DNS name.

4. Test the application.

5. Obtain access to the container shell and kubectl for debugging.

Network Architecture and Configurations

The topology that DuploCloud creates behind the scenes resembles this low-level configuration in AWS.

DuploCloud supports three container orchestration technologies to deploy Docker-container applications in AWS:

• Native EKS

• Native ECS Fargate

• Built-in container orchestration in DuploCloud using EKS/ECS

To deploy your own applications with DuploCloud, you’ll choose a public image or provide credentials for your private repository and configure your Docker Registry credentials in DuploCloud.

This tutorial will guide you through deploying a simple Hello World NodeJS web app using DuploCloud's built-in container orchestration with EKS. We’ll use a pre-built Docker container and access Docker images from a preconfigured Docker Hub.

Estimated time to complete Step 5: 10 minutes.

Prerequisites

Before creating a Service, verify that you completed the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both named NONPROD.

• The NONPROD infrastructure has EKS Enabled.

• A Tenant named dev01 has been created.

• A host named host01 has been created.

Adding a Service

1. In the Tenant list box, select the dev01 Tenant.

2. In the DuploCloud Portal, navigate to Kubernetes -> Services.

3. Click Add. The Add Service page displays.
4. From the table below, enter the values that correspond to the fields on the Add Service page. Accept all other default values for fields not specified.

5. Click Next. The Advanced Options page is displayed.

6. At the bottom of the Advanced Options page, click Create. In about five (5) minutes, the Service will be created and initialized, displaying a status of Running in the Containers tab.

Using Spot Instances (optional)

Follow the steps in Creating Services using Autoscaling Groups. In the Add Service page, Basic Options, Select Tolerate spot instances.

Checking your work

Verify that your DuploCloud Service, demo-service, has a status of Running.

1. In the Tenant list box, select the dev01 Tenant.

2. In the DuploCloud Portal, navigate to Kubernetes -> Services.

3. Click on the Service name (demo-service).

4. On the Containers tab, verify that the current status is Running.

Once the Load Balancer is created, DuploCloud programs an autogenerated DNS Name registered to demo-service in the Route 53 domain. Before you create production deployments, you must create the Route 53 Hosted Zone domain (if DuploCloud has not already created one for you). For this tutorial, it is not necessary to create a domain.

Estimated time to complete Step 8: 5 minutes.

Prerequisites

Before securing a Load Balancer, verify that you completed the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both named NONPROD.

• The NONPROD infrastructure has EKS Enabled.

• A Tenant named dev01 has been created.

• A Host named host01 has been created.

• A Service named demo-service has been created.

• An HTTPS ALB Load Balancer has been created.

Creating a Custom DNS Name

1. In the Tenant list box, select the dev01 Tenant.

2. Navigate to Kubernetes -> Services. The Services page displays.

3. From the Name column, select demo-service.

4. Click the Load Balancers tab. The ALB Load Balancer configuration is displayed.

1. In the DNS Name card, click Edit. The prefix in the DNS Name is editable.

2. Edit the DNS Name and select a meaningful DNS Name prefix.

3. Click Save. A success message briefly displays at the top center of the DuploCloud Portal.

An entry for your new DNS name is now registered with demo-service.

Checking Your Work

1. Navigate to Kubernetes -> Services.

2. From the Name column, select demo-service.

3. Select the Load Balancers tab and verify that the DNS Name card displays your modified DNS Name.

DuploCloud integrates natively with OpenVPN by provisioning VPN users in the Duplocloud Portal. As a DuploCloud user, you can access resources in the private network by connecting to the VPN with the OpenVPN client.

Obtaining VPN Credentials

You can find your VPN credentials on your user profile page in the DuploCloud Portal. It can be accessed by clicking Profile in the user menu on the upper right of the page or through the User menu option on the left.

Setting up the OpenVPN User Profile and Client App

1. Click on the VPN URL link in the VPN Details section of your user profile. Modern browsers will call the link unsafe since it uses a self-signed certificate. Make the necessary selections to proceed.

2. Log into the OpenVPN Access Server user portal using the username and password from the VPN Details section of your DuploCloud user profile page.

1. Click on the OpenVPN Connect Recommended for your device icon to install the OpenVPN Connect app for your local machine.

1. Navigate to your downloads folder, open the OpenVPN Connect file you downloaded in the previous step, and follow the prompts to finish the installation.

2. In the OpenVPN access server dialog box, click on the blue Yourself (user-locked profile) link to download your OpenVPN user profile.

3. Navigate to your Downloads folder and click on the .ovpn file downloaded in the previous step. The Onboarding Tour dialog box displays.

4. In the Onboarding Tour dialog box, click the > button twice. Click Agree and OK as needed to proceed to the Import .ovpn profile dialog box, and click OK.

1. Click OK, and select Connect after import. Click Add in the upper right. If prompted to enter a password, use the password in the VPN Profile area of your user profile page in the DuploCloud Portal. You are now connected to the VPN.

You can test your application directly from the Services page using the DNS status card.

Estimated time to complete Step 9 and finish tutorial: 10 minutes.

Prerequisites

Before testing your application, verify that you accomplished the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both named NONPROD.

• The NONPROD infrastructure has EKS Enabled.

• A Tenant named dev01 has been created.

• A Host named host01 has been created.

• A Service named demo-service has been created.

• An HTTPS Application Load Balancer has been created.

Select the Tenant you created

Testing the Application

1. In the Tenant list box, select the dev01 Tenant.

2. In the DuploCloud Portal, navigate to Kubernetes -> Services. The Services page displays.

3. From the Name column, select demo-service.

4. Click the Load Balancers tab.

5. In the DNS status card, click the Copy Icon ( ) to copy the DNS address displayed to your clipboard.

1. Open a browser instance and Paste the DNS in the URL field of your browser.

2. Press ENTER. A web page with the text Hello World! is displayed, from the JavaScript program residing in your Docker Container running in demo-service, which is exposed to the web by your Load Balancer.

Congratulations! You have just launched your first web service on DuploCloud!

Reviewing What You Learned

In this tutorial, your objective was to create a cloud environment to deploy an application for testing purposes, and to understand how the various components of DuploCloud work together.

The application rendered a simple web page with text, coded in JavaScript, from software application code residing in a Docker container. You can use this same procedure to deploy much more complex cloud applications.

In the previous steps, you:

• Created a DuploCloud Infrastructure named NONPROD: a Virtual Private Cloud instance backed by an EKS-enabled Kubernetes cluster.

• Created a Tenant named dev01 in Infrastructure NONPROD. While generating the Infrastructure, DuploCloud created a set of templates (Plan) to configure multiple AWS and Kubernetes components needed for your environment.

• Created an EC2 host named host01, providing the application with storage resources.

• Created a Service named demo-service to connect the Docker containers and associated images housing your application code to the DuploCloud Tenant environment.

• Created an ALB Load Balancer Listener to expose your application via ports and backend network configurations.

• Verified that your web page rendered as expected by testing the DNS Name exposed by the Load Balancer Listener.

Cleaning Up Your Tutorial Environment

In this tutorial, you created many artifacts for testing purposes. Now that you are finished, clean them up so others can run this tutorial using the same names for Infrastructure and Tenant.

1. To delete the dev01 tenant follow these instructions, then return to this page. As you learned, the Tenant segregates all work in one isolated environment, so deleting the Tenant you created cleans up most of your artifacts.

The NONPROD Infrastructure is deleted and you have completed the clean-up of your test environment.

Thanks for completing this tutorial and proceed to the next section to learn more about using DuploCloud with AWS.

Now that your DuploCloud Service is running, you have a mechanism to expose the containers and images in which your application resides. However, since your containers are inside a private network, you need a Load Balancer listening on the correct ports to access the application.

In this step, we add a Load Balancer Listener to complete the network configuration.

Estimated time to complete Step 6: 10 minutes.

Prerequisites

Before creating a Load Balancer, verify that you completed the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both named NONPROD.

• The NONPROD infrastructure has EKS Enabled.

• A Tenant named dev01 has been created.

• A Host named host01 has been created.

• A Service named demo-service has been created.

Creating a Load Balancer

1. In the Tenant list box, select the dev01 Tenant.

2. In the DuploCloud Portal, navigate to Kubernetes -> Services.

3. From the NAME column, select demo-service.

4. Click the Load Balancers tab.

5. Click the Configure Load Balancer link. The Add Load Balancer Listener pane displays.

6. From the Type list box, select Application LB.

7. In the Container Port field, enter 3000. This is the configured port on which the application inside the Docker Container Image duplocloud/nodejs-hello:latest is running.

8. In the External Port field, enter 80. This is the port through which users will access the web application.

9. From the Visibility list box, select Public.

10. From the Application Mode list box, select Docker Mode.

11. Type / (forward-slash) in the Health Check field to indicate that the cluster we want Kubernetes to perform Health Checks on is located at the root level.

12. In the Backend Protocol list box, select HTTP.

13. Click Add. The Load Balancer is created and initialized. Monitor the LB Status card on the Services page. The LB Status card displays Ready when the Load Balancer is ready for use.

Checking your work

1. In the Tenant list box, select the dev01 Tenant.

2. In the DuploCloud Portal, navigate to Kubernetes -> Services.

3. From the NAME column, select demo-service.

4. Verify that the LB Status card displays a status of Ready.

5. Note the DNS Name of the Load Balancer that you created.

6. In the LB Listeners area of the Services page, note the configuration details of the Load Balancer's HTTP protocol, which you specified, when you added it above.

Before you create your application and service using native Docker, create an EC2 Host for storage in DuploCloud.

Estimated time to complete Step 4: 5 minutes.

Prerequisites

Before creating a Host (essentially a ), verify that you completed the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An exist, both named NONPROD.

• A Tenant named .

Creating a Host

1. In the Tenant list box, select dev01.

2. In the DuploCloud Portal, navigate to Cloud Services -> Hosts. The Hosts page displays.

3. In the EC2 tab, click Add. The Add Host page displays.

4. In the Friendly Name field, enter host01.

5. From the Instance Type list box, select 2 CPU 4 GB - t3a.medium.

6. Select the Advanced Options checkbox to display advanced configuration fields.

7. From the Agent Platform list box, select Linux/Docker Native.

8. From the Image ID list box, select any Docker-Duplo or Ubuntu image.

9. Click Add. The Host is created, initialized, and started. In a few minutes, when the Status displays Running, the Host is available for use.

Checking your work

Verify that host01 has a Status of Running.

You can use the DuploCloud Portal to create a native Docker service without leaving the DuploCloud interface.

Estimated time to complete Step 5: 10 minutes.

Prerequisites

Before creating a Service, verify that you completed the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An exist, both named NONPROD.

• A Tenant named .

• An EC2 Host named .

Creating a Service with Native Docker

1. In the Tenant list box, select dev01.

2. Navigate to Docker -> Services.

3. Click Add. The Add Service Basic Options page displays.

4. In the Service Name field, enter demo-service-d01.

5. From the Platform list box, select Linux/Docker Native.

6. In the Docker Image field, enter duplocloud/nodejs-hello:latest.

7. From the Docker Networks list box, select Docker Default.
8. Click Next. The Advanced Options page displays.

9. Click Create.

Checking Your Work

1. In the Tenant list box, select dev01.

2. Navigate to Docker -> Services.

3. In the NAME column, select demo-service-d01.

4. Check the Current column to verify that demo-service-d01 has a status of Running.

Now that you've created a Task Definition, create a Service, which creates a Task (from the definition) to run your application. A Task is the instantiation of a Task Definition within a cluster. After you create a task definition for your application within Amazon ECS, you can specify multiple tasks to run on your cluster, based on your performance and availability requirements.

Once a Service is created, you must create a Load Balancer to expose the Service on the network. An Amazon ECS service runs and maintains the desired number of tasks simultaneously in an Amazon ECS cluster. If any of your tasks fail or stop, the Amazon ECS service scheduler launches another instance based on parameters specified in your Task Definition. It does so in order to maintain the desired number of tasks created.

Estimated time to complete Step 5: 10 minutes.

Prerequisites

Before creating the ECS Service and Load Balancer, verify that you accomplished the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An exist, both named NONPROD.

• The NONPROD infrastructure has .

• A Tenant named .

• A has been created.

Creating an ECS Service and Load Balancer

1. In the DuploCloud Portal's Tenant list box, select dev01.

2. Navigate to Cloud Services -> ECS.

3. In the Task Definitions tab, select the Task Definition Family Name, DUPLOSERVICES-DEV01-SAMPLE-TASK-DEF. This is the prepended by a unique identifier, which includes your Tenant name (DEV01) and part of your Infrastructure name (ECS-TEST).

4. In the Service Details tab, click the Configure ECS Service link. The Add ECS Service page displays.

1. In the Name field, enter sample-httpd-app as the Service name.

2. In the LB Listeners area, click Add. The Add Load Balancer Listener pane displays.

3. From the Select Type list box, select Application LB.

4. In the Container Port field, enter 3000.

5. In the External Port field, enter 80.

6. From the Visibility list box, select Public.

7. In the Heath Check field, enter /, specifying root, the location of Kubernetes Health Check logs.

8. From the Backend Protocol list box, select HTTP.

9. From the Protocol Policy list box, select HTTP1.

10. Select other options as needed and click Add.

11. On the Add ECS Service page, click Submit.

Checking Your Work

In the Service Details tab, information about the Service and Load Balancer you created is displayed. Verify that the Service and Load Balancer configuration details in the Service Details tab are correct.

This section of the tutorial shows you how to deploy a web application with a DuploCloud Docker Service, by leveraging DuploCloud platform in-built container management capability.

Deploying a DuploCloud Docker Service

Instead of creating a DuploCloud Service using EKS or ECS, you can deploy your application with native Docker containers and services.

To deploy your app with a DuploCloud Docker Service in this tutorial, you:

1. Create an EC2 host instance in DuploCloud.

2. Create a native Docker application and Service.

3. Expose the app to the web with an Application Load Balancer in DuploCloud.

4. Complete the tutorial by testing your application.

Estimated time to complete remaining tutorial steps: 30-40 minutes

Network Architecture and Configurations

Behind the scenes, the topology that DuploCloud creates resembles this low-level configuration in AWS.

This section of the tutorial shows you how to deploy a web application with .

For a full discussion of the benefits of using EKS vs. ECS, consult.

Deploying an AWS ECS Service in DuploCloud

Unlike AWS EKS, creating and deploying services and apps with ECS requires creating a , a blueprint for your application. Once you create a Task Definition, you can run it as a Task or as a Service. In this tutorial, we run the Task Definition as a Service.

To deploy your app with AWS ECS in this ECS tutorial, you:

1. Create a Task Definition using ECS.

2. Create a DuploCloud Service named webapp, backed by a Docker image.

3. Expose the app to the web with a Load Balancer.

4. Complete the tutorial by testing your application.

Estimated time to complete remaining tutorial steps: 30-40 minutes

Network Architecture and Configurations

Behind the scenes, the topology that DuploCloud creates resembles this low-level configuration in AWS.

You enabled ECS cluster creation when you created the . In order to create a Service using ECS, you first need to create a that serves as a blueprint for your application.

Once you create a Task Definition, you can run it as a Task or as a Service. In this tutorial, we run the Task Definition as a Service.

Estimated time to complete Step 4: 10 minutes.

Prerequisites

Before creating an RDS, verify that you completed the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An exist, both named NONPROD.

• The NONPROD infrastructure has .

• A Tenant named .

Creating a Task Definition

1. In the Tenant list box, select the dev01 Tenant.

2. Navigate to Cloud Services -> ECS.

3. In the Task Definition tab, click Add. The Add Task Definition page displays.

1. In the Name field, enter sample-task-def.

2. In the Container - 1 section, in the Container Name field, enter sample-task-def-c1. Container names are required for Docker images in AWS ECS.

3. In the Image field, enter duplocloud/nodejs-hello:latest.

4. From the vCPU list box, select 0.50 vCPU.

5. From the Memory list box, select 1 GB.

6. In the Port Mappings section, in the Port field, enter 3000. Port mappings allow containers to access ports for the host container instance to send or receive traffic.

7. Click Submit.

You can test your application using the DNS Name from the Services page.

Estimated time to complete Step 6 and finish tutorial: 5 minutes.

Prerequisites

Before testing your application, verify that you accomplished the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An exist, both with the name NONPROD.

• The NONPROD infrastructure has .

• A Tenant named .

• A named sample-task-def has been created.

• The sample-httpd-app) and Load Balancer have been created.

Testing the Application

1. In the Tenant list box, select the dev01 Tenant that you created.

2. Navigate to Cloud Services -> ECS.

3. Click the Service Details tab.

4. In the DNS Name card, click the Copy Icon ( ) to copy the DNS address to your clipboard.

1. Open a browser and paste the DNS address in the URL field of your browser.

2. Press ENTER. A web page with the text It works! displays, from the JavaScript program residing in your Docker Container that is running in sample-httpd-app, which is exposed to the web by your Application Load Balancer.

Congratulations! You have just launched your first web service on DuploCloud!

Reviewing What You Learned

In this tutorial, your objective was to create a cloud environment to deploy an application for testing purposes, and to understand how the various components of DuploCloud work together.

The application rendered a simple web page with text, coded in JavaScript, from software application code residing in a Docker container. You can use this same procedure to deploy much more complex cloud applications.

In the previous steps, you:

Cleaning Up Your Tutorial Environment

In this tutorial, you created many artifacts. When you are ready, clean them up so others can run this tutorial using the same names for Infrastructure and Tenant.

The NONPROD Infrastructure is deleted and you have completed the clean-up of your test environment.

This section details common use cases for DuploCloud AWS.

Organization of use cases

Topics in this section are covered in the order of typical usage. Use cases that are foundational to DuploCloud such as Infrastructure, Tenant, and Hosts are listed at the beginning of this section; while supporting use cases such as Cost management for billing, JIT Access, Resource Quotas, and Custom Resource tags appear near the end.

Supported use cases for DuploCloud AWS

• Infrastructure and Plan

• EKS Initial setup and upgrade

• ECS Initial setup

• Tenant

• Hosts and Snapshots

• Auto Scaling host groups

• Kubernetes Jobs and CronJobs

• Auditing

• Logging

• Diagnostics and Metrics

• Faults and alerts

• AWS Console link

• JIT Access

• Cost management for billing

• Resource Quotas

• Big Data and ETL

• Custom Resource (CR) tags

Now that your DuploCloud Service is running, you have a mechanism to expose the containers and images in which your application resides. Since your containers are in a private network, you need a Load Balancer to make the application accessible.

In this step, we add a Load Balancer Listener to complete this network configuration.

Estimated time to complete Step 6: 15 minutes.

Prerequisites

Before creating a Load Balancer, verify that you completed the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both named NONPROD.

• A Tenant named dev01 has been created.

• An EC2 Host named host01 has been created.

• A Service named demo-service-d01 has been created.

Creating a Load Balancer using Native Docker

1. In the Tenant list box, select dev01.

2. Navigate to Docker -> Services.

3. Select the Service demo-service-d01 that you created.

4. Click the Load Balancers tab.

5. Click the Configure Load Balancer link. The Add Load Balancer Listener pane displays.

6. From the Select Type list box, select Application LB.

7. In the Container Port field, enter 3000: the port on which the application running inside the container image (duplocloud/nodejs-hello:latest) is running.

8. In the External Port field, enter 80.

9. From the Visibility list box, select Public.

10. From the Application list box, select Docker Mode.

11. In the Health Check field, enter /, indicating that you want the Kubernetes Health Check logs written to the root directory.

12. From the Backend Protocol list box, select HTTP.

13. Click Add.

When the LB Status card displays Ready, your Load Balancer is running and ready for use.

Securing the Load Balancer

If you want to secure the load balancer created, you can follow the steps specified here.

Creating a Custom DNS Name

You can modify the DNS name by clicking Edit in the DNS Name card in the Load Balancers tab. For additional information see this page.

In the DuploCloud platform, a Kubernetes Cluster maps to a DuploCloud Infrastructure.

Start by creating a new Infrastructure in DuploCloud. When prompted to provide details for the new Infrastructure, select Enable EKS. In the EKS Version field, select the desired release.

Optionally, enable logging and custom EKS endpoints.

The worker nodes and remaining workload setup are described in the Tenant topic.

When the Infrastructure is in the ready state, as indicated by a Complete status, navigate to Kubernetes -> Services and select the Infrastructure from the NAME column to view the Kubernetes configuration details, including the token and configuration for kubectl.

When you create Tenants in an Infrastructure, a namespace is created in the Kubernetes cluster with the name duploservices-TENANT_NAME

Creating an Infrastructure

1. From the DuploCloud Portal, navigate to Administrator -> Infrastructure.

2. Click Add.

3. Define the Infrastructure by completing the fields on the Add Infrastructure form.

4. Select Enable EKS to enable EKS for the Infrastructure, or select Enable ECS Cluster to enable an ECS Cluster during Infrastructure creation.

5. Optionally, select Advanced Options to specify additional configurations (such as Public and Private CIDR Endpoints).

6. Click Create. The Infrastructure is created and listed on the Infrastructure page. DuploCloud automatically creates a Plan (with the same Infrastructure name) with the Infrastructure configuration.

Viewing Infrastructure settings

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays.

2. From the Name column, select the Infrastructure containing settings that you want to view.

3. Click the Settings tab. The Infrastructure settings display.

Configuring EKS features (optional)

You can customize your EKS configuration:

• Add VPC endpoints.

• Enable EKS endpoints, logs, Cluster Autoscaler, and more. For information about configuration options, see these EKS Setup topics.

Configuring ECS features (optional)

You can customize your ECS configuration. See the ECS Setup topic for information about configuration options.

Test the application to ensure you get the results you expect.

Estimated time to complete Step 7 and finish tutorial: 5 minutes.

Prerequisites

Before testing your application, verify that you completed the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both named NONPROD.

• A Tenant named dev01 has been created.

• An EC2 Host named host01 has been created.

• A Service named demo-service-d01 has been created.

• A Load Balancer has been created.

Testing the Application

1. In the Tenant list box, select dev01.

2. Navigate to Docker -> Services. The Services page displays.

3. From the Name column, select demo-service-d01.

4. Click the Load Balancers tab. The Application Load Balancer configuration is displayed.

5. In the DNS status card on the right side of the Portal, click the Copy Icon ( ) to copy the DNS address displayed to your clipboard.
6. Open a browser instance and paste the DNS in the URL field of your browser.

7. Press ENTER. A web page with the text Hello World! is displayed, from the JavaScript program residing in your Docker Container running in demo-service-d01, which is exposed to the web by your Load Balancer.

Congratulations! You have just launched your first web service on DuploCloud!

Reviewing What You Learned

In this tutorial, your objective was to create a cloud environment to deploy an application for testing purposes, and to understand how the various components of DuploCloud work together.

The application rendered a simple web page with text, coded in JavaScript, from software application code residing in a Docker container. You can use this same procedure to deploy much more complex cloud applications.

In the previous steps, you:

• Created a DuploCloud Infrastructure named NONPROD, a Virtual Private Cloud instance, backed by an AKS-enabled Kubernetes cluster.

• Created a Tenant named dev01 in Infrastructure NONPROD. While generating the Infrastructure, DuploCloud created a set of templates (Plan) to configure multiple Azure and Kubernetes components needed for your environment.

• Created an EC2 host named host01, so your application has storage resources.

• Created a Service named demo-service-d01 to connect the Docker containers and associated images, in which your application code resides, to the DuploCloud Tenant environment.

• Created an ALB Load Balancer Listener to expose your application via ports and backend network configurations.

• Verified that your web page rendered as expected by testing the DNS Name exposed by the Load Balancer Listener.

Cleaning Up Your Tutorial Environment

In this tutorial, you created many artifacts for testing purposes. Clean them up so others can run this tutorial using the same names for Infrastructure and Tenant.

1. To delete the dev01 tenant follow these instructions, then return to this page. As you learned, the Tenant segregates all work in one isolated environment, so deleting the Tenant that you created cleans up most of your artifacts.

The NONPROD Infrastructure is deleted and you have completed the clean-up of your test environment.

Thanks for completing this tutorial and proceed to the next section to learn more about using DuploCloud with AWS.

Configuring Cluster Autoscaler for your Infrastructure

The Cluster AutoScaler automatically adjusts the number of nodes in your cluster when Pods fail or are rescheduled onto other nodes.

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays.

2. From the NAME column, select the Infrastructure with which you want to use Cluster AutoScaler.

3. Click the Settings tab.

4. Click Add. The Add Infra - Set Custom Data pane displays.

5. From the Setting Name list box, select Cluster Autoscaler.

6. Select Enable to enable EKS.

7. Click Set. Your configuration is displayed in the Settings tab.

AWS SDKs and the AWS Command Line Interface (AWS CLI) automatically use the default public endpoint for each service in an AWS Region. However, when you create an Infrastructure in DuploCloud, you can specify a custom Private endpoint, a custom Public endpoint, or Both public and private custom endpoints. If you specify no endpoints, the default Public endpoint is used.

For more information about AWS Endpoints, see the .

Specifying public and private endpoints

1. Follow the steps in the section . Before clicking Create, specify EKS Endpoint Visibility.

2. From the EKS Endpoint Visibility list box, select Public, Private, or Both public and private. If you select private or Both public and private, the Allow VPN Access to the EKS Cluster option is enabled.

3. Click Advanced Options.

4. Using the Private Subnet CIDR and Public Subnet CIDR fields, specify CIDRs for alternate public and private endpoints.

5. Click Create.

Changing VPN visibility from public to private (optional)

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays.

2. From the NAME column, select the Infrastructure.

3. Click the Settings tab.

5. From the Setting Name list box, select Enable VPN Access to EKS Cluster.

6. Select Enable to enable VPN.

Changing EKS endpoint visibility (optional)

To modify the visibility for EKS endpoints you have already created:

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays.

2. From the Name column, select the Infrastructure for which you want to modify EKS endpoints.

3. Click the Settings tab.

5. From the Setting Value list box, select the desired type of visibility for endpoints (private, public, or both).

6. Click Set.

Setting up an Infrastructure that uses ECS is similar to creating an , except that during creation, instead of selecting Enable EKS, you select Enable ECS Cluster.

For more information about ECS Services, see the documentation.

Enabling EKS logging while creating an Infrastructure

Follow the steps in the section . In the EKS Logging list box, select one or more ControlPlane Log types.

Enabling EKS logging for an existing Infrastructure

Enable EKS logging for an Infrastructure that you have already created.

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure.

2. From the NAME column, select the Infrastructure for which you want to enable EKS logging.

3. Click the Settings tab.

4. Click Add. The Infra - Set Custom Data pane displays.

5. From the Setting Name list box, select EKS ControlPlane Logs.

6. In the Setting Value field, enter: api;audit;authenticator;controllerManager;scheduler

7. Click Set. The EKS ControlPlane Logs setting is displayed in the Settings tab.

An AWS creates a private connection to supported AWS services and VPC endpoint services powered by AWS PrivateLink. Amazon VPC instances do not require public IP addresses to communicate with the resources of the service. Traffic between an Amazon VPC and a service does not leave the Amazon network.

VPC endpoints are virtual devices. They are horizontally scaled, redundant, and highly available Amazon VPC components that allow communication between instances in an Amazon VPC and services without imposing availability risks or bandwidth constraints on network traffic. There are two types of VPC endpoints, , and .

DuploCloud allows you to specify predefined AWS endpoints for your Infrastructure in the DuploCloud Portal.

Adding VPC endpoints to a Duplocloud Infrastructure

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays.

2. Select the Infrastructure to which you want to add VPC endpoints.

3. Click the Endpoints tab.

4. Click Add. The Infra - Create VPC Endpoints pane displays.

5. From the VPC Endpoint Service list box, select the endpoint service you want to add.

6. Click Create. In the Endpoints tab, the VPC Endpoint ID of your selected service displays.

To generate logs for AWS ECS clusters, you must first create an Elasticsearch logging container. Once auditing is enabled, your container logging data can be captured for analysis.

Prerequisites

• Define at least one .

• Enable the feature.

Enabling ECS ElasticSearch logging

1. In the DuploCloud Portal, navigate to Administrator -> Tenant. The Tenant page displays.

2. From the Name column, select the Tenant that is running the container for which you want to enable logging.

3. Click the Settings tab.

4. Click Add. The Add Tenant Feature pane displays.

5. From the Select Feature list box, select Other. The Configuration field displays.

6. In the Configuration field, enter Enable ECS ElasticSearch Logging.

7. In the field below the Configuration field, enter True.

8. Click Add. In the Settings tab, Enable ECS ElasticSearch Logging displays a Value of True.

Verifying ECS logging is enabled

You can verify that ECS logging is enabled for a specific container.

1. In the DuploCloud Portal, navigate to Cloud Services -> ECS.

2. In the Task Definitions tab, select the Task Definition Family Name in which your container is defined.
3. Click the Task Definitions tab.

In the Container - 1 area, in the Container Other Config field, your LogConfiguration is displayed.

In the Container-2 area, another container is created by DuploCloud with the name log_router.

Once you have the Infrastructure (Networking, Kubernetes cluster, and other standard configurations) and an environment (Tenant) set up, the next step is to launch EC2 virtual machines (VMs). You create VMs to be:

• EKS Worker Nodes

• Worker Nodes (Docker Host), if the built-in container orchestration is used.

You also create VMs if Regular nodes are not part of any container orchestration. For example, a user manually connects and installs apps, as when using Microsoft SQL Server in a VM, Running an IIS application, or such custom use cases.

While all the lower-level details like IAM roles, Security groups, and others are abstracted away from the user (as they are derived from the Tenant), standard application-centric inputs must be provided. This includes a Name, Instance size, Availability Zone choice, Disk size, Image ID, etc. Most of these are optional, and some are published as a list of user-friendly choices by the admin in the plan (Image or AMI ID is one such example). Other than these AWS-centric parameters, there are two DuploCloud platform-specific values to be provided:

Agent Platform: This is applicable if the VM is going to be used as a host for container orchestration by the platform. The choices are:

• EKS Linux: If this is to be added to the EKS cluster. For example, EKS is the chosen approach for container orchestration

• Linux Docker: If this is to be used for hosting Linux containers using the Built-in Container orchestration

• Docker Windows: If this is to be used for hosting Windows containers using the Built-in Container orchestration

• None: If the VM is going to be used for non-Container Orchestration purposes and contents inside the VM will be self-managed by the user

Allocation Tags (Optional): If the VM is being used for containers, you can set a label on it. This label can then be specified during docker app deployment to ensure the application containers are pinned to a specific set of nodes. Thus, you can further split a tenant into separate server pools and deploy applications.

AWS frequently updates the EKS version based on new features that are available in the Kubernetes platform. DuploCloud automates this upgrade in the DuploCloud Portal.

About the upgrade process

DuploCloud notifies users when an upgrade is planned. The upgrade process follows these steps:

1. A new EKS version is released.

2. DuploCloud adds support for the new EKS version.

3. DuploCloud tests all changes and new features thoroughly.

4. DuploCloud rolls out support for the new EKS version in a platform release.

5. The user updates the EKS version.

Updating the EKS version:

• Updates the EKS Control Plane to the latest version.

• Updates all add-ons and components.

• Relaunches all Hosts to deploy the latest version on all nodes.

After the upgrade process completes successfully, you can assign allocation tags to Hosts.

Starting the upgrade

Upgrading the EKS version

1. Click Administrator -> Infrastructure.

2. Select the Infrastructure that you want to upgrade to the latest EKS version.

3. Select the EKS tab. If an upgrade is available for the Infrastructure, an Upgrade link appears in the Value column.

4. Click the Upgrade link. The Upgrade EKS Cluster pane displays.

1. From the Target Version list box, select the version to which you want to upgrade.

2. From the Host Upgrade Action, select the method by which you want to upgrade hosts.

3. Click Start. The upgrade process begins.

Updating EKS Components (Add-ons)

1. Click Administrator -> Infrastructure.

2. Select the Infrastructure with components you want to upgrade.

3. Select the EKS tab. If an upgrade is available for the Infrastructure components, an Upgrade Components link appears in the Value column.
4. Click the Upgrade link. The Upgrade EKS Cluster Components pane displays.

1. From the Host Upgrade Action, select the method by which you want to upgrade hosts.

2. Click Start. The upgrade process begins.

Monitoring upgrades

The EKS Upgrade Details page displays that the upgrade is In Progress.

Find more details about the upgrade by selecting your Infrastructure from the Infrastructure page. Click the EKS tab, and then click Show Details.

Upgrade completion

When you click Show Details, the EKS Upgrade Details page displays the progress of updates for all versions and Hosts. Green checkmarks indicate successful completion in the Status list. Red Xs indicate Actions you must take to complete the upgrade process.

Assign allocation tags

If any of your Hosts use allocation tags, you must assign allocation tags to the Hosts:

1. After your Hosts are online and available, navigate to Cloud Services -> Hosts.

2. Select the host group tab (EC2, ASG, etc.) on the Hosts screen.

3. Click the Add button.

4. Name the Host and provide other configuration details on the Add Host form.

5. Select Advanced Options.

6. Edit the Allocation Tag field.

7. Click Create and define your allocation tags.

8. Click Add to assign the allocation tags to the Host.

For additional information about the EKS version upgrade process with DuploCloud, see the AWS FAQs section on EKS version upgrades.

Adding Security Group rules

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure. The Infrastructure page displays.

2. Select the Infrastructure for which you want to add or view Security Group rules from the Name column.

3. Click the Security Group Rules tab.

4. Click Add. The Add Infrastructure Security pane displays.

5. From the Source Type list box, select Tenant or IP Address.

6. From the Tenant list box, select the Tenant for which you want to set up the Security Rule.

7. Select the protocol from the Protocol list box.

8. In the Port Range field, specify the range of ports for access (for example, 1-65535).

9. Optionally, add a Description of the rule you are adding.

10. Click Add.

Viewing Security Group rules

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure.

2. Select the Infrastructure from the Name column.

3. Click the Security Group Rules tab. Security Rules are displayed.

Deleting Security Group rules

1. In the DuploCloud Portal, navigate to Administrator -> Infrastructure.

2. Select the Infrastructure from the Name column.

3. Click the Security Group Rules tab. Security Rules are displayed in rows.

Configuring Tenant Config settings

You can configure settings to apply to all new Tenants under a Plan using the Config tab. Tenant Config settings will not apply to Tenants created under the Plan before the settings were configured.

1. From the DuploCloud portal, navigate to Administrator -> Plan.

2. Click on the Plan you want to configure settings under in the NAME column.

3. Select the Config tab.

4. Click Add. The Add Config pane displays.

5. From the Config Type field, select TenantConfig.

6. In the Name field, enter the setting that you would like to apply to new Tenants under this Plan. (In the example, the enable_alerting setting is entered.)

7. In the Value field, enter True.
8. Click Submit. The setting entered in the Name field (enable alerting in the example) will apply to all new Tenants added under the Plan.

Viewing Tenant Config settings

You can check that the Tenant Config settings are enabled for new Tenants on the Tenants details page, under the Settings tab.

1. From the DuploCloud portal, navigate to Administrator -> Tenants.

2. From the NAME column, select a Tenant that was added after the Tenant Config setting was enabled.

3. Click on the Settings tab.

4. Check that the configured setting is listed in the NAME column. (Enable Alerting in the example.)

In AWS, cloud features such as AWS resource groups, AWS IAM, AWS security groups, KMS keys, as well as Kubernetes Namespaces, are exposed in Tenants which reference their configurations.

For more information about DuploCloud Tenants, see the Tenants topic in the DuploCloud Common Components documentation.

Creating a Tenant

1. Navigate to Administrator -> Tenant in the DuploCloud Portal and click Add. The Create a Tenant pane displays.

2. In the Name field, enter a name for the Tenant. Choose unique names that are not substrings of one another, for example, if you have a Tenant named dev, you cannot create another named dev2. We recommend using distinct numerical suffixes like dev01 and dev02.

3. In the Plan list box, select the Plan to associate the Tenant with.

4. Click Create. The Tenant is created.

Managing Tenant Expiration

In the DuploCloud Portal, configure an expiration time for a Tenant. At the set expiration time, the Tenant and associated resources are deleted.

1. In the DuploCloud Portal, navigate to Administrator -> Tenants. The Tenants page displays.

2. From the Name column, select the Tenant for which you want to configure an expiration time.
3. From the Actions list box, select Set Tenant Expiration. The Tenant - Set Tenant Expiration pane displays.
4. Select the date and time (using your local time zone) when you want the Tenant to expire.

5. Click Set. At the configured day and time, the Tenant and associated resources will be deleted.

Managing Tenant session duration

In the DuploCloud Portal, configure the session duration time for all Tenants or a single Tenant. At the end of a session, the Tenants or Tenant ceases to be active for a particular user, application, or Service.

For more information about IAM roles and session times in relation to a user, application, or Service, see the AWS Documentation.

Configuring session duration for all Tenants

1. In the DuploCloud Portal, navigate to Administrator -> System Settings. The System Settings page displays.

2. Click the System Config tab.

3. Click Add. The App Config pane displays.
4. From the Config Type list box, select AppConfig.

5. From the Key list box, select AWS Role Max Session Duration.

6. From the Select Duration Hour list box, select the maximum session time in hours or set a Custom Duration in seconds.

7. Click Submit. The AWS Role Max Session Duration and Value are displayed in the System Config tab. Note that the Value you set for maximum session time in hours is displayed in seconds. You can Delete or Update the setting in the row's Actions menu.

Configuring session duration for a single Tenant

1. In the DuploCloud Portal, navigate to Administrator -> Tenants. The Tenants page displays.

2. From the Name column, select the Tenant for which you want to configure session duration time.

3. Click the Settings tab.

4. Click Add. The Add Tenant Feature pane displays.
5. From the Select Feature list box, select AWS Role Max Session Duration.

6. From the Select Duration Hour list box, select the maximum session time in hours or set a Custom Duration in seconds.

7. Click Add. The AWS Role Max Session Duration and Value are displayed in the Settings tab. Note that the Value you set for maximum session time in hours is displayed in seconds. You can Delete or Update the setting in the row's Actions menu.

You can enable shared Hosts in the DuploCloud Portal. First, configure one Tenant to allow K8s Pods from other Tenants to run on its Host(s). Then, configure another Tenant to run its K8s Pods on Hosts in other Tenants. This allows you to break Tenant boundaries for greater flexibility.

Configuring Tenants to allow Host sharing

Enabling a Tenant to allow Host sharing

1. In the DuploCloud Portal, navigate to Administrator -> Tenant.

2. From the Tenant list, select the name of the Tenant to which the Host is defined.

3. Click the Settings tab.

4. Click Add. The Add Tenant Feature pane displays.

5. From the Select Feature item list, select Allow hosts to run K8S pods from other tenants.

6. Select Enable.
7. Click Add. This Tenant's hosts can now run Pods from other Tenants.

Enabling a Tenant to run Kubernetes Pods on another Tenant's Host

1. In the DuploCloud Portal, navigate to Administrator -> Tenant.

2. From the Tenant list, select the name of the Tenant that will access the other Tenant's Host (the Tenant not associated with a Host).

3. Click the Settings tab.

4. Click Add. The Add Tenant Feature pane displays.

5. From the Select Feature item list, select Enable option to run K8S pods on any host.

6. Select Enable.

7. Click Add. This Tenant can now run Pods on other Tenant's Hosts.

Creating a Service that uses a shared Host

1. From the Tenant list box at the top of the DuploCloud Portal, select the name of the Tenant that will run K8s Pods on the shared Host.

2. In the DuploCloud Portal, navigate to Kubernetes -> Services.

3. In the Services tab, click Add. The Add Service window displays.

4. Fill in the Service Name, Cloud, Platform, and Docker Image fields. Click Next.

1. In the Advanced Options window, from the Run on Any Host item list, select Yes.
2. Click Create. A Service running the shared Host is created.

Once an EC2 Instance is created, you connect it with SSH either by using Session ID or by downloading a key.

Connecting to an EC2 Linux instance using SSH

In the DuploCloud Portal, navigate to Cloud Services -> Hosts and select the host to which you want to connect.

Connect using session ID

After you select the Host, on the Host's page click the Actions menu and select SSH. A new browser tab opens and you can connect your Host using SSH with by session ID. Connection to the host launches in a new browser tab.

Connect by downloading a key

1. After you select the Host, on the Host's page click the Actions menu and select Connect -> Connection Details. The Connection Info for Host window opens. Follow the instructions to connect to the server.

2. Click Download Key.

Disable the option to download the SSH key

If you don't want to display the Download Key button, disable the button's visibility.

1. In the DuploCloud Portal, navigate to Administrator -> System Settings.

2. Click the System Config tab.

3. Click Add. The Add Config pane displays.

4. From the Config Type list box, select Flags.

5. From the Key list box, select Disable SSH Key Download.

6. From the Value list box, select true.

7. Click Submit.

Configuring admin-only access to the SSH key

Configuring the following system setting disables SSH access for read-only users. Once this setting is configured, only administrator-level users can access SSH.

1. From the DuploCloud Portal, navigate to Administrator -> Systems Settings.

2. Select the Settings tab, and click Add. The Update Config Flags pane displays.
3. From the Config Type list box, select Flags.

4. In the Key list box, select Admin Only SSH Key Download.

5. In the Value field list box, select true.

6. Click Submit. The setting is configured and SSH access is limited to administrators only.

DuploCloud AWS supports EC2, ASG, and BYOH (Bring Your Own Host) types. Use BYOH for any VMs that are not EC2 or ASG.

Adding a Host (VM)

1. Ensure you have selected the appropriate Tenant from the Tenant list box at the top of the DuploCloud Portal.

2. In the DuploCloud Portal, navigate to Cloud Services -> Hosts.

3. Select the tab corresponding to the type of Host you want to create (EC2, ASG, or BYOH).

4. Click Add. The Add Host page displays.

5. Complete the fields as required for your architecture.

6. Click Add. The Host that you added is displayed in the appropriate tab (EC2, ASG, or BYOH).

To connect to the Host using SSH, .

Creating Kubernetes StorageClass and PVC constructs in the DuploCloud Portal.

Supported Host Actions

1. From the DuploCloud Portal, navigate to Cloud Services -> Hosts.

2. Select the Host name from the list.

3. From the Actions list box, you can select Connect, Host Settings, or Host State to perform the following supported actions:

Connect:

Host Settings:

Host State:

Adding custom code for EC2 or ASG Hosts

#!/bin/bash
set -o xtrace
/etc/eks/bootstrap.sh duploinfra-MYINFRA --kubelet-extra-args '--node-labels=tenantname=duploservices-MYTENANT'

# Custom user code:
echo "hello world"

DuploCloud supports various ways to scale Host workloads, depending on the underlying AWS services being used.

Adding Dedicated Hosts to launch EC2 instances

Use Dedicated Hosts to launch Amazon EC2 instances and provide additional visibility and control over how EC2 instances are placed on a physical server; enabling you to use the same physical server, if needed.

Prerequisites

Configure the DuploCloud Portal to allow for the creation of Dedicated Hosts.

1. In the DuploCloud Portal, navigate to Administrator -> System Settings.

2. Click the System Config tab.

3. Click Add. The Add Config pane displays.

4. In the Config Type field, select Flags.

5. In the Key field, select Allow Dedicated Host Sharing.

6. In the Value field, select true.

7. Click Submit. The configuration is displayed in the System Config tab.

Creating Dedicated Hosts to launch EC2 instances

1. In the DuploCloud Portal, navigate to Cloud Services -> Hosts.

2. In the EC2 tab, click Add. The Add Host page displays.

3. After completing the required fields to configure your Host, select Advanced Options. The advanced options display.

4. In the Dedicated Host ID field, enter the ID of the Dedicated Host. The ID is used to launch a specific instance on a Dedicated Host. See the screenshot below for an example.

5. Click Add. The Dedicated Host is displayed in the EC2 tab.

Viewing Dedicated Hosts to launch EC2 instances

After you create Dedicated Hosts, view them by doing the following:

1. In the DuploCloud Portal, navigate to Cloud Services -> Hosts.

2. In the EC2 tab, select the Host from the Name column. The Dedicated Host ID card on the Host page displays the ID of the Dedicated Host.

Configure Autoscaling Groups (ASG) to ensure the application load is scaled based on the number of EC2 instances configured. Autoscaling detects unhealthy instances and launches new EC2 instances. ASG is also cost-effective as EC2 Instances are dynamically created per the application requirement within minimum and maximum count limits.

Creating Autoscaling Groups (ASG)

1. In the DuploCloud Portal, navigate to Cloud Services -> Hosts.

2. In the ASG tab, click Add. The Add ASG page is displayed.
3. In the Friendly Name field, enter the name of the ASG.

4. Select Availability Zone and Instance Type.

5. In the Instance Count field, enter the desired capacity for the Autoscaling group.

6. In the Minimum Instances field, enter the minimum number of instances. The Autoscaling group ensures that the total number of instances is always greater than or equal to the minimum number of instances.

7. In the Maximum Instances field, enter the maximum number of instances. The Autoscaling group ensures that the total number of instances is always less than or equal to the maximum number of instances.

8. Optionally, select Use for Cluster Autoscaling.

9. Select Advanced Options. The Advanced Options section displays.
10. Fill in additional fields as needed for your ASG.

11. Click Add. Your ASG is added and displayed in the ASG tab.

1. In the Friendly Name field, enter the name of the ASG.

2. Select Availability Zone and Instance Type.

3. In the Instance Count field, enter the desired capacity for the Autoscaling group.

4. In the Minimum Instances field, enter the minimum number of instances. The Autoscaling group ensures that the total number of instances is always greater than or equal to the minimum number of instances.

5. In the Maximum Instances field, enter the maximum number of instances. The Autoscaling group ensures that the total number of instances is always less than or equal to the maximum number of instances.

6. Optionally, select Use for Cluster Autoscaling.

7. Optionally select Advanced Options, and complete additional fields as needed.
8. Click Add. Your ASG is added and displayed in the ASG tab.

Viewing Hosts in Autoscaling Groups

To view the hosts in an Autoscaling group, follow these steps:

1. In the DuploCloud Portal, navigate to Cloud Services -> Hosts.

2. Select the ASG tab.

3. In the NAME column, select the ASG for which you want to view Hosts.

4. Select the Hosts tab. A list of individual Hosts displays.

Creating an Amazon EC2 Autoscaling Policy

ECS Autoscaling has the ability to scale the desired count of tasks for the ECS Service configured in your infrastructure. Average CPU/Memory metrics of your tasks are used to increase/decrease the desired count value.

Step 1: Add Auto-Scaling for Targets

Navigate to Cloud Services -> ECS. Select the ECS Task Definition where Autoscaling needs to be enabled > Add Scaling Target

Set the MinCapacity (minimum value 2) and MaxCapacity to complete the configuration.

Step 2: Add Scaling Policy

Once Autoscaling for Targets is configured, Next we have to add Scaling Policy

Provide details below:

• Policy Name - The name of the scaling policy.

• Policy Dimension - The metric type tracked by the target tracking scaling policy.. Select from the dropdown

• Target Value - The target value for the metric.

• Scalein Cooldown - The amount of time, in seconds, after a scale in activity completes before another scale in activity can start.

• ScaleOut Cooldown -The amount of time, in seconds, after a scale out activity completes before another scale out activity can start.

• Disable ScaleIn - Disabling scale-in makes sure this target tracking scaling policy will never be used to scale in the Autoscaling group

This step creates the target tracking scaling policy and attaches it to the Autoscaling group

Step 3: View Scaling Target and Policy

View the Scaling Target and Policy Details from the DuploCloud Portal. Update and Delete Operations are also supported from this view

Prerequisites

Before autoscaling can be configured for your Kubernetes service, make sure that:

1. Autoscaling Group (ASG) is setup in the DuploCloud tenant

2. Cluster Autoscaler is enabled for your DuploCloud infrastructure

Kubernetes Horizontal Pod Autoscaler (HPA)

Horizontal Pod Autoscaler (HPA) automatically scales the Deployment and its ReplicaSet. HPA checks the metrics configured in regular intervals and then scales the replicas up or down accordingly.

Configuring Services with HPA

You can configure HPA while creating a Deployment Service from the DuploCloud Portal.

1. In the DuploCloud Portal, navigate Kubernetes -> Services, displaying the Services page.

2. Create a new Service by clicking Add.

3. In Add Service - Basic Options, from the Replication Strategy list box, select Horizontal Pod Scheduler.

4. In the Horizontal Pod Autoscaler Config field, add a sample configuration, as shown below. Update the minimum/maximum Replica Count in the resource attributes, based on your requirements.

5. Click Next to navigate to Advanced Options.

6. In Advanced Options, in the Other Container Config field, ensure your resource attributes, such as Limits and Requests, are set to work with your HPA configuration, as in the example below.
7. At the bottom of the Advanced Options page, click Create.

When your services are running, Replicas: Auto is displayed on the Service page.

Stopping a running Kubernetes service that is using an HPA

If a Kubernetes Service is running with a Horizontal Pod AutoScaler (HPA), you cannot stop the Service by clicking Stop in the service's Actions menu in the DuploCloud Portal.

Instead, do the following to stop the service from running:

1. In the DuploCloud Portal, navigate to Kubernetes -> Containers and select the Service you want to stop.

2. From the Actions menu, select Edit.

3. From the Replication Strategy list box, select Static Count.

4. In the Replicas field, enter 0 (zero).

5. Click Next to navigate to the Advanced Options page.

6. Click Update to update the service.

Allowing real-time alerts for autoscaling Kubernetes nodes

When the Cluster Autoscaler flag is set and a Tenant has one or more ASGs, an unschedulable-pod alert will be delayed by five (5) minutes to allow for autoscaling. You can configure the Infrastructure settings to bypass the delay and send the alerts in real-time.

1. From the DuploCloud portal, navigate to Administrator -> Infrastructure.

2. Click on the Infrastructure you want to configure settings for in the Name list.

3. Select the Settings tab.

4. Click the Add button. The Infra - Set Custom Data pane displays.
5. In the Setting Name list box, select Enables faults prior to autoscaling Kubernetes nodes.

6. Set the Enable toggle switch to enable the setting.

7. Click Set. DuploCloud will now generate faults for unschedulable K8s nodes immediately (before autoscaling).

Launch templates define the configuration for instances in an Auto Scaling Group (ASG). They specify key settings such as the instance type, AMI, and other parameters that determine how new instances are launched. DuploCloud allows you to create multiple launch template versions, each with its own unique settings (e.g., instance type, AMI, etc.). You can easily switch between versions as your requirements evolve. One version can be set as the default, and updates to the launch template can be applied to both new and existing instances by using the Instance Refresh feature.

This feature is applicable to both Kubernetes Node ASGs and Docker Native ASGs.

Editing launch templates

1. Select the appropriate Tenant from the Tenant list box.

2. For Kubernetes-managed ASGs (Nodes), navigate to Kubernetes -> Nodes. For Docker Native ASGs (EC2 Instances Running Docker Directly), Navigate to Cloud Services -> Hosts.

3. Select the ASG tab.

4. In the NAME column, click on the ASG you wish to edit launch templates for.

5. Select the Launch Templates tab.

6. In the row of the version you wish to update, click the menu icon (), and select Edit (Create a new version). The Edit Launch Template (Create a new version) pane displays.

1. Configure the following launch template settings:

   • Template Version Description: Provide a description for the new version.

   • Instance Type: Select the type of EC2 instance to use for this version (e.g., t3.medium, m5.large, etc.).

   • Image ID: Specify the Amazon Machine Image (AMI) ID for the instances in this version. This defines the base image for launching new instances.

   • Set as Default: Optionally, set the newly created version as the default launch template for the ASG. The default version automatically applies to all newly launched instances in the ASG.

2. Click Submit. The updated launch template version is created.

Changing the default launch template version

In DuploCloud, you can manage multiple versions of a launch template for your Auto Scaling Group (ASG). You may want to change the default version to ensure that new instances are launched with the desired configuration.

To change the default launch template version:

1. Select the Tenant from the Tenant list box.

2. For Kubernetes-managed ASGs (Nodes), navigate to Kubernetes -> Nodes. For Docker Native ASGs (EC2 Instances Running Docker Directly), Navigate to Cloud Services -> Hosts.

3. Select the ASG tab and click the name of the appropriate ASG.

4. Click on the Launch Templates tab.

6. Select Set as Default.