Deploy and manage your infrastructure on AWS using Ryvn’s automated provisioning system.

Prerequisites

Before you begin, make sure you have:

Configure Your Environment

  1. Go to the Environments tab in the Ryvn Dashboard
  2. Click Create Environment in the top-right corner
  3. Give your environment a name (e.g. production)
  4. Select a release channel (e.g. production)
    Release channels link services to environments. When you push code changes, services publish releases to release channels. Environments subscribed to those channels automatically deploy new releases.
  5. Click Create Environment

Provisioning Steps

  1. From your environment in the Ryvn Dashboard, click View Environment
  2. Click Self Setup
  3. Click Start Provisioning
  4. Select AWS as your cloud provider
  5. Fill out the form with your AWS credentials
  6. Click Continue
  7. Click Create Permissions
  8. Follow the AWS-specific instructions shown in the dashboard
  9. Return to Ryvn and wait for provisioning to complete
The provisioning process is automated and typically takes 15-20 minutes. Ryvn will set up all necessary AWS resources including networking, security, and compute infrastructure.

Provisioning Methods

Ryvn offers two methods for provisioning AWS infrastructure:

BYOC (Bring Your Own Cloud)

With BYOC, Ryvn creates a new VPC in your AWS account with the specified CIDR block.

Configuration Interface

BYOC provisioning offers two configuration modes: Basic Mode A user-friendly form interface with the following options:
  • Region: Select your AWS region (e.g., US East, EU West)
  • VPC CIDR Block: Specify the IP range for your VPC (default: 10.42.0.0/16)
  • Application Node Group Configuration:
    • Instance Type: Choose from t3.medium (2 CPU, 4GB RAM), t3.large (2 CPU, 8GB RAM), or t3.xlarge (4 CPU, 16GB RAM)
    • Min Size: Minimum number of nodes (recommended: 2)
    • Max Size: Maximum number of nodes for scaling
Advanced Mode A YAML editor for more detailed configuration: Configuration Requirements:
  • You must specify a vpc_cidr value in the standard CIDR notation format (e.g., 10.0.0.0/16)
  • The CIDR block must be a valid IPv4 address range with a subnet mask between /0 and /32
Example configuration: 
region: us-east-1
vpc_cidr: 10.42.0.0/16
eks_managed_node_groups:
  application:
    instance_types: ["t3.large"]
    min_size: 2
    max_size: 2
    desired_size: 2
  system:
    instance_types: ["t3.large"]

Custom Terraform Executor Policies

For cases where you need to deploy Terraform services with specific permissions, you can add custom IAM policy statements to the Ryvn Agent role by adding a terraform_executor_policies block to your configuration: 
terraform_executor_policies:
  - effect: Allow
    actions:
      - "*"
    resource: "*"
This configuration grants full access permissions to Terraform services running in your environment, allowing you to deploy any Terraform resources without restriction. You can also specify more granular permissions if needed.
The terraform_executor_policies configuration is particularly useful when you need to deploy custom infrastructure using Terraform services. By default, Terraform services have restricted permissions.

BYOVPC (Bring Your Own VPC)

With BYOVPC, Ryvn uses an existing VPC in your AWS account. Configuration Requirements:
  • You must specify a vpc_id that starts with “vpc-”
  • You must provide at least 3 unique private subnet IDs, each starting with “subnet-”
  • All subnet IDs must be unique
Example configuration: 
vpc_id: vpc-0123456789abcdef0
private_subnet_ids:
  - subnet-0123456789abcdef1
  - subnet-0123456789abcdef2
  - subnet-0123456789abcdef3
The provisioning button will be disabled until your configuration meets all the requirements for your selected method. A tooltip will display if there are any validation errors in your configuration.

EKS Node Pool Configuration

Ryvn uses AWS EKS Managed Node Groups to provide scalable compute resources for your applications. You can configure node pools through the eks_managed_node_groups section in your YAML configuration.

Default Node Groups

Ryvn automatically creates two node groups by default:
  • application: For running your application workloads
  • system: For running system components and infrastructure services

Available Configuration Options

The following configuration options are available for each node group:

Basic Configuration

OptionTypeDefaultDescription
instance_typeslist(string)["t3.medium"] (app), ["t3.xlarge"] (system)List of EC2 instance types for the node group
min_sizenumber2 (app), 1 (system)Minimum number of nodes in the group
max_sizenumber5 (app), 3 (system)Maximum number of nodes in the group
desired_sizenumber2 (app), 1 (system)Desired number of nodes in the group
ami_typestring"AL2023_x86_64_STANDARD"AMI type for the nodes

Storage Configuration

OptionTypeDefaultDescription
block_device_mappingsobjectSee belowEBS volume configuration for the root device
Default storage configuration: 
block_device_mappings:
  xvda:
    device_name: "/dev/xvda"
    ebs:
      volume_size: 50
      volume_type: "gp3"
      encrypted: true
      delete_on_termination: true

Advanced Configuration

OptionTypeDescription
labelsobjectKubernetes labels to apply to nodes
taintslist(object)Kubernetes taints to apply to nodes
subnet_idslist(string)Specific subnets to deploy nodes in
capacity_typestringSpot or On-Demand instances ("ON_DEMAND" or "SPOT")
disk_sizenumberRoot volume size in GB
force_update_versionboolForce update of node group version
launch_templateobjectCustom launch template configuration

Configuration Examples

Basic Node Group Configuration

eks_managed_node_groups:
  application:
    instance_types: ["t3.large"]
    min_size: 2
    max_size: 5
    desired_size: 2
  system:
    instance_types: ["t3.xlarge"]
    min_size: 1
    max_size: 3
    desired_size: 1

Advanced Node Group with Custom Storage

eks_managed_node_groups:
  application:
    instance_types: ["t3.large", "t3.xlarge"]
    min_size: 2
    max_size: 10
    desired_size: 3
    capacity_type: "SPOT"
    block_device_mappings:
      xvda:
        device_name: "/dev/xvda"
        ebs:
          volume_size: 100
          volume_type: "gp3"
          encrypted: true
          delete_on_termination: true
    labels:
      workload-type: "application"
      environment: "production"

Node Group with Taints

eks_managed_node_groups:
  gpu:
    instance_types: ["g4dn.xlarge"]
    min_size: 1
    max_size: 3
    desired_size: 1
    labels:
      node-type: "gpu"
    taints:
      - key: "nvidia.com/gpu"
        value: "present"
        effect: "NoSchedule"

Custom Node Groups

You can create additional node groups beyond the default application and system groups: 
eks_managed_node_groups:
  application:
    instance_types: ["t3.large"]
    min_size: 2
    max_size: 5
    desired_size: 2
  monitoring:
    instance_types: ["t3.medium"]
    min_size: 1
    max_size: 2
    desired_size: 1
    labels:
      workload-type: "monitoring"
  batch:
    instance_types: ["t3.xlarge"]
    min_size: 0
    max_size: 5
    desired_size: 0
    capacity_type: "SPOT"
    labels:
      workload-type: "batch"

Advanced Configuration Options

For advanced node group configurations not covered here, refer to the AWS EKS Managed Node Group Terraform module documentation. This upstream module provides comprehensive configuration options for specialized use cases.
Ryvn automatically adds the label ryvn.app/node-group-name to all nodes for identification and management purposes.

What Gets Created

Ryvn provisions a production-ready EKS cluster in your AWS account, complete with secure networking and IAM configuration. This includes a VPC with private subnets, load balancers for service exposure, and all necessary security groups and IAM roles.