Creating and Configuring a Launch Template

A launch template is an configuration template that an Auto Scaling group uses to launch EC2 instances. Creating a launch template requires collecting some infrastructure data, specifically the Amazon Machine Image ID (AMI ID) and instance type. You can have more than one launch template created with different parameters, such as instance type or root volume size, and instantiate the auto-scaling groups from them.

Launch templates replace the deprecated launch configurations feature found in earlier versions of AWS. See Migrating a Launch Configuration to a Launch Template for instructions on migrating an existing launch configuration to a launch template. ArcSight recommends you migrate to launch templates as soon as possible.

To create a launch template using the web UI:

Using the Find Services search tool, locate and browse to the EC2 Dashboard.
In the left navigation panel, under Instances, select Launch templates.
On the Launch templates page, click Create Launch templates.

On the Create Launch template page, in Launch template name, specify a name for the launch template.

Under Application and OS Images (Amazon Machine Image), provide the AMI for the worker node.

Under Instance type, specify the virtual machine hardware, such as m4.large.

If you are deploying the Intelligence capability, you must use a minimum of m5.4xlarge with 16 core CPUs and 64 GB RAM.

Under Key pair (login), select the existing key pair or create a new one.
Each resource must be accessible through the network and all worker nodes must have the correct security groups assigned to them. Under Network settings, choose Select an existing security group, and then select the security group you created for intra-VPC communications, recorded in the AWS worksheet.
Under Storage (volumes), specify the value of Size with a minimum value of 50 GB. You may specify more depending on your plans for product installation and workload.
Under Advanced details, specify values for the following settings:

IAM instance profile: Choose the instance profile name for the worker nodes from the AWS worksheet.
User data: Copy the contents of the script workernodes-userdata located in the aws-scripts folder. In the text area, replace <cluster name> with your own cluster name from the AWS worksheet.

Click Create launch template.

To create a launch template using the CLI:

Run the following command:

aws ec2 create-launch-template \
--launch-template-name <Launch Template name> \
--launch-template-data '{"NetworkInterfaces":[{"DeviceIndex":0,"Groups":["<Intra VPC Security group Id>"]}],"ImageId":"<Launch template AMI Id>","InstanceType":"<Instance type>","KeyName":"<Key pair name> ","IamInstanceProfile":{"Arn":"<Workernodes Instance profile ARN>"},"BlockDeviceMappings":[{"DeviceName":"<root device name>","Ebs":{"VolumeSize":<root volume size>,"VolumeType":"gp2","DeleteOnTermination":true}}],"UserData":"$USERDATA"}'

Where:

<Launch Template name>: Choose a name that helps with easier identification. In our examples we will use srgdemo-workers-launch-config. Record the chosen value in your AWS worksheet.

Important! Replace the value <Kubernetes version> with the Kubernetes version number you used to create the EKS, and recorded as the Kubernetes version in your AWS worksheet. Retain the asterisk at the end of the value for the name filter.

<Key pair name>: Use the key pair name from the AWS worksheet.

<Intra VPC Security group Id>: ID of Intra VPC security group recorded in the AWS worksheet.

<Instance type>: From Amazon EC2 Instance Types, choose your host hardware configuration. Consider CPU, RAM, storage type, network performance, and price.

Instance type resources must be selected based on the Technical Requirements for ArcSight Platform 23.3.

<root device name>: In the description obtained for AMI ID above, locate the value for key RootDeviceName.

<root volume size>: Size depends on planned installation size: 50GB for SMALL, 100GB for MEDIUM, and 256GB for LARGE. Sizes refer to the sizes from ArcSight Suite metadata definition, in gigabytes.

<Workernodes instance profile ARN>: Use the instance profile ARN you created above or created by your AWS infrastructure administrators and recorded in your AWS worksheet.

$USERDATA: To specify a value for this environment variable, copy the file workernodes-userdata located in aws-byok-installer-<version>/scripts/ to the current working directory on the local host or the bastion, then open in a text editor. Replace the parameter cluster name with the value from the AWS worksheet and save the file.

Example of workernodes-userdata:

#!/bin/bash
set -o xtrace
/etc/eks/bootstrap.sh srgdemo-cluster --kubelet-extra-args \
--node-labels='Worker=label,role=loadbalancer,node.type=workerlancer,node.type=worker'

Extending labels, as shown here, during the launch configuration creation will be important for scaling up the cluster later. However, if you do not assign labels automatically, you must manually add new labels every time you add a new node.

To prepare the environment variable execute the following command:

USERDATA=$(base64 workernodes-userdata | tr -d "[:space:]")

Validate the content of USERDATA by executing echo $USERDATA | base64 -d

Full example of the command to create a launch template:

aws ec2 create-launch-template \
--launch-template-name srgdemo-workers-launch-template \
--launch-template-data '{"NetworkInterfaces":[{"DeviceIndex":0,"Groups":["sg-022a13e4e54ddfbb6"]}],"ImageId":"ami-02c432d96f51e5832","InstanceType":"m4.large","KeyName":"my_ssh_key_pair","IamInstanceProfile":{"Arn":"arn:aws:iam::115370848038:instance-profile/ARST-EKS-Workers-Custom-Role"},"BlockDeviceMappings":[{"DeviceName":"/dev/xvda","Ebs":{"VolumeSize":100,"DeleteOnTermination":true}}],"UserData":"'$USERDATA'"}'

Note the LaunchTemplateId, which will be used in the next step.

Next Step: Migrating a Launch Configuration to a Launch Template