Skip to content

CIS Amazon Linux 2023 Level 2 with ParallelCluster Usage Instructions

Welcome to the CIS Amazon Linux 2023 Level 2 with ParallelCluster Usage Instructions. AWS ParallelCluster is an open-source cluster management tool that makes it easy to deploy and manage High Performance Computing (HPC) clusters on AWS.

Important Firewall Note: Before utilizing this offer, please note it uses an active nftables ruleset configured for the most commonly utilized ParallelCluster services. To view this ruleset, run:

sudo nft list ruleset

End users may need to manually adjust these ports based on their production environment requirements.

Minimum Volume Requirements

Please note these minimum values for using this Level 2 Hardened Image:

  • The root volume must be 60 GiB or greater.
  • The secondary attached volume must be 140 GiB or greater.

Creating a New "Golden Image"

We recommend first creating a new "golden image" based on this offer for use in your end-user environments:

  1. Subscribe to this offer via the AWS Marketplace dashboard or Marketplace API.
  2. Create an IAM instance profile/role with appropriate permissions for your environment, or use the default permissions provided by AWS. These defaults are viewable in the "AWS ParallelCluster image build pcluster user policy" section here: https://docs.aws.amazon.com/parallelcluster/latest/ug/iam-roles-in-parallelcluster-v3.html#iam-ec2-instance-role
  3. Create a new EC2 instance to be used for pcluster image creation and re-imaging, attaching the newly created instance profile. If this instance must be secured for compliance reasons, we recommend launching the builder instance from this same offer's AMI. We recommend an instance size of medium or greater.
  4. Navigate to the AWS ParallelCluster homepage: https://aws.amazon.com/hpc/parallelcluster/
  5. Click the "Get started with AWS ParallelCluster" button.
  6. This redirects to the "Setting up AWS ParallelCluster" page: https://docs.aws.amazon.com/parallelcluster/latest/ug/install-v3.html
  7. Confirm the Prerequisites (such as AWS Configuration and SSH access) are complete on the newly-created instance.
  8. Create a new image configuration file, making necessary changes to the SubnetId, SecurityGroupIds, and setting this offer's AMI as the ParentImage. Use this file to also configure any domain or proxy settings necessary for your environment. We recommend c5.xlarge for the InstanceType, but configure as needed. For configuration file guidance and formatting, see: https://docs.aws.amazon.com/parallelcluster/latest/ug/pcluster.build-image-v3.html
  9. Example command: 
    pcluster build-image -i cis-test-pc-reimage -r us-east-1 -c cis-imaging-test.yml
  10. Note: Image building can take upwards of an hour.

Creating a New Cluster

To create a new cluster:

  1. First, create a "pcluster configuration file". This is a different file than the image configuration file used in the above steps.
  2. For working examples, please see: https://github.com/aws/aws-parallelcluster/tree/release-3.0/cli/tests/pcluster/example_configs
  3. Once the configuration file is built for your environment, run: 
    pcluster create-cluster
  4. Example command: 
    pcluster create-cluster -c cis-build-cluster-test.yml -n cis-pc-cluster-v1.0.0.1
  5. Note: The ParallelCluster version used in cluster creation must match the version used to create the golden image.

ParallelCluster UI (PCUI)

These instructions are only intended for CLI usage of AWS ParallelCluster. For further guidance on installing and configuring the ParallelCluster UI (PCUI), please visit the official documentation for installation instructions: https://docs.aws.amazon.com/parallelcluster/latest/ug/install-pcui-v3.html