in lib/workshop.py [0:0]
def create_simple_compute_environment(proj_name):
computeEnvironmentName = f"CE-{proj_name}"
iam_client = boto3.client('iam')
ec2_client = boto3.client('ec2')
batch_client = boto3.client('batch')
# use the default VPC for simplicity
vpc_filter = [{'Name':'isDefault', 'Values':['true']}]
default_vpc = ec2_client.describe_vpcs(Filters=vpc_filter)
vpc_id = default_vpc['Vpcs'][0]['VpcId']
subnet_filter = [{'Name':'vpc-id', 'Values':[vpc_id]}]
subnets = ec2_client.describe_subnets(Filters=subnet_filter)
subnet1_id = subnets['Subnets'][0]['SubnetId']
subnet2_id = subnets['Subnets'][1]['SubnetId']
batch_instance_role_name = f"batch_instance_role_{proj_name}"
batch_instance_policies = ["arn:aws:iam::aws:policy/CloudWatchFullAccess", "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role","arn:aws:iam::aws:policy/AmazonS3FullAccess"]
create_service_role_with_policies(batch_instance_role_name, "ec2.amazonaws.com", batch_instance_policies)
instance_profile_name =f"instance_profile_{proj_name}"
try:
iam_client.create_instance_profile(InstanceProfileName=instance_profile_name)
except ClientError as e:
if e.response['Error']['Code'] == 'EntityAlreadyExists':
print("Instance profile already attached, ignore")
else:
raise e
try:
iam_client.add_role_to_instance_profile(InstanceProfileName=instance_profile_name, RoleName=batch_instance_role_name)
except ClientError as e:
print(e)
instanceRole = iam_client.get_instance_profile(InstanceProfileName=f"instance_profile_{proj_name}")['InstanceProfile']['Arn']
batch_service_role_name = f"batch_service_role_{proj_name}"
batch_service_policies = ["arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole", "arn:aws:iam::aws:policy/CloudWatchFullAccess"]
serviceRole = create_service_role_with_policies(batch_service_role_name, "batch.amazonaws.com", batch_service_policies)
batch_sg_name = f"batch_sg_{proj_name}"
try:
sg = ec2_client.create_security_group(
Description='security group for Compute Environment',
GroupName=batch_sg_name,
VpcId=vpc_id
)
batch_sec_group_id=sg["GroupId"]
except ClientError as e:
if e.response['Error']['Code'] == 'InvalidGroup.Duplicate':
print("SG already exists, ")
resp = ec2_client.describe_security_groups(Filters=[dict(Name='group-name', Values=[batch_sg_name])])
batch_sec_group_id = resp['SecurityGroups'][0]['GroupId']
print('Batch security group id - ' + batch_sg_name)
print(batch_sec_group_id)
security_groups = [batch_sec_group_id]
compute_resources = {
'type': 'EC2',
'allocationStrategy': 'BEST_FIT_PROGRESSIVE',
'minvCpus': 4,
'maxvCpus': 64,
'desiredvCpus': 4,
'instanceTypes': ['optimal'],
'subnets': [subnet1_id, subnet2_id],
'securityGroupIds': security_groups,
'instanceRole': instanceRole
}
response = batch_client.create_compute_environment(
computeEnvironmentName=computeEnvironmentName,
type='MANAGED',
serviceRole=serviceRole,
computeResources=compute_resources
)
while True:
describe = batch_client.describe_compute_environments(computeEnvironments=[computeEnvironmentName])
computeEnvironment = describe['computeEnvironments'][0]
status = computeEnvironment['status']
if status == 'VALID':
print('\rSuccessfully created compute environment {}'.format(computeEnvironmentName))
break
elif status == 'INVALID':
reason = computeEnvironment['statusReason']
raise Exception('Failed to create compute environment: {}'.format(reason))
print('\rCreating compute environment...')
time.sleep(10)
return response