# Create compute node groups in AWS PCS
A compute node group is virtual collection of compute nodes (EC2 instances) that AWS PCS launches and manages. When you define a compute node group, you specify common traits such as EC2 instance types, minimum and maximum instance count, target VPC subnets, preferred purchase option, and custom launch configuration. AWS PCS efficiently launches, manages, and terminates compute nodes in a compute node group, according to these settings. The demonstration cluster uses a compute node group to provide login nodes for user access, and a separate compute node group to process jobs. The following topics describe the procedures to set up these compute node groups in your cluster.
**Topics**
+ [Create an instance profile for AWS PCS](getting-started_create-cng_instance-profile.md)
+ [Create launch templates for AWS PCS](getting-started_create-cng_launch-templates.md)
+ [Create compute node group for login nodes in AWS PCS](getting-started_create-cng_login-nodes.md)
+ [Create compute node group for running compute jobs in AWS PCS](getting-started_create-cng_workers.md)
# Create an instance profile for AWS PCS
Compute node groups require an instance profile when they are created. If you use the AWS Management Console to create a role for Amazon EC2, the console automatically creates an instance profile and gives it the same name as the role. For more information, see [Using instance profiles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) in the *AWS Identity and Access Management User Guide*.
In the following procedure, you use the AWS Management Console to create a role for Amazon EC2, which also creates the instance profile for your compute node groups.
**To create the role and instance profile**
+ Navigate to the [IAM console](https://console.aws.amazon.com/iam).
+ Under **Access management**, choose **Policies**.
+ Choose **Create policy**.
+ Under **Specify permissions**, for **Policy editor**, choose **JSON**.
+ Replace the contents of the text editor with the following:
------
#### [ JSON ]
****
```
{
"Version":"2012-10-17",
"Statement": [
{
"Action": [
"pcs:RegisterComputeNodeGroupInstance"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
```
------
+ Choose **Next**.
+ Under **Review and create**, for **Policy name**, enter `AWSPCS-getstarted-policy`.
+ Choose **Create policy**.
+ Under **Access management**, choose **Roles**.
+ Choose **Create role**.
+ Under **Select trusted entity**:
+ For **Trusted entity type**, select **AWS service**
+ Under **Use case**, select **EC2**.
+ Then, under **Choose a use case** for the specified service, choose **EC2**.
+ Choose **Next**.
+ Under **Add permissions**:
+ In **Permissions policies**, search for **AWSPCS-getstarted-policy**.
+ Check the box beside **AWSPCS-getstarted-policy** to add it to the role.
+ In **Permissions policies**, search for **AmazonSSMManagedInstanceCore**.
+ Check the box beside **AmazonSSMManagedInstanceCore** to add it to the role.
+ Choose **Next**.
+ Under **Name, review, and create**:
+ Under **Role details**:
+ For **Role name**, enter `AWSPCS-getstarted-role`.
+ Choose **Create role**.
# Create launch templates for AWS PCS
When you create a compute node group, you provide an EC2 launch template that AWS PCS uses to configure EC2 instances it launches. This includes settings such as security groups and scripts that run when the instance launches.
In this step, one CloudFormation template will be used to create two EC2 launch templates. One template will be used to create login nodes, and the other will be used to create compute nodes. The key difference between them is that the login nodes can be configured to allow inbound SSH access.
## Access the CloudFormation template
Use the following URL to download the CloudFormation template, then upload the template in the [CloudFormation console](https://console.aws.amazon.com/cloudformation/home#/stacks/create) to create a new CloudFormation stack. For more information, see [Using the CloudFormation console](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-using-console.html) in the *AWS CloudFormation User Guide*.
```
https://aws-hpc-recipes.s3.amazonaws.com/main/recipes/pcs/getting_started/assets/pcs-lt-efs-fsxl.yaml
```
## Use the CloudFormation template to create EC2 launch templates
Use the following procedure to complete the CloudFormation template in the CloudFormation console
+ Under **Provide a stack name**:
+ Under **Stack name**, enter `getstarted-lt`.
+ Under **Parameters**:
+ Under **Security**
+ For **VpcSecurityGroupId**, select the security group named `default` in your cluster VPC.
+ For **ClusterSecurityGroupId**, select the group named `cluster-getstarted-sg`
+ For **SshSecurityGroupId**, select the group named `inbound-ssh-getstarted-sg`
+ For **SshKeyName**, select your preferred SSH key pair.
+ Under **File systems**
+ For **EfsFilesystemId**, enter the file system ID from the EFS file system you created earlier in the tutorial.
+ For **FSxLustreFilesystemId**, enter the file system ID from the FSx for Lustre file system you created earlier in the tutorial.
+ For **FSxLustreFilesystemMountName**, enter the mount name for that same FSx for Lustre file system.
+ Choose **Next**, then choose **Next** again.
+ Choose **Submit**.
Monitor the status of the CloudFormation stack. When it reaches `CREATE_COMPLETE` the launch template is ready to be used.
**Note**
To see all the resources the CloudFormation template created, open the [CloudFormation console](https://console.aws.amazon.com/cloudformation). Choose the `getstarted-lt` stack and then choose the **Resources** tab.
# Create compute node group for login nodes in AWS PCS
A compute node group is virtual collection of compute nodes (EC2 instances) that AWS PCS launches and manages. When you define a compute node group, you specify common traits such as EC2 instance types, minimum and maximum instance count, target VPC subnets, preferred purchase option, and custom launch configuration. AWS PCS efficiently launches, manages, and terminates compute nodes in a compute node group, according to these settings.
In this step, you will launch a static compute node group that provides interactive access to the cluster. You can use SSH or Amazon EC2 Systems Manager (SSM) to log in to it, then run shell commands and manage Slurm jobs.
**To create the compute node group**
+ Open the [AWS PCS console](https://console.aws.amazon.com/pcs) and navigate to **Clusters**.
+ Select the cluster named `get-started`
+ Navigate to **Compute node groups** and choose **Create**.
+ In the **Compute node group setup** section, provide the following:
+ **Compute node group name** – Enter `login`.
+ Under **Computing configuration**, enter or select these values:
+ **EC2 launch template** – Choose the launch template where the name is `login-getstarted-lt`
+ **IAM instance profile** – Choose the instance profile named `AWSPCS-getstarted-role`
+ **Subnets** – Select the subnet where the name starts with `hpc-networking:PublicSubnetA`.
+ **Instances** – Select `c6i.xlarge`.
+ **Scaling configuration** – For **Min. instance count**, enter `1`. For **Max. instance count**, enter `1`.
+ Under **Additional settings**, specify the following:
+ **AMI ID** – Select an AMI you want to use, that has a name in the following format:
```
aws-pcs-sample_ami-amzn2-platform-slurm-version
```
For more information about the sample AMIs, see [Using sample Amazon Machine Images (AMIs) with AWS PCS](working-with_ami_samples.md).
+ Choose **Create compute node group**.
The **Status** field shows **Creating** while the compute node group is being provisioned. You can proceed to the next step in the tutorial while it is in progress.
# Create compute node group for running compute jobs in AWS PCS
In this step, you will launch a compute node group that scales elastically to run jobs submitted to the cluster.
**To create the compute node group**
+ Open the [AWS PCS console](https://console.aws.amazon.com/pcs) and navigate to **Clusters**.
+ Select the cluster named `get-started`
+ Navigate to **Compute node groups** and choose **Create**.
+ In the **Compute node group setup** section, provide the following:
+ **Compute node group name** – Enter `compute-1`.
+ Under **Computing configuration**, enter or select these values:
+ **EC2 launch template** – Choose the launch template where the name is `compute-getstarted-lt`
+ **IAM instance profile** – Choose the instance profile named `AWSPCS-getstarted-role`
+ **Subnets** – Select the subnet where the name starts with `hpc-networking:PrivateSubnetA`.
+ **Instances** – Select `c6i.xlarge`.
+ **Scaling configuration** – For **Min. instance count**, enter `0`. For **Max. instance count**, enter `4`.
+ Under **Additional settings**, specify the following:
+ **AMI ID** – Select an AMI you want to use, that has a name in the following format:
```
aws-pcs-sample_ami-amzn2-platform-slurm-version
```
For more information about the sample AMIs, see [Using sample Amazon Machine Images (AMIs) with AWS PCS](working-with_ami_samples.md).
+ Choose **Create compute node group**.
The **Status** field shows **Creating** while the compute node group is being provisioned.
**Important**
Wait for the **Status** field to show **Active** before proceeding to the next step in this tutorial.