Self-Hosted DriveMonitor VPC Setup

This guide provides instructions for deploying and configuring the NomadicML DriveMonitor application within your own AWS Virtual Private Cloud (VPC). This allows you to maintain full control over your data and infrastructure.

Prerequisites: Information We Need From You

To enable us to prepare and share our pre-configured DriveMonitor VPC AWS EC2 image (AMI) with you, please provide the following information to your NomadicML contact:
  1. Your AWS Account ID:
    • This is necessary for us to share the pre-configured DriveMonitor AMI directly with your AWS account.
    • An AWS account ID is a 12-digit number (e.g., 012345678901) that uniquely identifies an AWS account. You can find this in the AWS Management Console, typically in the top-right corner under your account name/menu. The image above is illustrative. Your AWS console might look slightly different.
  2. Desired DriveMonitor VPC Domain:
    • This is the URL (e.g., customer.app.nomadicml.com, yourcompany.drivemonitor-internal.com) through which you will access your self-hosted DriveMonitor instance.
    • This domain does not need to be publicly accessible. Access can be restricted to your internal VPC network.
    • You will be responsible for configuring DNS for this domain to point to the Elastic IP address you will set up in the steps below.
    • Examples:
      • customer.app.nomadicml.com
      • f78406j.app.nomadicml.com
      • abcde.app.nomadicml.com
  3. Google Cloud Platform - Firebase Service Account Credentials:
    • DriveMonitor integrates with Google Firebase for its data storage backend. You will need to provide Firebase service account credentials to establish a connection between the DriveMonitor VPC instance and your Firebase project.
    • To obtain this:
      1. Go to your Firebase console and select your project.
      2. Navigate to Project settings (click the gear icon next to “Project Overview”).
      3. Go to the Service accounts tab.
      4. Click on Generate new private key. A JSON file (e.g., yourproject-firebase-adminsdk-xxxxx-xxxxxxxxx.json) will be downloaded.
    • You will configure the contents of this JSON file on your EC2 instance in a later step.
    If you prefer to use a different database service, such as AWS RDS, instead of Firebase, please discuss this with your NomadicML contact.
Once we receive this information, we will share the DriveMonitor AMI ID with you.

Deployment Steps: What You Will Do

After NomadicML has shared the AMI ID with you, follow these steps to deploy DriveMonitor in your AWS VPC:

1. AWS Portal Configuration

a. Allocate an Elastic IP Address

An Elastic IP address ensures that your DriveMonitor Compute VM retains the same public IP address even if it restarts, guaranteeing a stable endpoint for your domain configuration.
  1. Navigate to the EC2 service in the AWS Management Console.
  2. In the left-hand navigation pane, under “Network & Security,” click on Elastic IPs.
  3. Click Allocate Elastic IP address.
  4. The default options are generally fine. Click Allocate.
  5. Note down the allocated Elastic IP address. You will associate it with your EC2 instance later.

b. Instantiate the DriveMonitor Compute Instance using the AMI

You will launch an EC2 instance from the pre-configured DriveMonitor AMI provided by NomadicML.
  1. In the EC2 dashboard, click on Instances under the “Instances” section in the left-hand navigation pane.
  2. Click the Launch instances button.
  3. Name and tags (Optional): Give your instance a descriptive name, e.g., DriveMonitor-VPC-Server.
  4. Application and OS Images (Amazon Machine Image):
    • In the search bar under “Amazon Machine Image (AMI)”, select My AMIs from the dropdown on the left.
    • Then, select Shared with me.
    • You should find the DriveMonitor AMI shared by NomadicML (using the AMI ID we provided). Select it.
  5. Instance type:
    • DriveMonitor is a compute-intensive application, especially the GPU inference component.
    • We recommend an EC2 instance with a powerful GPU and sufficient VRAM. An instance with at least 80GB of GPU VRAM (e.g., an NVIDIA A100 or H100 equivalent) is advised for optimal performance.
    • This typically corresponds to instance types like AWS g6e.12xlarge, p4d.24xlarge, or similar high-end GPU instances. Please consult current AWS instance offerings for the best fit.
  6. Key pair (login):
    • For authentication and SSH access, you must use a key pair.
    • You can choose an existing key pair or create a new one. The image provided from the PDF shows “Select an existing key pair or create a key pair”.
    • If you create a new one, a .pem file will be downloaded. Store this file securely.
    • After downloading, ensure you set appropriate permissions for the .pem file: 
      chmod 400 /path/to/your-key-pair-name.pem
  7. Network settings:
    • Click Edit next to “Network settings”.
    • VPC: Select the VPC where you want to deploy DriveMonitor.
    • Subnet: Choose an appropriate subnet.
    • Firewall (security groups):
      • Create a new security group or select an existing one.
      • Ensure the following inbound traffic rules are enabled:
        • SSH (TCP, Port 22): From your IP address or trusted network range for administrative access.
        • HTTP (TCP, Port 80): From your desired access range (e.g., your company’s VPC CIDR, specific IPs, or 0.0.0.0/0 if publicly accessible – secure appropriately).
        • HTTPS (TCP, Port 443): Same as HTTP, for secure access.
  8. Configure storage:
    • We recommend at least 500GB of general-purpose SSD (gp3 or io2) storage for the root volume.
    • For extensive video storage and processing, 1TB or more is ideal. Adjust based on your expected workload.
  9. Advanced details: Review other settings as needed; defaults are often sufficient.
  10. Summary & Launch:
    • Review your instance configuration on the right-hand “Summary” panel.
    • Click Launch instance.

c. Assign Elastic IP to the EC2 Instance

  1. Navigate back to Elastic IPs in the EC2 console.
  2. Select the Elastic IP address you allocated in Step 1a.
  3. Click the Actions dropdown and select Associate Elastic IP address.
  4. In the “Resource type” dropdown, select Instance.
  5. In the “Instance” field, search for and select the DriveMonitor EC2 instance you just launched.
  6. Click Associate.

2. Connect to Machine and Start DriveMonitor

a. SSH into the DriveMonitor VM

  1. Obtain the Public IPv4 DNS or the Elastic IP address of your newly launched EC2 instance from the EC2 console.
  2. Open your terminal and use the .pem key file to SSH into the instance. The default username for Ubuntu-based AMIs is typically ubuntu. If NomadicML provided a different default username for the AMI, please use that. 
    ssh -i /path/to/your-key-pair-name.pem ubuntu@YOUR_EC2_PUBLIC_DNS_OR_ELASTIC_IP

b. Navigate into the DriveMonitor folder

Once connected, the DriveMonitor application code should be pre-loaded on the AMI. 
cd /opt/drivemonitor_vpc  # Or the path specified by NomadicML, e.g., "cd drivemonitor_vpc" as per PDF

c. Create and Configure the .env file

A template file (e.g., .env.template) should be present. Copy it to create your environment configuration file. 
cp .env.template .env
Now, edit the .env file using a terminal text editor like nano or vim: 
nano .env
You will need to fill in the following details:
  • DRIVEMONITOR_VPC_DOMAIN: The domain you decided on in the “Prerequisites” section (e.g., customer.app.nomadicml.com).
  • FIREBASE_SERVICE_ACCOUNT_KEY_JSON_CONTENT: Paste the entire content of the JSON file you downloaded from Firebase here (the one from “Generate new private key”). It should be a single line of JSON string. Alternatively, if the AMI is set up to read from a file path, you might securely transfer your Firebase JSON key file to the server (e.g., using scp) and reference its path here (e.g., GOOGLE_APPLICATION_CREDENTIALS=/path/to/your-firebase-key.json). Follow instructions provided with the AMI.
  • Any other specific environment variables indicated in the .env.template or by NomadicML.
Save the file and exit the editor (for nano, press Ctrl+X, then Y, then Enter).

d. Start DriveMonitor

The AMI should be configured with a simple command to start all necessary DriveMonitor services (Frontend, Backend, GPU Inference). As per the PDF, this is make start. 
make start
Or, if make is not used, there might be a specific script: 
./start_drivemonitor.sh
Please use the startup command provided by NomadicML for your specific AMI.

e. Wait for Services to Initialize

Wait a few minutes for all DriveMonitor services to start up for the first time. You can monitor logs if specified by NomadicML (e.g., tail -f /var/log/drivemonitor.log or docker-compose logs -f).

3. Access DriveMonitor

Once the services have started and you have configured your DNS for the DRIVEMONITOR_VPC_DOMAIN to point to the Elastic IP of your EC2 instance, you should be able to access your self-hosted DriveMonitor instance by navigating to your configured domain in a web browser (e.g., http://customer.app.nomadicml.com or https://... if SSL is configured). That’s it! You are now ready to use DriveMonitor.

Important Considerations

  • Network Security: Ensure your EC2 instance’s security group is configured to allow traffic only from trusted sources, especially for SSH (port 22). HTTP/HTTPS access should be restricted to your organization’s network if the application is not intended for public access.
  • .pem Key Security: Keep your .pem key file secure. Anyone with this key can access your EC2 instance.
  • Updates: Discuss the update process for the DriveMonitor application components (Frontend, Backend, GPU Inference models) with your NomadicML contact.
  • Monitoring & Logging: Set up appropriate monitoring and logging for your EC2 instance and the DriveMonitor application using AWS CloudWatch or other preferred tools.

Support

If you encounter any issues during the setup process, please contact NomadicML support at support@nomadicml.com or your designated NomadicML contact.