Bacalhau Docs
GithubSlackBlogEnterprise
  • Documentation
  • Use Cases
  • CLI & API
  • References
  • Community
  • Operators & Deployment
    • Deployment Guide
      • Setting Up a Cluster on Amazon Web Services (AWS) with Terraform 🚀
      • Setting Up a Cluster on Google Cloud Platform (GCP) With Terraform 🚀
      • Setting Up a Cluster on Azure with Terraform 🚀
      • Marketplace Deployments
        • Google Cloud Marketplace
  • Setting Up
    • Running Nodes
      • Node Onboarding
      • GPU Installation
      • Job selection policy
      • Access Management
      • Persistent State
      • Configuring Your Input Sources
      • Configuring Transport Level Security
      • Limits and Timeouts
      • Bacalhau WebUI
    • Workload Onboarding
      • Container
        • Docker Workload Onboarding
        • Bacalhau Docker Image
        • How To Work With Custom Containers in Bacalhau
        • Run CUDA programs on Bacalhau
      • WebAssembly (Wasm) Workloads
        • Running Rust programs as WebAssembly (WASM)
      • Python
        • Running a Python Script
    • Networking Instructions
      • Accessing the Internet from Jobs
    • GPU Workloads Setup
    • Automatic Update Checking
    • Node Management
    • Authentication & Authorization
    • Inter-Nodes TLS
    • Hardware Setup
  • Developer Resources
    • Running Locally In Devstack
  • Guides
    • Jobs Guide
      • Queuing
      • Labels and Constraints
    • Configuration Management
      • Write a config.yaml
  • Help & FAQ
    • Bacalhau FAQs
    • Glossary
Powered by GitBook
LogoLogo

Use Cases

  • Distributed ETL
  • Edge ML
  • Distributed Data Warehousing
  • Fleet Management

About Us

  • Who we are
  • What we value

News & Blog

  • Blog

Get Support

  • Request Enterprise Solutions

Expanso (2025). All Rights Reserved.

On this page
  • What You'll Build
  • Before You Start
  • Quick Setup Guide
  • Understanding the Configuration
  • Taking Your Cluster for a Test Drive
  • Troubleshooting Tips
  • Cleanup
  • Understanding the Directory Structure
  • Need Help?

Was this helpful?

Export as PDF
  1. Operators & Deployment
  2. Deployment Guide

Setting Up a Cluster on Amazon Web Services (AWS) with Terraform 🚀

PreviousDeployment GuideNextSetting Up a Cluster on Google Cloud Platform (GCP) With Terraform 🚀

Last updated 2 months ago

Was this helpful?

Welcome to the guide for setting up your own Bacalhau cluster across multiple AWS regions! This guide will walk you through creating a robust, distributed compute cluster that's perfect for running your Bacalhau workloads.

What You'll Build

Think of this as building your own distributed supercomputer! Your cluster will provision compute nodes spread across different AWS regions for global coverage.

Before You Start

You'll need a few things ready:

  • Terraform (version 1.0.0 or newer)

  • AWS CLI installed and configured

  • An active AWS account with appropriate permissions

  • Your AWS credentials configured

  • An SSH key pair for securely accessing your nodes

  • A Bacalhau network

Quick Setup Guide

  1. First, set up an orchestrator node. We recommend using for this! But you can always set up your own

  2. Create your environment configuration file:

    cp env.tfvars.example.json env.tfvars.json
  3. Fill in your AWS details in env.tfvars.json:

    {
        "app_name": "bacalhau",
        "app_tag": "bacalhau-cluster",
        "bacalhau_installation_id": "EXAMPLE-c5c1-44fd-a0f3-1b90488f1b68",
        "bacalhau_data_dir": "/bacalhau_data",
        "bacalhau_node_dir": "/bacalhau_node",
        "username": "bacalhau-runner",
        "public_key_path": "/path/to/your/.ssh/id_rsa.pub",
        "private_key_path": "/path/to/your/.ssh/id_rsa"
    }
  4. Configure your desired regions in locations.yaml. Here's an example (we have a full list of these in all_locations.yaml):

    - us-west-2:
        region: us-west-2
        zone: us-west-2a
        instance_type: t3.medium
        instance_ami: ami-07d9cf938edb0739b
        node_count: 1
    - eu-central-1:
        region: eu-central-1
        zone: eu-central-1a
        instance_type: t3.medium
        instance_ami: ami-0e54671bdf3c8ed8d
        node_count: 1

Make sure the AMI exists in the region you need it to! You can confirm this by executing the following command:

REGION=us-east-1
IMAGE_SUBSTRING=amzn2-ami-hvm
ARCH=x86_64
aws ec2 describe-images \
--region $REGION \
--filters "Name=name,Values=*$IMAGE_SUBSTRING*" "Name=architecture,Values=$ARCH" \
--query 'sort_by(Images, &CreationDate)[-10:].{AMI:ImageId, Name:Name, CreationDate:CreationDate}' \
--output table \
--no-cli-pager
  1. Update your Bacalhau config/config.yaml (the defaults are mostly fine, just update the Orchestrator, and Token lines):

NameProvider: puuid
API:
  Port: 1234
Compute:
  Enabled: true
  Orchestrators:
    - nats://EXAMPLE-6ed7-4d95-8871-b46153007057.us1.cloud.expanso.dev:4222
  Auth:
    Token: "EXAMPLE.EFukWVffnf5jb9QkpNnwfiBWEk3475csM7ysudpbFTzYBap5c7sWr6"
  TLS:
    RequireTLS: true
  AllowListedLocalPaths:
    - /bacalhau_data:rw
JobAdmissionControl:
  AcceptNetworkedJobs: true
  1. Deploy your cluster using the Python deployment script:

    ./deploy.py create

Understanding the Configuration

Why use a deployment script? Why not use Terraform directly?

Terraform on AWS requires switching to different workspaces when deploying to different availability zones. As a result, we had to setup a separate deploy.py script which switches to each workspace for you under the hood, to make it easier.

Core Configuration Files

  • env.tfvars.json: Your main configuration file containing AWS-specific settings`

  • locations.yaml: Defines which regions to deploy to and instance configurations

  • config/config.yaml: Bacalhau node configuration

Essential Settings in env.tfvars.json

  • app_name: Name for your cluster resources

  • app_tag: Tag for resource management

  • bacalhau_installation_id: Unique identifier for your cluster

  • username: SSH username for instances

  • public_key_path: Path to your SSH public key

  • private_key_path: Path to your SSH private key

  • bacalhau_config_file_path: Path to the config file for this compute node (should point at the orchestrator and have the right token)

Location Configuration (locations.yaml)

Each region entry requires:

  • region: AWS region (e.g., us-west-2)

  • zone: Availability zone (e.g., us-west-2a)

  • instance_type: EC2 instance type (e.g., t3.medium)

  • instance_ami: AMI ID for the region

  • node_count: Number of instances to deploy

Taking Your Cluster for a Test Drive

Once everything's up and running, let's make sure it works!

  1. Configure your Bacalhau client:

    bacalhau config set -c API.Host=<orchestrator-ip> # Should be the same orchestrator
                                                      # IP from your config.yaml
  2. List your compute nodes:

    bacalhau node list
  3. Run a test job:

    bacalhau docker run ubuntu echo "Hello from my cluster!"
  4. Check job status:

    bacalhau list

Troubleshooting Tips

Deployment Issues

  • Verify AWS credentials are properly configured:

    aws sts get-caller-identity
  • Check IAM permissions

  • Ensure you have quota available in target regions

Node Health Issues

  • SSH into a node:

    ssh -i ~/.ssh/id_rsa bacalhau-runner@<public-ip> # Or whatever username you set
  • Check Bacalhau service logs:

    journalctl -u bacalhau-startup.service
  • Check Docker container status:

    docker ps
    docker logs bacalhau-node-bacalhau-node-1

Network Issues

  • Verify security group rules (ports 22, 80, and 4222 should be open)

  • Check VPC and subnet configurations

  • Ensure internet gateway is properly attached

Common Solutions

  1. If nodes aren't joining the network:

    • Check NATS connection string in config.yaml

    • Verify security group allows port 4222

    • Ensure nodes can reach the orchestrator

  2. If jobs aren't running:

    • Check compute is enabled in node config

    • Verify Docker is running properly

    • Check available disk space

  3. If deployment fails:

    • Look for errors in Terraform output

    • Check AWS service quotas

    • Verify AMI availability in chosen regions

Cleanup

Remove all resources:

./deploy.py destroy

Monitoring

  • Check node health:

    curl http://<node-ip>/healthz

Understanding the Directory Structure

setting-up-bacalhau-with-terraform-on-AWS/
├── modules/
│   ├── instance/       # EC2 instance configuration
│   ├── network/        # VPC and subnet setup
│   ├── region/         # Region-specific resources
│   └── securityGroup/  # Security group rules
├── config/             # Bacalhau configuration
├── scripts/           # Deployment and utility scripts
├── locations.yaml     # Region definitions
└── env.tfvars.json    # Environment configuration

Need Help?

If you get stuck or have questions:

We're here to help you get your cluster running smoothly! 🌟

First, make sure you have the Bacalhau CLI installed. You can read more about installing the CLI .

Open an issue in our

Join our

here
GitHub repository
Slack
Expanso Cloud