Skip to main content
This guide explains how to install an System in . For details about AWS concepts, see these pages: Ocient supports deployment in AWS for pilot or testing purposes, but this setup does not guarantee data durability. Stopping Amazon instances can result in permanent data loss. The steps for deploying an Ocient System in AWS are:
  1. Prepare AWS resources.
  2. Set up an initial instance.
  3. Create Amazon Machine Images (AMI) from the initial instance.
  4. Launch other instances.
  5. Follow the standard Ocient installation procedure.

Example Configuration

The table below shows the recommended instance types for each node type.
Node TypeInstance Type
Foundation Nodes (3)i3en.metal, i7ie.metal
Loader Nodes (1)i3en.metal, i7ie.metal
SQL Nodes (1)r5dn.metal, r6idn.metal
This diagram shows an example of an Ocient cluster in AWS. The EC2 nodes (SQL, Loader, and Foundation) are deployed within a single subnet of an Amazon . AWS assigns each type of node to a separate security group (sg1, sg2, sg3).
Virtual private cloud for loading data from an S3 bucket using a JDBC client

Prepare AWS Resources

Create and configure these AWS resources:
  • The VPC and subnets for the Ocient System.
  • Security groups to access the endpoints for each node type. For details about the network security configuration, see the Ocient Security Guide.
  • Identity and Access Management (IAM) roles.
If you are loading data from S3, the loader nodes require IAM access to an S3 bucket.

Node Setup (SQL Role) for Initial Instance

1

Launch Instance

Use this configuration for your AMI. Configuration steps differ depending on whether your setup uses a single-volume or multi-volume AMI.

Operating System (OS)

To set up the AMI, you can use any Ocient-supported OS (see Ocient System Requirements).Single-Volume AMIIf you use a single-volume AMI, specify this configuration:
  • Increase the root volume to 128GB or more.
Multi-Volume AMIIf you use a multi-volume AMI (e.g., CIS hardened RHEL 9), use this configuration:
  • Increase root volume to 30GB or more.
  • Increase Elastic Block Store (EBS) volume to 100GB or more.
This EBS volume supports key system directories in the image (/home, /var, /var/log, /var/log/audit, /var/tmp).
Instance TypeUse r5dn.metal or a similar instance type.Security GroupUse one or more security groups with these rules:
  • Allow SSH to the nodes.
  • Allow communication internally between nodes.
  • Allow access to SQL Node endpoints described in the Ocient Security Guide.
2

Access Shell

Connect to your instance using Secure Shell (SSH). For details, see Connect to your Linux instance using an SSH client.
3

Extend Logical Volume Manager (LVM) Volumes (Multi-Volume AMI Only)

This step applies only to multi-volume AMIs. If you are using a single-volume instance, skip this step.
If you use a multi-volume manager, extend the /home and /var LVM volumes and their filesystems to fill up the expanded EBS volumes. These actions expand the LVM volume and the contained file system to accommodate the Ocient package, logging, and metadata.These code examples show how to extend LVM volumes for a CIS 9 image.
Other AMI types might require different sizing. Contact Ocient support for the best sizing for your system for multi-volume instances.
ExampleResize the physical volumes of two drives to use their full capacity after expanding them (see Step 1).
Shell
sudo pvresize /dev/nvme0n1
sudo pvresize /dev/nvme1n1
Extend local volumes:
  • Add 66 percent of the available free space in vg-01 to the var_vol logical volume.
  • Add all (100 percent) of the remaining free space in vg-01 to the home_vol logical volume.
Shell
sudo lvextend -l +66%FREE /dev/vg-01/var_vol
sudo lvextend -l +100%FREE /dev/vg-01/home_vol
Extend the file system to use all available space on its underlying logical volume.
Shell
sudo xfs_growfs /home
sudo xfs_growfs /var
4

Update Packages

Update all your software packages to their latest versions and then reboot your instance.For RHEL-compatible systems, use this command.
Shell
sudo dnf update
For -compatible systems, use this command.
Shell
sudo apt update
Reboot after the update.
Shell
sudo reboot
5

Install the Ocient Package

Copy over the ocient RPM or DEB package and install it.For RHEL-compatible systems, use this command.
Shell
sudo dnf install ./ocient-RELEASE-XX.X.X-xxxxxxxxxxxxxx-x86_64.rpm
For Debian-compatible systems, use this command.
Shell
sudo apt install ./ocient-RELEASE-XX.X.X-xxxxxxxx.xxxxxx-xxxxxxxxxxxx-amd64.deb
6

Set Up Kernel Parameters

Use the ockernelparams utility to set up kernel parameters automatically, including the huge pages configuration. Repeat this step on other nodes.
Shell
sudo /opt/ocient/scripts/ockernelparams --node-role sql
Reboot the system for the parameters to take effect.
Shell
sudo reboot
Check that the local storage drive is attached to the uio or vfio driver after reboot (the Ocient package installs a service that runs on startup to do this).
Shell
sudo /opt/ocient/scripts/nvme-driver-util.sh
For examples of attaching drivers to the NVMe drives, see NVMe Drive Firmware Upgrade Process.
7

Configure the Firewall

If you are not using an OS-level firewall, skip this step.
If your base AMI includes a system firewall, you must configure rules that explicitly allow required network communication for your Ocient deployment. For details, see Ocient Security Guide.Required OS firewall rules:
  • Allow all necessary ports and protocols between Ocient nodes by:
    • Opening all TCP/UDP ports within the private network range (e.g., 10.0.0.0/16).
    • Or, allowing known Ocient ports.
  • Allow external access where needed by:
    • Enabling SSH access (port 22) from your administrator IP range.
    • Allowing client access to SQL endpoints (for example, port 13101 or as specified in your setup).
    • Opening any additional ports required for monitoring or management tools.
For a list of required ports, see Network Exposure and Firewall.

Create AMI

After your initial node is fully configured, you must replicate the setup process for the remaining nodes in your cluster. This action ensures consistency and allows for proper internal communication between nodes. For details about creating an AMI, see Creating an AMI from an Amazon EC2 Instance.

Set Up Remaining Nodes to Launch the Remaining Instances

Go through this process for each of your remaining nodes.
1

Set Up Parameters

Launch the remaining instances with these parameters:
  • AMI — Use the AMI created in the Node Setup (SQL Role) for Initial Instance step.
  • Instance Type — Use i3en.metal or an equivalent instance that:
    • Offers local NVMe SSDs for high-performance local storage.
    • Has high throughput and network bandwidth for internal cluster communication.
  • Security groups — Ensure these security rules are in place in the AWS security groups associated with the nodes:
    • Allow SSH to the nodes.
    • Allow internal communication between all Ocient nodes.
    • Allow access to endpoints described in the Ocient Security Guide.
2

Access Shell

Connect to your instance using Secure Shell (SSH). For details, see Connect to your Linux instance using an SSH client.
3

Set Up Kernel Parameters

Use the ockernelparams utility to set up kernel parameters automatically, including the hugepages parameters.This example specifies a Foundation Node foundation. Use a different node type as necessary.
Shell
sudo /opt/ocient/scripts/ockernelparams --node-role foundation

Bootstrap the Ocient System

Complete the bootstrapping process for your Ocient System. For details, see Node Bootstrapping Reference. Load Data Query Ocient
Last modified on May 27, 2026