NVIDIA · ArangoGutierrez · Jul 30, 2025 · Jul 21, 2025 · Jul 23, 2025 · Jul 23, 2025
@@ -65,7 +65,7 @@ type Instance struct {
 	Region string `json:"region"`
 
 	// +optional
-	IngresIpRanges []string `json:"ingressIpRanges"`
+	IngressIpRanges []string `json:"ingressIpRanges"`
 	// +optional
 	HostUrl string `json:"hostUrl"`
 }

@@ -17,8 +17,10 @@
 package create
 
 import (
+	"bufio"
 	"fmt"
 	"os"
+	"strings"
 
 	"github.com/NVIDIA/holodeck/api/holodeck/v1alpha1"
 	"github.com/NVIDIA/holodeck/internal/instances"
@@ -167,14 +169,72 @@ func (m command) run(c *cli.Context, opts *options) error {
 	if opts.provision {
 		err := runProvision(m.log, opts)
 		if err != nil {
-			return fmt.Errorf("failed to provision: %v", err)
+			// Handle provisioning failure with user interaction
+			return m.handleProvisionFailure(instanceID, opts.cachePath, err)
 		}
 	}
 
 	m.log.Info("\nCreated instance %s", instanceID)
 	return nil
 }
 
+func (m *command) handleProvisionFailure(instanceID, cachePath string, provisionErr error) error {
+	m.log.Info("\n❌ Provisioning failed: %v\n", provisionErr)
+
+	// Check if we're in a non-interactive environment
+	if os.Getenv("CI") == "true" || os.Getenv("HOLODECK_NONINTERACTIVE") == "true" {
+		m.log.Info("\n💡 To clean up the failed instance, run:")
+		m.log.Info("    holodeck delete %s\n", instanceID)
+		m.log.Info("💡 To list all instances:")
+		m.log.Info("    holodeck list\n")
+		return fmt.Errorf("provisioning failed: %w", provisionErr)
+	}
+
+	// Ask user if they want to delete the failed instance
+	reader := bufio.NewReader(os.Stdin)
+	m.log.Info("\n❓ Would you like to delete the failed instance? (y/N): ")
+
+	response, err := reader.ReadString('\n')
+	if err != nil {
+		m.log.Info("Failed to read user input: %v", err)
+		return m.provideCleanupInstructions(instanceID, provisionErr)
+	}
+
+	response = strings.TrimSpace(strings.ToLower(response))
+
+	if response == "y" || response == "yes" {
+		// Delete the instance
+		manager := instances.NewManager(m.log, cachePath)
+		if err := manager.DeleteInstance(instanceID); err != nil {
+			m.log.Info("Failed to delete instance: %v", err)
+			return m.provideCleanupInstructions(instanceID, provisionErr)
+		}
+
+		m.log.Info("✅ Successfully deleted failed instance %s\n", instanceID)
+		return fmt.Errorf("provisioning failed and instance was deleted: %w", provisionErr)
+	}
+
+	return m.provideCleanupInstructions(instanceID, provisionErr)
+}
+
+func (m *command) provideCleanupInstructions(instanceID string, provisionErr error) error {
+	m.log.Info("\n💡 The instance was created but provisioning failed.")
+	m.log.Info("   You can manually investigate or clean up using the following commands:\n")
+	m.log.Info("   To delete this specific instance:")
+	m.log.Info("     holodeck delete %s\n", instanceID)
+	m.log.Info("   To list all instances:")
+	m.log.Info("     holodeck list\n")
+	m.log.Info("   To see instance details:")
+	m.log.Info("     holodeck status %s\n", instanceID)
+
+	m.log.Info("\n💡 Additional debugging tips:")
+	m.log.Info("   - Review the provisioning logs above for specific errors")
+	m.log.Info("   - Check cloud provider console for instance status")
+	m.log.Info("   - SSH into the instance to investigate further")
+
+	return fmt.Errorf("provisioning failed: %w", provisionErr)
+}
+
 func runProvision(log *logger.FunLogger, opts *options) error {
 	var hostUrl string
 

@@ -66,7 +66,7 @@ Examples:
   holodeck status <instance-id>
 
   # Delete an environment
-  holodeck delete -i <instance-id>
+  holodeck delete <instance-id>
 
   # Use a custom cache directory
   holodeck --cachepath /path/to/cache create -f env.yaml`

@@ -15,6 +15,8 @@ get started, use, and contribute to Holodeck.
     including coding standards and PR process.
 - [Examples](examples/README.md): Example configuration files and usage scenarios.
 - [Guides](guides/README.md): In-depth guides and tutorials for advanced usage.
+- [IP Detection Guide](guides/ip-detection.md): Learn about automatic IP
+    detection for AWS environments.
 - [Latest Release](https://github.com/NVIDIA/holodeck/releases/latest)
 
 ---

@@ -56,6 +56,56 @@ spec:
     version: v1.28.5
 ```
 
+## Automated IP Detection
+
+Holodeck now automatically detects your public IP address when creating AWS
+environments. This eliminates the need to manually specify your IP address in
+the configuration file.
+
+### How It Works
+
+- **Automatic Detection**: Your public IP is automatically detected using
+  reliable HTTP services
+- **Fallback Services**: Multiple IP detection services ensure reliability
+  (ipify.org, ifconfig.me, icanhazip.com, ident.me)
+- **Proper CIDR Format**: IP addresses are automatically formatted with
+  `/32` suffix for AWS compatibility
+- **Timeout Protection**: 15-second overall timeout with 5-second
+  per-service timeout
+
+### Configuration
+
+The `ingressIpRanges` field in your configuration is now optional for AWS environments:
+
+```yaml
+spec:
+  provider: aws
+  instance:
+    type: g4dn.xlarge
+    region: us-west-2
+    # ingressIpRanges is now optional - your IP is detected automatically
+    # ingressIpRanges:
+    #   - "192.168.1.1/32"  # Only needed for additional IP ranges
+```
+
+### Manual IP Override
+
+If you need to specify additional IP ranges or override the automatic
+detection, you can still use the `ingressIpRanges` field:
+
+```yaml
+spec:
+  provider: aws
+  instance:
+    type: g4dn.xlarge
+    region: us-west-2
+    ingressIpRanges:
+      - "10.0.0.0/8"      # Corporate network
+      - "172.16.0.0/12"   # Additional network
+```
+
+Your detected public IP will be automatically added to the security group rules.
+
 ## Sample Output
 
 ```text
@@ -68,6 +118,8 @@ Created instance 123e4567-e89b-12d3-a456-426614174000
   invalid.
 - `failed to provision: ...` — Provisioning failed due to a configuration or
   provider error.
+- `error getting IP address: ...` — IP detection failed (check network
+  connectivity to IP detection services).
 - `Created instance <instance-id>` — Success log after creation.
 
 ## Supported NVIDIA Driver Versions

@@ -51,6 +51,44 @@ A sample kind cluster configuration for use with the kind installer.
 
 ---
 
+## Updated AWS Examples
+
+The example configurations now show that `ingressIpRanges` is optional:
+
+**File:** [`examples/aws_kubeadm.yaml`](../../examples/aws_kubeadm.yaml)
+
+```yaml
+spec:
+  provider: aws
+  instance:
+    type: g4dn.xlarge
+    region: us-west-2
+    # ingressIpRanges is now optional - your IP is detected automatically
+    image:
+      architecture: amd64
+```
+
+**File:** [`examples/aws_kind.yaml`](../../examples/aws_kind.yaml)
+
+```yaml
+spec:
+  provider: aws
+  instance:
+    type: g4dn.xlarge
+    region: eu-north-1
+    # ingressIpRanges is now optional - your IP is detected automatically
+    image:
+      architecture: amd64
+```
+
+### Benefits of Automated IP Detection
+
+- **Simplified Configuration**: No need to manually find and specify your
+  public IP
+- **Dynamic IP Support**: Works with changing IP addresses (DHCP, mobile networks)
+- **Reduced Errors**: Eliminates "CIDR block malformed" errors
+- **Better Security**: Ensures only your current public IP has access
+
 ## How to Use These Examples
 
 1. Copy the desired YAML file to your working directory (optional).

@@ -2,9 +2,12 @@
 
 This section is for in-depth guides and tutorials related to Holodeck.
 
-- If you are looking for step-by-step instructions or advanced usage, guides
-    will be listed here as they are added.
-- To contribute a guide, simply add a new Markdown file to this folder and
-    update this README with a link.
+## Available Guides
 
-*No guides are available yet. Stay tuned!*
+- [IP Detection Guide](ip-detection.md): Learn about automatic IP detection for
+    AWS environments, including configuration, troubleshooting, and best practices.
+
+## Contributing
+
+To contribute a guide, simply add a new Markdown file to this folder and
+update this README with a link.
@@ -0,0 +1,126 @@
+# IP Detection Guide
+
+## Overview
+
+Holodeck automatically detects your public IP address when creating AWS
+environments, eliminating the need to manually configure security group rules.
+
+## How It Works
+
+### Detection Process
+
+1. **Service Priority**: Tries multiple IP detection services in order
+1. **Fallback Strategy**: If one service fails, automatically tries the next
+1. **Validation**: Ensures detected IP is a valid public IPv4 address
+1. **CIDR Formatting**: Automatically adds `/32` suffix for AWS compatibility
+
+### Supported Services
+
+- `https://api.ipify.org?format=text` (Primary)
+- `https://ifconfig.me/ip` (Fallback 1)
+- `https://icanhazip.com` (Fallback 2)
+- `https://ident.me` (Fallback 3)
+
+### Timeout Configuration
+
+- **Overall Timeout**: 15 seconds
+- **Per-Service Timeout**: 5 seconds
+- **Context Support**: Proper cancellation and timeout handling
+
+## Configuration Examples
+
+### Basic Usage (Recommended)
+
+```yaml
+apiVersion: holodeck.nvidia.com/v1alpha1
+kind: Environment
+metadata:
+  name: my-environment
+spec:
+  provider: aws
+  instance:
+    type: g4dn.xlarge
+    region: us-west-2
+    # No ingressIpRanges needed - IP detected automatically
+```
+
+### With Additional IP Ranges
+
+```yaml
+apiVersion: holodeck.nvidia.com/v1alpha1
+kind: Environment
+metadata:
+  name: my-environment
+spec:
+  provider: aws
+  instance:
+    type: g4dn.xlarge
+    region: us-west-2
+    ingressIpRanges:
+      - "10.0.0.0/8"      # Corporate network
+      - "172.16.0.0/12"   # Additional network
+    # Your detected IP will be automatically added
+```
+
+## Troubleshooting
+
+### Common Issues
+
+1. **Network Connectivity**: Ensure outbound internet access to IP detection services
+1. **Firewall Rules**: Corporate firewalls may block IP detection services
+1. **Proxy Configuration**: Proxy settings may affect IP detection
+
+### Manual Override
+
+If automatic detection fails, you can manually specify your IP:
+
+```yaml
+spec:
+  provider: aws
+  instance:
+    type: g4dn.xlarge
+    region: us-west-2
+    ingressIpRanges:
+      - "YOUR_PUBLIC_IP/32"  # Replace with your actual public IP
+```
+
+### Debugging
+
+To debug IP detection issues:
+
+```bash
+# Test IP detection manually
+curl https://api.ipify.org?format=text
+curl https://ifconfig.me/ip
+curl https://icanhazip.com
+curl https://ident.me
+```
+
+## Security Considerations
+
+### IP Validation
+
+The system validates that detected IPs are:
+
+- Valid IPv4 addresses
+- Public (not private, loopback, or link-local)
+- Properly formatted for AWS security groups
+
+### Network Security
+
+- Only your current public IP is granted access
+- Additional IP ranges can be specified manually
+- Security group rules are automatically configured
+
+## Best Practices
+
+1. **Use Automatic Detection**: Let Holodeck handle IP detection automatically
+1. **Specify Additional Ranges**: Use `ingressIpRanges` only for additional networks
+1. **Test Connectivity**: Verify access to IP detection services in your environment
+1. **Monitor Changes**: Be aware that your public IP may change (DHCP, mobile networks)
+
+## Related Documentation
+
+- [Create Command](../commands/create.md#automated-ip-detection)
+- [Prerequisites](../prerequisites.md#network-requirements)
+- [Examples](../../examples/README.md#updated-aws-examples)
@@ -73,9 +73,11 @@ spec:
 
 ## Network Requirements
 
-- Outbound internet access for package downloads
-- Appropriate security group rules for your use case
-- VPC configuration if using AWS provider
+- **Outbound Internet Access**: Required for package downloads and IP detection
+- **IP Detection Services**: Access to public IP detection services
+  (ipify.org, ifconfig.me, icanhazip.com, ident.me)
+- **Security Group Rules**: Automatically configured for your detected public IP
+- **VPC Configuration**: Automatically configured if using AWS provider
 
 ## GPU & Driver Requirements