https://pagure.io/centos-infra/issue/1641

As part of the DC move (see #1579) , we'll redesign how/where our infra is hosted and we'll use the hybrid cloud model, with kojihub and NFS storage still on prem (RH DC) but builders remotely connected to hub, while still isolated and not reachable from internet (and themselves having no route to go to internet)

The proposed plan to implement before the migration will happen :

• setup a new VPC in one region (to be defined but close to new RDU3 DC)
• ensuring a bastion/proxy can be initialized to reach isolated EC2 instances in that new VPC
• ensuring a zabbix proxy would be able to monitor "locally" that isolated infra (zabbix active proxy)
• deploy new aarch64/x86_64 EC2 instances that will be acting as koji builders for cbs.centos.org (not in `createrepo` channel as not able to touch NFS host)
• Configuring these through ansible group_vars to reach cbs kojihub through proxy in that VPC, and also same for scm proxy (git operations when fetching from git.centos.org and gitlab.com/CentOS)