Setup an Avni environment on AWS cloud
The below steps are written down taking setup of prerelease environment as an example.
Steps to setup the pre-release avni server on AWS
Setup Avni Postgresql Database RDS
- Make use of a 2-3 day old Production RDS Automatic snapshots to create a pre-release RDS instance. While configuring it ensure the following
- Use "t3-small" type instance (2 cpu, 2 GB ram)
- Edit Network config and
- Assign Prerelease Security-groups (Add db, rds, and pre-release SGs)
- Enable auto-assign of public ip
- Assign only 20GB GP2 storage
Setup Avni Server EC2 instancer
- From the pre-release ec2-template launch a new instance
- Configure the above ec2 instance to include appropriate storage, network, Security-group, and CPU / RAM configuration
Setup Network, Routes and permissions
- create internet gateway, and add it as target in your VPC route table.
- create loadbalancer. setup SSL cert. Set target group to the EC2 instance.
- Create a route for DB (type is cname), ssh, and application using avniproject.org hosted zone. openchs.org is deprecated.
- create s3 bucket with existing bucket settings created for another env.
- create cognito user pool - there was no way to manua.
- Create necessary user, iam policy and roles for ec2, s3 bucket and cognito user pool.
Checklist for remaining setup (not detailed)
- setup avni-server
- setup avni-webapp
- set up rules server
- Clean up stale s3 entries in DB
- Create client pointing to pre-release
- APK creation
- login and test apk
- Share apk
Steps to setup avni-server, avni-client, avni-webapp, and rules-server with the above created AWS resources:
SSH in into pre-release server.
Include the following in .bash_profile file:
sudo vi ~/.bash_profile
run the above on the console as well
create newRelic and openchs folder
[[email protected] ~]$ sudo mkdir -p /opt/newrelic/
[[email protected] ~]$ chmod 777 /opt/newrelic/
chmod: changing permissions of ‘/opt/newrelic/’: Operation not permitted
[[email protected] ~]$ sudo chmod 777 /opt/newrelic/
[[email protected] ~]$ sudo mkdir -p /etc/openchs/
[[email protected] ~]$ sudo chmod 777 /etc/openchs/
[[email protected] ~]$ sudo vi /etc/openchs/openchs.conf
###paste pre-release openchs config from keeweb into this and save###
Copy new-relic file to server
scp newrelic.jar prerelease-server-openchs:/opt/newrelic/ newrelic.jar
Configure avni-server to use prerelease instead of prod for bugsnag
Trigger deploy of avni-server, ensure all deploy commands circle-ci config.yml of avni-server complete successfully (Triggering deploy will perform setup of the machine as required for backend app)
Once the avni-server backend app comes up, register the new instance as target in prerelease-openchs-load-balancer
Trigger deploy of avni-webapp, app should be soon available at https://prerelease.avniproject.org/#/admin/user/6352/show
(Triggering deploy will perform setup of the machine as required for web app)
Trigger deploy of rules-server (Triggering deploy will perform only initial setup of the machine as required for rules-server app)
Fix pm2 setup issue for rules-server:
a. Become rules user => sudo su - rules
b. Follow steps specified in https://medium.com/monstar-lab-bangladesh-engineering/deploying-node-js-apps-in-amazon-linux-with-pm2-7fc3ef5897bb
till it asks for running command
"sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemv -u rules --hp /home/rules"
c. sudo mkdir -p /etc/pm2deamon
d. sudo chmod 777 -R /etc/pm2deamon
e. Run, below command to start rules-server after replacing the placeholders $1 and $2:
sudo -H -u rules bash -c "cd /opt/rules-server && OPENCHS_UPLOAD_USER_USER_NAME=$1 OPENCHS_UPLOAD_USER_PASSWORD=$2 NODE_ENV=production pm2 start app.js --name rules-server --update-env"
Go to Avni-client and run :
make clean_all deps release_prerelease_without_clean upload-prerelease-apk
Output : Pre-release APK Available at [<https://s3.ap-south-1.amazonaws.com/samanvay/openchs/prerelease-apks/prerelease-436d-2022-12-19-20-38-35.apk>](🔗)
In-order to avoid S3 errors during avni-client sync, connect to the DB and run below commands:
update public.subject_type set icon_file_s3_key = null where icon_file_s3_key is not null;
update public.news set hero_image = null where hero_image is not null;
Create IAM policy and associate it with IAM_USER
- Create a IAM policy prerelease_iam_policy similar to prod_iam_policy, except that the S3 bucket is “prerelease-user-media”.
- Associate prerelease_iam_policy with prerelease_iam_user.
To setup newrelic agent on the server, refer their documentation.
Reference steps to deploy node and pm2 on Amazon linux:
Update packages and install node and pm2:
sudo yum update -y
Install necessary dev tools:
sudo yum install -y gcc gcc-c++ make openssl-devel git
curl --silent --location https://rpm.nodesource.com/setup_10.x | sudo bash -
sudo yum install -y nodejs
sudo npm install [email protected] -g
sudo yum install git
sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemv -u rules --hp /home/rules
Updated 14 days ago