The below steps are written down taking setup of prerelease environment as an example.
Setup Avni Postgresql Database RDS
- Make use of a 2-3 day old Production RDS Automatic snapshots to create a pre-release RDS instance. While configuring it ensure the following
- IMPORTANT: Use "t4g.small" type instance (2 cpu, 2 GB ram), it by default selects (m6.xlarge) which is extremely expensive
- Edit Network config and
- Assign Prerelease Security-groups (Add db-sg SGs in corresponding VPC)
- Enable auto-assign of public ip
- Assign only 20GB GP2 storage
Setup Avni Server EC2 instancer
- From the pre-release ec2-template launch a new instance. Use "t3.small" type instance (2 cpu, 2 GB ram). And enure Auto-assign public IP is enabled.
- Configure the above ec2 instance to include appropriate storage, network, Security-group, and CPU / RAM configuration
Setup Network, Routes and permissions
- create internet gateway, and add it as target in your VPC route table.
- create loadbalancer. setup SSL cert. Set target group to the EC2 instance.
- Create a route for DB (type is cname), ssh, and application using avniproject.org hosted zone. openchs.org is deprecated.
- create s3 bucket with existing bucket settings created for another env.
- create cognito user pool - there was no way to manua.
- Create necessary user, iam policy and roles for ec2, s3 bucket and cognito user pool.
Checklist for remaining setup (not detailed)
- setup avni-server
- setup avni-webapp
- set up rules server
- Clean up stale s3 entries in DB
- Create client pointing to pre-release
- APK creation
- login and test apk
- Share apk
Steps to setup avni-server, avni-client, avni-webapp, and rules-server with the above created AWS resources:
SSH in into pre-release server.
Include the following in .bash_profile file:
sudo vi ~/.bash_profile
run the above on the console as well
create newRelic and openchs folder
[ec2-user@ip-172-1-1-76 ~]$ sudo mkdir -p /opt/newrelic/
[ec2-user@ip-172-1-1-76 ~]$ chmod 777 /opt/newrelic/
chmod: changing permissions of ‘/opt/newrelic/’: Operation not permitted
[ec2-user@ip-172-1-1-76 ~]$ sudo chmod 777 /opt/newrelic/
[ec2-user@ip-172-1-1-76 ~]$ sudo mkdir -p /etc/openchs/
[ec2-user@ip-172-1-1-76 ~]$ sudo chmod 777 /etc/openchs/
[ec2-user@ip-172-1-1-76 ~]$ sudo vi /etc/openchs/openchs.conf
###paste pre-release openchs config from keeweb into this and save###
Copy new-relic file to server
scp newrelic.jar prerelease-server-openchs:/opt/newrelic/ newrelic.jar
Configure avni-server to use prerelease instead of prod for bugsnag
Trigger deploy of avni-server, ensure all deploy commands circle-ci config.yml of avni-server complete successfully (Triggering deploy will perform setup of the machine as required for backend app)
Once the avni-server backend app comes up, register the new instance as target in prerelease-openchs-load-balancer
Trigger deploy of avni-webapp, app should be soon available at https://prerelease.avniproject.org/#/admin/user/6352/show
(Triggering deploy will perform setup of the machine as required for web app)
Trigger deploy of rules-server (Triggering deploy will perform only initial setup of the machine as required for rules-server app)
Fix pm2 setup issue for rules-server:
a. Become rules user => sudo su - rules
b. Follow steps specified in https://medium.com/monstar-lab-bangladesh-engineering/deploying-node-js-apps-in-amazon-linux-with-pm2-7fc3ef5897bb
till it asks for running command
"sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemv -u rules --hp /home/rules"
c. sudo mkdir -p /etc/pm2deamon
d. sudo chmod 777 -R /etc/pm2deamon
e. Run, below command to start rules-server after replacing the placeholders $1 and $2:
sudo -H -u rules bash -c "cd /opt/rules-server && OPENCHS_UPLOAD_USER_USER_NAME=$1 OPENCHS_UPLOAD_USER_PASSWORD=$2 NODE_ENV=production pm2 start app.js --name rules-server --update-env"
Go to Avni-client and run :
make clean_all deps release_prerelease_without_clean upload-prerelease-apk
Output : Pre-release APK Available at [<https://s3.ap-south-1.amazonaws.com/samanvay/openchs/prerelease-apks/prerelease-436d-2022-12-19-20-38-35.apk>](🔗)
In-order to avoid S3 errors during avni-client sync, connect to the DB and run below commands:
update public.subject_type set icon_file_s3_key = null where icon_file_s3_key is not null;
update public.news set hero_image = null where hero_image is not null;
Create IAM policy and associate it with IAM_USER
- Create a IAM policy prerelease_iam_policy similar to prod_iam_policy, except that the S3 bucket is “prerelease-user-media”.
- Associate prerelease_iam_policy with prerelease_iam_user.
IMPORTANT: Never copy S3 content and specifically the Fast-sync files from Production to any other environment. When we apply the fast-sync, it modified the serverUrl, which will end up connecting our APK as client to Production environment.
To setup newrelic agent on the server, refer their documentation.
Update packages and install node and pm2:
sudo yum update -y
Install necessary dev tools:
sudo yum install -y gcc gcc-c++ make openssl-devel git
curl --silent --location https://rpm.nodesource.com/setup_10.x | sudo bash -
sudo yum install -y nodejs
sudo npm install pm2@latest -g
sudo yum install git
sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemv -u rules --hp /home/rules
Updated 4 months ago