Setup an Avni environment on AWS cloud
The below steps are written down taking setup of prerelease environment as an example.
Steps to setup the pre-release avni server on AWS
Setup Avni Postgresql Database RDS
- Make use of a 2-3 day old Production RDS Automatic snapshots to create a pre-release RDS instance. While configuring it ensure the following
- IMPORTANT: Use "t4g.small" type instance (2 cpu, 2 GB ram), it by default selects (m6.xlarge) which is extremely expensive
- Edit Network config and
- Assign Prerelease Security-groups (Add db-sg SGs in corresponding VPC)
- Enable auto-assign of public ip
- Assign only 20GB GP2 storage
Setup Avni Server EC2 instancer
- From the pre-release ec2-template launch a new instance. Use "t3.small" type instance (2 cpu, 2 GB ram). And enure Auto-assign public IP is enabled.
- Configure the above ec2 instance to include appropriate storage, network, Security-group, and CPU / RAM configuration
Setup Network, Routes and permissions
- create internet gateway, and add it as target in your VPC route table.
- create loadbalancer. setup SSL cert. Set target group to the EC2 instance.
- Create a route for DB (type is cname), ssh, and application using avniproject.org hosted zone. openchs.org is deprecated.
- create s3 bucket with existing bucket settings created for another env.
- create cognito user pool - there was no way to manua.
- Create necessary user, iam policy and roles for ec2, s3 bucket and cognito user pool.
Checklist for remaining setup (not detailed)
- setup avni-server
- setup avni-webapp
- set up rules server
- Clean up stale s3 entries in DB
- Create client pointing to pre-release
- APK creation
- login and test apk
- Share apk
Steps to setup avni-server, avni-client, avni-webapp, and rules-server with the above created AWS resources:
-
SSH in into pre-release server.
Include the following in .bash_profile file:
sudo vi ~/.bash_profile
export LANG=en_US.UTF-8
export LANGUAGE=en_US.UTF-8
export LC_COLLATE=C
export LC_CTYPE=en_US.UTF-8 -
run the above on the console as well
-
create newRelic and openchs folder
[ec2-user@ip-172-1-1-76 ~]$ sudo mkdir -p /opt/newrelic/
[ec2-user@ip-172-1-1-76 ~]$ chmod 777 /opt/newrelic/
chmod: changing permissions of β/opt/newrelic/β: Operation not permitted
[ec2-user@ip-172-1-1-76 ~]$ sudo chmod 777 /opt/newrelic/
[ec2-user@ip-172-1-1-76 ~]$ sudo mkdir -p /etc/openchs/
[ec2-user@ip-172-1-1-76 ~]$ sudo chmod 777 /etc/openchs/
[ec2-user@ip-172-1-1-76 ~]$ sudo vi /etc/openchs/openchs.conf
###paste pre-release openchs config from keeweb into this and save### -
Copy new-relic file to server
scp newrelic.jar prerelease-server-openchs:/opt/newrelic/ newrelic.jar
-
Configure avni-server to use prerelease instead of prod for bugsnag
-
Trigger deploy of avni-server, ensure all deploy commands circle-ci config.yml of avni-server complete successfully (Triggering deploy will perform setup of the machine as required for backend app)
-
Once the avni-server backend app comes up, register the new instance as target in prerelease-openchs-load-balancer
-
Trigger deploy of avni-webapp, app should be soon available at https://prerelease.avniproject.org/#/admin/user/6352/show
(Triggering deploy will perform setup of the machine as required for web app) -
Trigger deploy of rules-server (Triggering deploy will perform only initial setup of the machine as required for rules-server app)
-
Fix pm2 setup issue for rules-server:
a. Become rules user => sudo su - rules
b. Follow steps specified in https://medium.com/monstar-lab-bangladesh-engineering/deploying-node-js-apps-in-amazon-linux-with-pm2-7fc3ef5897bb
till it asks for running command
"sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemv -u rules --hp /home/rules"
c. sudo mkdir -p /etc/pm2deamon
d. sudo chmod 777 -R /etc/pm2deamon
e. Run, below command to start rules-server after replacing the placeholders $1 and $2:sudo -H -u rules bash -c "cd /opt/rules-server && OPENCHS_UPLOAD_USER_USER_NAME=$1 OPENCHS_UPLOAD_USER_PASSWORD=$2 NODE_ENV=production pm2 start app.js --name rules-server --update-env"
-
Go to Avni-client and run :
make clean_all deps release_prerelease_without_clean upload-prerelease-apk
Output : Pre-release APK Available at [<https://s3.ap-south-1.amazonaws.com/samanvay/openchs/prerelease-apks/prerelease-436d-2022-12-19-20-38-35.apk>](π)
-
In-order to avoid S3 errors during avni-client sync, connect to the DB and run below commands:
update public.subject_type set icon_file_s3_key = null where icon_file_s3_key is not null;
update public.news set hero_image = null where hero_image is not null;
-
Create IAM policy and associate it with IAM_USER
- Create a IAM policy prerelease_iam_policy similar to prod_iam_policy, except that the S3 bucket is βprerelease-user-mediaβ.
- Associate prerelease_iam_policy with prerelease_iam_user.
-
IMPORTANT: Never copy S3 content and specifically the Fast-sync files from Production to any other environment. When we apply the fast-sync, it modified the serverUrl, which will end up connecting our APK as client to Production environment.
-
To setup newrelic agent on the server, refer their documentation.
Reference steps to deploy node and pm2 on Amazon linux:
Update packages and install node and pm2:
sudo yum update -y
Install necessary dev tools:
sudo yum install -y gcc gcc-c++ make openssl-devel git
Install Node.js:
curl --silent --location https://rpm.nodesource.com/setup_10.x | sudo bash -
sudo yum install -y nodejs
Install pm2:
sudo npm install pm2@latest -gInstall git:
sudo yum install git
Setup env:
sudo env PATH=$PATH:/usr/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemv -u rules --hp /home/rules
Updated 4 months ago