Skip to content

Latest commit

 

History

History
61 lines (40 loc) · 2.76 KB

README.md

File metadata and controls

61 lines (40 loc) · 2.76 KB

ec2

This section guides you through setting up client configuration and building tools to deploy Orca directly onto an EC2 instance.

Managing your own EC2 instance "manually" will use certificates issued by Let's Encrypt.

Note

  • Pro: No additional costs, other than the EC2 instance and data transfer.
  • Con: More complex setup.

Usage

  1. Launch an EC2 instance configured as follows:
  • Choose an instance of type Amazon Linux 2023 AMI (e.g.: ami-0fc3317b37c1269d3).

  • Pick a preconfigured Security Group that opens HTTP (:80/tcp), HTTPS (:443/tcp) and SSH (:22/tcp).

    • Also ensure that [::]:80, [::]:443 and [::]:22 are open, for IPv6 support.
  • Grant it the ec2-orca-install IAM Role that allows:

    Policy Service Reason
    AmazonEC2ReadOnlyAccess EC2 List instance tags
    AmazonS3ReadOnlyAccess S3 Get client-specific configuration
    AmazonEC2ContainerRegistryReadOnly ECR Access Orca's docker container
  1. Create the DNS record for <client id>.orca-solution.com pointing to the right instance (use an Elastic IP).

  2. Set the expected environment variables:

    • Edit the configuration template
    • Upload it as <client id>.conf in the orca-clients S3 bucket (arn:aws:s3:::orca-clients).
  3. Connect onto the machine and install the latest release via the setup script on master branch:

    ssh -i /path/to/key.pem ec2-user@<client-id>.orca-solution.com
    bash <(curl -s https://raw.githubusercontent.com/ccjmne/orca-deploy/pre-revamp/ec2/utils/deploy.sh)

Tip

Ensure the DNS records have properly propagated before proceeding to step 4.

Update Orca

Use the update.sh script installed during the deployment in your home directory (/home/ec2-user) as follows:

./update.sh <version>

Where <version> corresponds to a tag for our web app's Docker container and defaults to latest.

Create new versions of the setup script

Create a new release on GitHub and upload the setup.tar.gz archive as an asset, generated as follows:

tar --directory setup -czvf setup.tar.gz .