This guide covers the deployment of a Veramo Cloud Agent to AWS using Elastic Container Registry (ECR), Elastic Container Service (ECS), and Relational Database Service (RDS). We will also show how to use a GitHub action to automate building an image, pushing to your container repository, and deploying to the ECS cluster. This setup can be done either through the AWS Console UI or through the CLI
- AWS Account
- AWS CLI Installed and configured with appropriate permissions (link)
Create ECR Repository
This can be done either through the console or the AWS CLI:
Which should output something like this:
Push the image to ECR
The following steps can also be found in the AWS Console under "View Push Commands", and those will already have the correct region and URL values for your registry. The commands below will need to be updated with your own values.
- Retrieve an authentication token and authenticate your Docker client to your registry.
- Build your Docker image
- After the build completes, tag your image:
- Run the following command to push this image to your newly created AWS repository:
Create the database
Next, go to the RDS console for your region to create the Postgres database that we'll be connecting to.
- Choose Postgres for the Database type
- Take note of the user/pass combo you enter - we'll need that later on.
- After creating the databse, also take note of the generated URL.
Create ECS Cluster
- Go to the ECS console and choose your region
- Go to clusters and click "Create Cluster"
- Choose EC2 Linux + Networking then click "Next"
- In the next screen, "Configure Cluster":
- Give your cluster a name
- Choose an instance type appropriate to your needs. Here, I'm going with m4.large
- Its useful to add a keypair for accessing the instance directly for debugging purposes.
- For the remaining fields, the defaults should be fine for most cases.
- Note: You may want to add a keypair so you'll be able to SSH into the instance for debugging purposes.
Once that is done, click "View Cluster". We'll need to get the public URL for our next step.
- Click view cluster
- Go to the ECS Instances Tab
- Click the container instance and copy public DNS value.
Create ECS Task
In the ECS Console, choose Task Definitions from the left menu and click "Create".
Choose EC2 Launch Type
c. Pay special attention to the environment variables section. This is where important details are passed to the container. Also note that if the DB username or password contain special characters, they will need to be URL encoded.
Create ECS Service
With the cluster defined, and the task definition configured, the last step is to add a service to run the task.
- Go to the cluster and click Create under the Services tab:
- In the next screen, give your service a name, and for simplicity, choose Daemon for the service type which will make it easier to update the service with a GitHub Action.
Note: Adding a load balancer is optional, but not necessary. The aim for this guide was to keep things fairly simple, but you can add a load balancer here if that fits your project's requirements.
Once the service is running, go to the URL for your instance and you should see the default Veramo page containing links to the DID doc, API Docs, and API Schema. Congrats! You're up and running.
One advantage of using ECS is that is quite straightforward to trigger an update using a Github Action and following these steps, beginning with 3: Store your Amazon ECS task definition as a JSON file in your GitHub repository.