EC2 Setup

Configure self-hosting

1. Create EC2 (use security best practices)

Be sure to change the file permissions to 0600 or lower
for the .pem file:
sudo chmod 0600 ~/Downloads/name_of_file.pem

• Create Elastic IP and Associate EIP to EC2

Goal: SSH into instance

2. Create or Restore EBS Volume

• Create EBS Volume

  • Be sure to tag appropriately

• Restore EBS Volume

• Attach volume to EC2 instance

• (Optional): Increase disk size

• If you are using a newly created EBS Volume, you will have to format the disk approriately:

  1. SSH into instance
  2. Follow the instructions here: Using EBS Volumes
  3. Use sudo mkfs -t ext4 <location> in step 4
  4. Mount disk to /srv

Goal: Mount EBS volume to /srv

3. Provision Docker server

• Follow README & Run scripts: Prepare Self-Hosting System

Goal: CHT Application bootstraps and comes online

4. DNS configuration

• Point A records to Elastic IP given to Docker server

5. Review SSL certs

• Location of certs is /srv/settings/medic-core/nginx/private/
• Name the key file as default.key and the certificate file as default.crt
• Restarting nginx with new certs: svc-restart medic-core nginx

6. Configure couch2pg

• Basic configuration

7. Setup postgres to work with couch2pg

• Creating the database, setting up permissions, exploring the tables and what they store

8.Debugging couch2pg/postgres

• Understanding the log and what the entries mean

Troubleshooting

1. Restarting processes

• How to access container, retrieve logs, isolate security groups
• MedicOS service management scripts

2. Investigating logs

• Log into container
• Helpful docker commands
• Inside container, all appropriate logs can be found in: /srv/storage/<service_name>/logs/*.log

3.Upgrading the container

• Backup all data (EBS)
• Log into container and stop all services
• DO NOT REMOVE /srv/storage/medic-core/, /srv/settings/medic-core/couchdb/local.ini, wipe all other files in /srv [Note: Make script publicly accessibile]
• Change the image tag to the newest image release version
• Change image tag in docker-compose file
• Launch new containers with appropriate COUCHDB_ADMIN_PASSWORD & HA_PASSWORD environment variables

4.Upgrading the webapp

• Use Admin GUI page
• CLI via horticulturalist

4a. RDS help

• Amazon user guide

Restore from backup and monitoring

1. Configure backups

• EBS Snapshot Lifecycle Manager

2. Restoring from backup

• Create volume from snapshot
• Tag appropriately for backups
• Mount volume to docker server

3. Process supervison

• supvisorctl
• /boot/supervisor-inspect

4. Monitoring

• Cloudwatch

Own Infrastructure Setup

1. Team to set up own infrastructure based on best-practices and recommendations above

Related Content

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.