This guide will set up a production ready, highly available cluster of packagecloud:enterprise instances using only components within AWS.
AWS Components used:
Table of contents:
Route53 has a unique integration with Elastic Load Balancer that makes routing requests to our cluster a lot simpler. We recommend a Route53 even if you already have a domain you plan to use.
For this guide we'll be using the domain name my-pcloud.be
In order for the Amazon issued certificate to work, we need to click on the validation link that Amazon sends to the following addresses:
administrator@your_domain
hostmaster@your_domain
postmaster@your_domain
webmaster@your_domain
admin@your_domain
The easiest way to receive this email on a Route 53 domain is to temporarily setup AWS Workmail.
Configure your Route53 records to match the values desired by the AWS Workmail verification screen. Note that 'Hostname' field already contains your domain name, but the interface for Route53 already suffixes your domain for you. Ensure you only copy+paste up to your domain. For example:
Final result:
If all your Record sets were configured correctly, then you should see this:
Inside of AWS Workmail, add a user named hostmaster (this is the email that receives the validation email from the Certificate Manager)
Go to Organization Settings to get the login URL for your organization
Login as the hostmaster user with the password given above
After logging in, go back to the Certificate Manager, and resend the validation email
After hitting Resend, you should an email from Amazon Certificates
Open the email and approve the Certificate.
Now we have a working Domain and Certificate! Feel free to delete the AWS Workmail account and organization.
We're going to create a VPC with two subnets, since we'll be using a minimum of two availability zones. We will be using us-east-1d and us-east-1b.
Create the first subnet, on the 10.0.0.0/24 block:
Create the second subnet, in another availability zone from the first subnet, on the 10.0.1.0/24 block:
Final result should be two subnets in two different availability zones.
Note: Leave the database name blank, one will be created for you.
Make sure you click 'Add all the subnets' link to fill out the subnet/zone mapping:
Follow the guide for Single Node Setup paying special attention to the External Database, External Redis, and Session Secret options.
Configure the Security Group
If the site is not working, make sure the instances registered for that load balancer are healthy (this may take a few minutes). Amazon will only forward requests to healthy instances.