Skip to main content
Version: 1.14.0

5. Usage of AWS (Amazon Web Services)

5.1 System Requirements

  • An AWS account with administrative privileges and a service quota value of L-1216C47A > 40.
  • Ubuntu >= 20.04
  • Docker >= 20.10 installed without the need to use the sudo command (https://docs.docker.com/engine/install/linux-postinstall)
  • Python >= 3.8
  • Helm >= 3.10.3
  • Eksctl >= 0.137
  • Kubectl >= 1.23
  • Aws-cli >= 2.11 configured with the command 'aws configure'.

5.2 Configuration

Move the face_sdk.lic license file (attached to the email) to the setup folder.

Next, open the following configuration files using a text editor and set the environment variables.

  • ./cfg/aws.settings.cfg: aws_account_id (consisting only of numbers).
  • ./cfg/license-server.settings.cfg: license_key.
  • ./cfg/platform.secrets.json: fill in license-secret.key and change passwords.
  • ./cfg/platform.values.yaml: enable_hpa - "1", enable_node_selector - "1", enable_resource_management - "1", postgres.enable - "0".
  • ./cfg/image-api.values.yaml: processing.enable_hpa - "1", processing.enable_node_selector - "1", processing.enable_resource_management - "1").

Save changes to files.

5.3 Deployment

To deploy OMNI Platform on AWS, follow the steps below:

  1. Load images
$ ./cli.sh generic load-images
  1. Create a managed Kubernetes cluster
$ ./cli.sh aws eks create
  1. Fetch the cluster configuration
$ ./cli.sh aws eks fetch-config
  1. Create an OIDC for an EKS Cluster
$ ./cli.sh aws eks oidc create
  1. Create a policy and role for autoscaling
$ ./cli.sh aws eks autoscaler create-policy-role
  1. Install autoscaling
$ ./cli.sh aws eks autoscaler install
  1. Creating an RDS PostgreSQL database instance
$ ./cli.sh aws eks rds create
  1. Get the address of an RDS instance
$ ./cli.sh aws eks rds get-address

Make sure that the EC2 instance is ready in the console. If the value is 'None', then the RDS instance has not yet been initialized. After getting the address, put it in { postgres.host } in the ./cfg/platform.values.yaml file. Initialization usually takes about 10 minutes.

  1. Create ECR repositories
$ ./cli.sh aws ecr create
  1. Log into the ECR registry
$ ./cli.sh aws ecr login
  1. Send images to the ECR registry
$ ./cli.sh aws ecr push
  1. Create a key pair for EC2
$ ./cli.sh aws eks ec2 create-key-pair
  1. Create an EC2 instance in VPC EKS
$ ./cli.sh aws eks ec2 create
  1. Get a public EC2 address
$ ./cli.sh aws eks ec2 get-public-address

Paste the address into { <license_server_address> } in the ./cfg/license-server.settings.cfg file.

  1. Get a private EC2 address
$ ./cli.sh aws eks ec2 get-private-address

Paste the address into { <license_server_address> } in the ./cfg/platform.secrets.json file.

  1. Install the metrics server
$ ./cli.sh aws eks metric-server install
  1. Install the AWS Login Controller
$ ./cli.sh aws eks ingress install
  1. Get the address of the load balancer
$ ./cli.sh aws eks ingress get-address

Paste the address into { ingress.rules.gateway.host } in the ./cfg/platform.values.yaml file.

  1. Get the container registry address
$ ./cli.sh aws ecr get-address

Paste the address into ./cfg/platform.values.yaml, ./cfg/image-api.values.yaml in the registry field.

  1. Check the connection to the virtual machine and add it to the list of known hosts
$ ./cli.sh aws eks ec2 connect
  1. Install the license server
$ ./cli.sh license-server install

Make sure that the EC2 instance is ready in the AWS console. The user is "ubuntu". Select the "PEM certificate" option.

  1. Activate the license server
$ ./cli.sh license-server activate
  1. Install Kubernetes secrets in a cluster
$ ./cli.sh platform install-secrets
  1. Install image-api
$ ./cli.sh image-api install
  1. Install platform
$ ./cli.sh platform install

The platform is available at the address of the load balancer. The login credentials are in the platform user secret ./cfg/platform.secrets.json.

5.4 Testing

Run the platform integration test:

$ ./cli.sh platform test - <platform_url> <platform_user_email>

Replace <platform_url> with the platform URL and <platform_user_email> with the user email.

Run image-api integration test:

$ ./cli.sh image-api test - <image_api_url>

Replace <image_api_url> with the image-api URL.

note

To get access to Image API, you need to set the value of ingress.host=<public_host> in the ./cfg/image-api.values.yaml file.