Skip to main content
Version: 1.16.2

Usage of AWS (Amazon Web Services)

System requirements

  • An AWS account with administrative privileges and a service quota value of L-1216C47A > 40
  • Ubuntu >= 20.04
  • Docker >= 20.10 installed without the need to use the sudo command (https://docs.docker.com/engine/install/linux-postinstall)
  • Python >= 3.8
  • Helm >= 3.10.3
  • Eksctl >= 0.137
  • Kubectl >= 1.23
  • Aws-cli >= 2.11 configured with the command aws configure
  • sshpass 1.06 <=

Configuration

Move the face_sdk.lic license file (attached to the email) to the setup folder.

Next, open the following configuration files using a text editor and set the environment variables.

  • ./cfg/aws.settings.cfg: aws_account_id (consisting only of numbers)
  • ./cfg/license-server.settings.cfg: license_key
  • ./cfg/platform.secrets.json: fill in license-secret.key and change passwords
  • ./cfg/platform.values.yaml: enable_hpa – "1", enable_node_selector – "1", enable_resource_management – "1", postgres.enable – "0"
  • ./cfg/image-api.values.yaml: processing.enable_hpa – "1", processing.enable_node_selector – "1", processing.enable_resource_management – "1"
Attention

Ensure that the username and password specified in the postgres-root-credentials field of the platform.secrets.json file are the same as the username and password in the rds_root_username and rds_root_password fields of the aws.settings file .cfg.

Save changes to files.

Deployment

  1. Load images.

    ./cli.sh generic load-images
  2. Create ECR repositories.

    ./cli.sh aws ecr create
  3. Log into the ECR registry.

    ./cli.sh aws ecr login
  4. Send images to the ECR registry.

    ./cli.sh aws ecr push
  5. Create a managed Kubernetes cluster.

    ./cli.sh aws eks create
  6. Fetch the cluster configuration.

    ./cli.sh aws eks fetch-config
  7. Create an OIDC for an EKS Cluster.

    ./cli.sh aws eks oidc create
  8. Create a policy and role for autoscaling.

    ./cli.sh aws eks autoscaler create-policy-role
  9. Install autoscaling.

    ./cli.sh aws eks autoscaler install
  10. Creating an RDS PostgreSQL database instance.

    ./cli.sh aws eks rds create
  11. Get the address of an RDS instance.

    ./cli.sh aws eks rds get-address

    Make sure that the EC2 instance is ready in the console. If the value is 'None', then the RDS instance has not yet been initialized. After getting the address, put it in { postgres.host } in the ./cfg/platform.values.yaml file. Initialization usually takes about 10 minutes.

  12. Create a key pair for EC2.

    ./cli.sh aws eks ec2 create-key-pair
  13. Create an EC2 instance in VPC EKS.

    ./cli.sh aws eks ec2 create
  14. Get a public EC2 address.

    ./cli.sh aws eks ec2 get-public-address

    Paste the address into { <license_server_address> } in the ./cfg/license-server.settings.cfg file.

  15. Get a private EC2 address.

    ./cli.sh aws eks ec2 get-private-address

    Paste the address into { <license_server_address> } in the ./cfg/platform.secrets.json file.

  16. Install the metrics server.

    ./cli.sh aws eks metric-server install
  17. Install the AWS Login Controller.

    ./cli.sh aws eks ingress install
  18. Get the address of the load balancer.

    ./cli.sh aws eks ingress get-address

    Paste the address into { ingress.rules.gateway.host } in the ./cfg/platform.values.yaml file and into { ingress.host } in the ./cfg/image-api.values.yaml file .

  19. Get the container registry address.

    ./cli.sh aws ecr get-address

    Paste the address into ./cfg/platform.values.yaml, ./cfg/image-api.values.yaml in the registry field.

  20. Check the connection to the virtual machine and add it to the list of known hosts.

    ./cli.sh aws eks ec2 connect
  21. Install the license server.

    ./cli.sh license-server install

    Make sure that the EC2 instance is ready in the AWS console. The user is "ubuntu". Select the "PEM certificate" option.

  22. Activate the license server.

    ./cli.sh license-server activate
  23. Install Kubernetes secrets in a cluster.

    ./cli.sh platform install-secrets
  24. Install image-api.

    ./cli.sh image-api install
  25. Install platform.

    ./cli.sh platform install
  26. To monitor the deployment progress, open another terminal tab and enter the following command:

    watch 'kubectl get pods'
    OMNI Platform is running if all pods have the Running status.

The platform is available at the address of the load balancer. The login credentials are in the platform user secret ./cfg/platform.secrets.json.

Testing

Run the platform integration test:

./cli.sh platform test - <platform_url> <platform_user_email>

Replace <platform_url> with the platform URL and <platform_user_email> with the user email.

Run image-api integration test:

./cli.sh image-api test - <image_api_url>

Replace <image_api_url> with the image-api URL.

note

To get access to Image API, set the value of ingress.host=<public_host> in the ./cfg/image-api.values.yaml file.