ec2

ec2

This section guides you through setting up client configuration and building tools to deploy Orca directly onto an EC2 instance.

Managing your own EC2 instance "manually" will use certificates issued by Let's Encrypt.

Note

• Pro: No additional costs, other than the EC2 instance and data transfer.
• Con: More complex setup.

Usage

1. Launch an EC2 instance configured as follows:

• Choose an instance of type Amazon Linux 2023 AMI (e.g.: ami-0fc3317b37c1269d3).

• Pick a preconfigured Security Group that opens HTTP (:80/tcp), HTTPS (:443/tcp) and SSH (:22/tcp).

  • Also ensure that [::]:80, [::]:443 and [::]:22 are open, for IPv6 support.

• Grant it the ec2-orca-install IAM Role that allows:

  Policy	Service	Reason
  AmazonEC2ReadOnlyAccess	EC2	List instance tags
  AmazonS3ReadOnlyAccess	S3	Get client-specific configuration
  AmazonEC2ContainerRegistryReadOnly	ECR	Access Orca's docker container

2. Create the DNS record for <client id>.orca-solution.com pointing to the right instance (use an Elastic IP).

3. Set the expected environment variables:

   • Edit the configuration template
   • Upload it as <client id>.conf in the orca-clients S3 bucket (arn:aws:s3:::orca-clients).

4. Connect onto the machine and install the latest release via the setup script on master branch:

   ssh -i /path/to/key.pem ec2-user@<client-id>.orca-solution.com
   bash <(curl -s https://raw.githubusercontent.com/ccjmne/orca-deploy/pre-revamp/ec2/utils/deploy.sh)

Tip

Ensure the DNS records have properly propagated before proceeding to step 4.

Update Orca

Use the update.sh script installed during the deployment in your home directory (/home/ec2-user) as follows:

./update.sh <version>

Where <version> corresponds to a tag for our web app's Docker container and defaults to latest.

Create new versions of the setup script

Create a new release on GitHub and upload the setup.tar.gz archive as an asset, generated as follows:

tar --directory setup -czvf setup.tar.gz .