You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/advanced/1_self_host/aws_ecs.mdx
+47-29Lines changed: 47 additions & 29 deletions
Original file line number
Diff line number
Diff line change
@@ -53,7 +53,7 @@ Familiar with Terraform? The terraform files are available [here in Windmill's G
53
53
- The DB doesn't need public access
54
54
- Link it the security group created above
55
55
- RDS proxy can be a good option in certain cases. It is not required
56
-
- We advise to create a certificate authority and use it here
56
+
- We advise to use a certificate authority
57
57
- The port can be left to the default: `5432`
58
58
1. Database authentication
59
59
- Windmill uses Password authentication
@@ -81,8 +81,47 @@ As said in the introduction, the architecture of your stack depends of your need
81
81
- We recommend allocating at least 100GiB of volume size
82
82
1. Network settings for EC2 instances
83
83
- Attach it to the VPC and security group created above
84
-
- Make sure to select the PUBLIC subnets if your VPC has private and public ones. The instance should be on the PUBLIC subnets
85
-
- WARNING: You need to TURN ON auto-assign public IP. Otherwise the EC2 agent on the servers will not be able to register the host to the EC2 cluster. This happens if you didn't set a NAT on your VPC
84
+
- The instance can be placed in the private subnets, we will access them through a load balancer
85
+
86
+
## Create a Load Balancer and Target Groups
87
+
88
+
We're going to create 3 target groups, for the Windmill server, LSP and Multiplayer
89
+
90
+
1. Go to Target Groups and create a new one
91
+
- Target type: IP addresses
92
+
- Target group name: `windmill-cluster-server-tg`
93
+
- Protocol: HTTP / Port 8000
94
+
- Attach it to the VPC created above
95
+
- Protocol Version: HTTP1
96
+
- No need to add explicit IP targets right now. The ECS services will register themselves automatically
97
+
1. Do the same for LSP
98
+
- Same steps as above but with name: `windmill-cluster-lsp-tg` and port: `3001`
99
+
1. Do the same for Multiplayer
100
+
- Same steps as above but with name: `windmill-cluster-multip-tg` and port: `3002`
101
+
102
+
Now create a Load balancer:
103
+
104
+
1. Create a new Application Load Balancer
105
+
- Name: `windmill-cluster-alb`
106
+
- It must be internet facing
107
+
- IP address type: IPv4
108
+
- Network mapping: select the VPC created above and map it to the 2 public subnets
109
+
- Security group: Select the security group created above
110
+
- Listener: Default listener on port 80 / Foward to the Target Group `windmill-cluster-server-tg`
111
+
- Click on Create
112
+
1. Once the ALB is created, go to its page to add rules for LSP and Multiplayer
113
+
- Select the Listener `HTTP:80` and click on Manage rule > Add Rule
114
+
1. Add a Route for LSP
115
+
- Name: `lsp`
116
+
- Add a condition: `Path is /ws/*`
117
+
- Click Next
118
+
- Select target group `windmill-lsp-tg`
119
+
- Give it a priority of `10`
120
+
- Click on Create
121
+
1. Add a group for Multiplayer
122
+
- Same steps as for LSP above
123
+
- The path should be `/ws_mp/*`
124
+
- The target group should be `windmill-multiplayer-tg`
86
125
87
126
## Create the task definitions
88
127
@@ -130,7 +169,7 @@ We will create 6 tasks definitions here:
130
169
- Port mapping: No port mapping for workers
131
170
- Resource allocation: 2 CPU / 3.5 GiB memory
132
171
- Environment variable: `JSON_FMT=true`, `MODE=worker`, `WORKER_GROUP=default` and `DATABASE_URL=postgres://postgres:<DB_PASSWORD>@<DB_HOSTNAME>:5432/windmill`
133
-
-TODO: elaborate on volumes
172
+
-Add a Bind volume named `worker_dependency_cache` mapped to `/tmp/windmill/cache`
134
173
- Turn on log collection for easy debugging
135
174
- This is it, leave the rest default
136
175
@@ -150,7 +189,7 @@ We will create 6 tasks definitions here:
150
189
- Port mapping: no port mapping for workers
151
190
- Resource allocation: 2 CPU / 3.5 GiB memory
152
191
- Environment variable: `JSON_FMT=true`, `MODE=worker`, `WORKER_GROUP=native` and `DATABASE_URL=postgres://postgres:<DB_PASSWORD>@<DB_HOSTNAME>:5432/windmill`
153
-
-TODO: elaborate on volumes
192
+
-Add a Bind volume named `worker_dependency_cache` mapped to `/tmp/windmill/cache`
154
193
- Turn on log collection for easy debugging
155
194
- This is it, leave the rest default
156
195
@@ -170,7 +209,7 @@ We will create 6 tasks definitions here:
170
209
- Port mapping: 3001 / TCP / http / HTTP
171
210
- Resource allocation: 1 CPU / 1.5 GiB memory
172
211
- Environment variable: `JSON_FMT=true`,
173
-
-TODO: elaborate on volumes
212
+
-Add a Bind volume named `lsp_cache` mapped to `/root/.cache`
174
213
- Turn on log collection for easy debugging
175
214
- This is it, leave the rest default
176
215
@@ -205,7 +244,7 @@ One for each task definition, we now will create 6 services.
205
244
1. Service name: `windmill-server`
206
245
1. Service replica: 2 (to follow the architecture we presented above)
207
246
1. Networking: Select the VPC created above, and place the services in the PUBLIC subnets. Select the security group created above (or the one allowing traffic on port 80)
208
-
1. Load balancer: It's important to create a load balancer here as it will be the entry point to Windmill. Create an Application Load Balancer `windmill-server-lb` with a target group `windmill-server-tg`
247
+
1. Load balancer: Link it to the load balancer created above with the target group `windmill-cluster-server-tg`
209
248
210
249
#### Multi-purpose Windmill worker
211
250
@@ -229,33 +268,12 @@ One for each task definition, we now will create 6 services.
229
268
1. Service name: `windmill-lsp`
230
269
1. Service replica: 1
231
270
1. Networking: Select the VPC created above, and place the services in the PUBLIC subnets. Select the security group created above
232
-
1. Load balancer: Create a load balancer. All we need is actually a Target Group, but using this menu AWS will create both, and we will just have to remove the load balancer later and keep only the target group. Name them `windmill-lsp-lb` and `windmill-lsp-tg`
271
+
1. Load balancer: Link it to the load balancer created above with the target group`windmill-cluster-lsp-tg`
233
272
234
273
#### Windmill Multiplayer
235
274
236
275
1. Same as Windmill LSP, using the task definition `windmill-native-worker`.
237
276
238
-
## Add Networking Routes for Windmill LSP and Multiplayer
239
-
240
-
Here we will add the appropriate routes for requests that the UI will want to make to LSP or Multiplayer. We create 2 load balancers for Windmill LSP and Multiplayer, but only their Target Groups are needed. We will use the Windmill Service Load Balancer to route certain requests to those target groups based on their path.
241
-
242
-
Go to AWS EC2 Load Balancer menu and start by deleting the load balancers named `windmill-lsp-lb` and `windmill-multiplayer-lb`. Then go to `windmill-server-lb` Load Balancer to update it:
243
-
244
-
1. Open the `HTTP:80` listener and click on the `Add Rule` button on the right
245
-
1. Add a Route for LSP
246
-
- Name: `lsp`
247
-
- Add a condition: `Path is /ws/*`
248
-
- Click Next
249
-
- Select target group `windmill-lsp-tg`
250
-
- Give it a priority of `10`
251
-
- Click on Create
252
-
1. Add a group for Multiplayer
253
-
- Same steps as for LSP above
254
-
- The path should be `/ws_mp/*`
255
-
- The target group should be `windmill-multiplayer-tg`
256
-
257
-
LSP and Multiplayer should now be all set.
258
-
259
277
## Open Windmill
260
278
261
279
Go back to the `windmill-server-lb` and copy its DNS. Open it in a new tab. You should see the Windmill Login interface. Follow the instructions to go through the initial Windmill setup
0 commit comments