Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Initial steps for AWS DuploCloud users
The DuploCloud platform installs in an EC2 instance within your AWS account. It can be accessed using a web interface, API, or Terraform provider.
You can log in to the DuploCloud portal, using single sign-on (SSO), with your GSuite or O365 login.
Before getting started, complete the following steps:
Read the DuploCloud Platform Overview and learn about DuploCloud terms like Infrastructure, Plan, and Tenant
Set up the DuploCloud Portal
Read the Access Control section and ensure at least one person has administrator access
Connect to the DuploCloud Slack channel for support from the DuploCloud team
Tasks to perform before you use AWS with DuploCloud
Create a Route 53 Hosted Zone to program DNS entries
The DuploCloud Platform needs a unique Route 53 hosted zone to create DNS entries for Services that you deploy. The domain must be created out-of-band and set in DuploCloud. The zone is a subdomain such as apps.[
MY-COMPANY
].com
.
Never use this subdomain for anything else, as DuploCloud owns all CNAME entries
in this domain and removes all entries it has no record of.
Log in to AWS Console.
Navigate to Route 53 and Hosted Zones.
Create a new Route53 Hosted Zone with the desired domain name, for example, apps.acme.com
.
Access the Hosted Zone and note the name server names.
Go to your root domain provider's site (e.g., acme.com
), and create an NS
record that references the domain name of the Hosted Zone you created (apps.acme.com
). Add the zone name to the name servers that you noted above.
Once this is complete, provision the Route53 domain in every DuploCloud Plan, starting with the default plan. Add the Route53 Hosted Zone ID and domain name, preceded with a dot (.).
Do not forget the dot (.) at the beginning of the DNS suffix, in the form as shown below.
Note that this domain must be set in each new Plan you create in your DuploCloud Infrastructure.
Enable shell access for native Docker or ECS users
DuploCloud allows shell access into the deployed containers. Shell access is enabled differently, depending on whether you use native Docker or ECS.
In the DuploCloud Portal, navigate to Docker -> Services. The Services page displays.
From the Docker list box, select Enable Docker Shell. The Start Shell Service pane displays.
From the Certificate list box, select your certificate.
From the Visibility list box, select Public or Internal.
Click Update. A provisioned Service named dockerservices-shell is created, enabling you to access containers using SSH.
From the DuploCloud Portal, navigate to Cloud Services -> ECS. The ECS Task Definition page displays.
Select the name from the TASK DEFINITION FAMILY NAME column.
Select the Tasks tab.
To display the ECS task shell for any task, click on the (>_) icon in the Actions column of the appropriate row. Click on the container task shell option. A browser launches to give you access to the shell.
Accept OpenVPN, provision the VPN, and add VPN users
DuploCloud integrates with OpenVPN by provisioning VPN users that you add to the DuploCloud Portal. OpenVPN setup is a two-step process.
Accept OpenVPN Free Tier (Bring Your Own License) in the AWS Marketplace:
Accept the agreement. Other than the regular EC2 instance cost, no additional license costs are added.
In the DuploCloud Portal, navigate to Administrator -> System Settings.
Select the VPN tab.
Click Provision VPN.
After the OpenVPN is provisioned, it is ready to use. Behind the scenes, DuploCloud launches a CloudFormation script to provision the OpenVPN.
You can find the OpenVPN admin password in the CloudFormation stack in your AWS console.
Users connected to a VPN can SSH or RDP into EC2 instances by default. Users can also connect to internal application Load Balancers and endpoints. However, to connect to other Services, such as databases and ElastiCache, you must open the port to the VPN:
In the DuploCloud Portal, navigate to Administrator -> Tenants.
Select the Tenant from the NAME column.
Click the Security tab.
Click Add. The Add Tenant Security pane displays.
From the Source Type list box, select IP Address.
From the IP CIDR list box, select your IP CIDR.
Click Add.
Create an AWS Certificate Manager certificate
For example, if the Route 53 Hosted Zone created is apps.acme.com
, then the ACM certificate specifies *.apps.acme.com
. You can add additional domains to this certificate (for example, *.acme.com
).