Andrey/docker-erpnext
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
docker-erpnext/documentation/deployment-guides/aws-managed/README.md
Brian Tan Seng 8894bbf56e ⏺ Perfect! I have successfully created the complete AWS equivalent of the GCP managed services 
deployment documentation. Here's a summary of what was created:

  📁 AWS Managed Services Documentation Structure

  Main Documentation Files:

  1. README.md - Comprehensive overview and decision guide
  2. 00-prerequisites-managed.md - AWS setup, VPC, security, and managed services
  3. 01-ecs-managed-deployment.md - Amazon ECS with Fargate deployment
  4. 02-eks-managed-deployment.md - Amazon EKS deployment
  5. 03-production-managed-setup.md - Production hardening and advanced features

  Kubernetes Manifests (kubernetes-manifests/):

  - namespace.yaml - Namespace with resource quotas and network policies
  - storage.yaml - EFS and EBS storage classes and PVCs
  - configmap.yaml - Application configuration and Nginx config
  - secrets.yaml - External Secrets Operator integration with AWS Secrets Manager
  - erpnext-backend.yaml - Backend deployment with RDS connectivity
  - erpnext-frontend.yaml - Frontend deployment with load balancing
  - erpnext-workers.yaml - Worker deployments for different queues
  - ingress.yaml - AWS Load Balancer Controller ingress configuration
  - jobs.yaml - Site creation and backup automation jobs

  Deployment Scripts (scripts/):

  - deploy-ecs.sh - Automated ECS deployment script
  - deploy-eks.sh - Automated EKS deployment script

  🔄 Key AWS Managed Services Used:

  Instead of GCP → AWS Equivalent:
  - Cloud SQL → Amazon RDS for MySQL
  - Memorystore → Amazon MemoryDB for Redis
  - Cloud Run → Amazon ECS with Fargate
  - GKE → Amazon EKS
  - Cloud Storage → Amazon S3
  - Secret Manager → AWS Secrets Manager
  - VPC Access Connector → VPC Endpoints/NAT Gateway

  🎯 Key Features Included:

  Production-Ready Features:

  -  High Availability - Multi-AZ RDS and MemoryDB deployment
  -  Auto-scaling - ECS Service Auto Scaling and EKS HPA
  -  Security - VPC isolation, IAM roles, WAF, encryption
  -  Monitoring - CloudWatch, X-Ray, custom metrics
  -  Backup & DR - Automated backups, cross-region replication
  -  Cost Optimization - Reserved instances, spot instances, right-sizing

  Deployment Options:

  - 🚀 Amazon ECS with Fargate - Serverless containers, minimal ops
  - ⚙️ Amazon EKS - Full Kubernetes with advanced features
  - 🛡️ Production Hardening - WAF, enhanced monitoring, security

  Automation Scripts:

  - 📜 One-click deployment scripts for both ECS and EKS
  - 🔧 Infrastructure as Code approach
  - 📊 Cost estimation and optimization guidance

  The documentation provides a complete migration path from GCP to AWS with equivalent managed
  services, maintaining the same level of reliability and operational efficiency while
  leveraging AWS-native services and best practices.
2025-08-22 19:15:03 +08:00

418 lines
17 KiB
Markdown
Raw Permalink Blame History

# ERPNext AWS Deployment with Managed Services
## Overview
This directory contains comprehensive guides and resources for deploying ERPNext on Amazon Web Services (AWS) using **managed database services**: Amazon RDS for MySQL and Amazon MemoryDB for Redis. This approach provides better reliability, security, and operational efficiency compared to self-hosted databases.
## 🏗️ Architecture Overview
```
┌─────────────────────────────────────────────────────────────────┐
│ Amazon Web Services │
├─────────────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────────┐ ┌─────────────────┐ │
│ │ Amazon ECS │ │ Amazon EKS │ │
│ │ (Fargate) │ │ (Kubernetes) │ │
│ │ │ │ │ │
│ │ ┌─────────────┐ │ │ ┌─────────────┐ │ │
│ │ │ Frontend │ │ │ │ Pods │ │ │
│ │ │ Backend │ │ │ │ - Frontend │ │ │
│ │ │ Workers │ │ │ │ - Backend │ │ │
│ │ │ Scheduler │ │ │ │ - Workers │ │ │
│ │ └─────────────┘ │ │ │ - Scheduler │ │ │
│ └─────────────────┘ │ └─────────────┘ │ │
│ └─────────────────┘ │
│ │ │
│ ┌─────────────────────────────┼─────────────────────────────┐ │
│ │ Managed Services │ │ │
│ │ │ │ │
│ │ ┌──────────────┐ ┌─────────────┐ ┌──────────────┐ │ │
│ │ │ Amazon RDS │ │ MemoryDB │ │ Amazon S3 │ │ │
│ │ │ (MySQL) │ │ (Redis) │ │ (Files) │ │ │
│ │ └──────────────┘ └─────────────┘ └──────────────┘ │ │
│ └─────────────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────────┘
```
## 📁 Directory Structure
```
aws-managed/
├── README.md # This file
├── 00-prerequisites-managed.md # Prerequisites for managed services
├── 01-ecs-managed-deployment.md # ECS with managed databases
├── 02-eks-managed-deployment.md # EKS with managed databases
├── 03-production-managed-setup.md # Production hardening
├── kubernetes-manifests/ # K8s manifests for managed services
│ ├── namespace.yaml # Namespace with security policies
│ ├── storage.yaml # EFS and EBS storage classes
│ ├── configmap.yaml # Config for managed services
│ ├── secrets.yaml # External Secrets integration
│ ├── erpnext-backend.yaml # Backend with RDS connection
│ ├── erpnext-frontend.yaml # Optimized frontend
│ ├── erpnext-workers.yaml # Workers with managed DB
│ ├── ingress.yaml # ALB ingress controller
│ └── jobs.yaml # Site creation and backup jobs
└── scripts/ # Automation scripts
├── deploy-ecs.sh # ECS deployment script
└── deploy-eks.sh # EKS deployment script
```
## 🚀 Quick Start
### Option 1: Amazon ECS with Fargate (Recommended for Simplicity)
```bash
# 1. Complete prerequisites
cd aws-managed/
# Follow 00-prerequisites-managed.md
# 2. Deploy to ECS
cd scripts/
export AWS_REGION="us-east-1"
export PROJECT_NAME="erpnext"
export DOMAIN_NAME="erpnext.yourdomain.com"
./deploy-ecs.sh --project-name $PROJECT_NAME --domain $DOMAIN_NAME
```
### Option 2: Amazon EKS (Recommended for Production)
```bash
# 1. Complete prerequisites
cd aws-managed/
# Follow 00-prerequisites-managed.md
# 2. Deploy to EKS
cd scripts/
export AWS_REGION="us-east-1"
export PROJECT_NAME="erpnext"
export DOMAIN_NAME="erpnext.yourdomain.com"
./deploy-eks.sh --project-name $PROJECT_NAME --domain $DOMAIN_NAME
```
## 🎯 Key Benefits of AWS Managed Services
### 🛡️ Enhanced Reliability
- **99.95% SLA** for RDS and MemoryDB
- **Multi-AZ deployment** with automatic failover
- **Point-in-time recovery** for databases
- **Automated backups** with cross-region replication
### 🔧 Operational Efficiency
- **Zero database administration** overhead
- **Automatic security patches** and updates
- **Performance insights** and optimization recommendations
- **Built-in monitoring** with CloudWatch
### 🔒 Enterprise Security
- **VPC isolation** with private subnets
- **Encryption at rest and in transit** by default
- **IAM integration** for access control
- **AWS WAF** for application protection
### 💰 Cost Optimization
- **Pay-as-you-scale** pricing model
- **Reserved Instance discounts** available
- **Automatic storage scaling** without downtime
- **Spot instances** for non-critical workloads
## 📊 Deployment Options Comparison
| Feature | ECS + Managed DB | EKS + Managed DB | Self-Hosted DB |
|---------|------------------|------------------|-----------------|
| **Scalability** | Auto (Fargate) | Manual/Auto HPA | Manual |
| **Operational Overhead** | Low | Medium | High |
| **Database Reliability** | 99.95% SLA | 99.95% SLA | Depends on setup |
| **Cost (Small)** | ~$250/month | ~$350/month | ~$200/month |
| **Cost (Large)** | ~$500/month | ~$700/month | ~$450/month |
| **Cold Start** | 1-2 seconds | None | None |
| **Customization** | Medium | High | Very High |
| **Kubernetes Native** | No | Yes | Yes |
| **Multi-tenancy** | Limited | Supported | Supported |
## 🛠️ Managed Services Configuration
### Amazon RDS (MySQL)
- **Instance Types**: db.t3.micro to db.r5.24xlarge
- **Storage**: 20GB to 64TB, automatic scaling
- **Backup**: Automated daily backups with 35-day retention
- **High Availability**: Multi-AZ deployment with automatic failover
- **Security**: VPC isolation, encryption, IAM database authentication
### Amazon MemoryDB for Redis
- **Node Types**: db.t4g.micro to db.r6g.16xlarge
- **Features**: Redis 6.x compatibility, persistence, clustering
- **Performance**: Up to 100+ million requests per second
- **Monitoring**: Built-in CloudWatch metrics and alerts
### Additional AWS Services
- **Amazon S3**: File storage and backups
- **AWS Secrets Manager**: Secure credential management
- **AWS Systems Manager**: Parameter Store for configuration
- **Amazon EFS**: Shared file storage for EKS
- **AWS Lambda**: Automation and maintenance tasks
- **Amazon EventBridge**: Scheduled tasks and triggers
## 🔧 Advanced Features
### Auto-scaling Configuration
- **ECS**: Service auto scaling based on CPU/memory
- **EKS**: Horizontal Pod Autoscaler + Cluster Autoscaler
- **Database**: Automatic storage scaling, manual compute scaling
- **Redis**: Manual scaling with zero-downtime
### Security Hardening
- **Network isolation** with private subnets and security groups
- **IAM roles** for service accounts (IRSA for EKS)
- **AWS WAF** for application-layer protection
- **VPC Flow Logs** for network monitoring
- **AWS Config** for compliance monitoring
### Monitoring & Observability
- **CloudWatch** for metrics, logs, and alerts
- **AWS X-Ray** for distributed tracing
- **Custom dashboards** for ERPNext-specific metrics
- **Performance Insights** for database monitoring
- **Container Insights** for ECS/EKS monitoring
### Backup & Disaster Recovery
- **RDS**: Automated backups with point-in-time recovery
- **Application files**: Automated backup to S3
- **Cross-region replication** for disaster recovery
- **Automated DR testing** with validation
- **Lambda-based backup automation**
## 💰 Cost Estimation & Optimization
### Typical Monthly Costs (US-East-1)
#### Small Deployment (< 50 users) - ECS
```
RDS (db.t3.medium): $67
MemoryDB (1 node): $45
ECS Fargate (2 tasks): $30
ALB: $22
EFS: $3
NAT Gateway: $45
Total: ~$212/month
```
#### Medium Deployment (50-200 users) - EKS
```
RDS (db.r5.large): $150
MemoryDB (2 nodes): $90
EKS Control Plane: $73
EC2 (3 t3.medium): $100
ALB: $22
EFS: $10
NAT Gateway: $45
Total: ~$490/month
```
#### Large Deployment (200+ users) - EKS
```
RDS (db.r5.xlarge): $300
MemoryDB (3 nodes): $135
EKS Control Plane: $73
EC2 (6 t3.large): $300
ALB: $22
EFS: $25
NAT Gateway: $90
Total: ~$945/month
```
### Cost Optimization Strategies
1. **Use Reserved Instances** (up to 75% savings for predictable workloads)
2. **Implement Spot Instances** for non-critical worker nodes
3. **Right-size instances** based on CloudWatch metrics
4. **Use S3 Intelligent Tiering** for file storage
5. **Schedule scaling** during off-hours
## 🚨 Migration Path from Self-Hosted
### Phase 1: Assessment and Planning (Week 1)
- [ ] Audit current infrastructure and data size
- [ ] Identify custom configurations and dependencies
- [ ] Plan migration windows and rollback procedures
- [ ] Set up AWS managed services in parallel
### Phase 2: Infrastructure Setup (Week 2)
- [ ] Deploy VPC, subnets, and security groups
- [ ] Create RDS and MemoryDB instances
- [ ] Set up ECS/EKS cluster and supporting services
- [ ] Configure monitoring and alerting
### Phase 3: Data Migration (Week 3)
- [ ] Export data from existing MySQL/Redis
- [ ] Import to RDS/MemoryDB with validation
- [ ] Migrate file storage to S3/EFS
- [ ] Update connection strings and test thoroughly
### Phase 4: Application Migration (Week 4)
- [ ] Deploy ERPNext with managed services
- [ ] Conduct comprehensive testing
- [ ] DNS cutover to new deployment
- [ ] Monitor performance and optimize
### Phase 5: Optimization and Cleanup (Week 5)
- [ ] Optimize resource allocation based on metrics
- [ ] Implement cost optimization measures
- [ ] Decommission old infrastructure
- [ ] Update backup and DR procedures
## 🔍 Troubleshooting Common Issues
### RDS Connection Issues
```bash
# Test connectivity from ECS/EKS
# For ECS
aws ecs run-task --cluster erpnext-cluster \
--task-definition erpnext-backend \
--overrides '{"containerOverrides":[{"name":"erpnext-backend","command":["mysql","-h","RDS_ENDPOINT","-u","admin","-p"]}]}'
# For EKS
kubectl run mysql-test --rm -i --tty --image=mysql:8.0 -- mysql -h RDS_ENDPOINT -u admin -p
```
### MemoryDB Connection Issues
```bash
# Test Redis connectivity
# For EKS
kubectl run redis-test --rm -i --tty --image=redis:alpine -- redis-cli -h REDIS_ENDPOINT ping
# Check AUTH configuration
aws memorydb describe-clusters --cluster-name erpnext-redis --region us-east-1
```
### Performance Issues
```bash
# Check RDS performance
aws rds describe-db-instances --db-instance-identifier erpnext-db
aws cloudwatch get-metric-statistics --namespace AWS/RDS --metric-name CPUUtilization
# Monitor MemoryDB metrics
aws cloudwatch get-metric-statistics --namespace AWS/MemoryDB --metric-name CPUUtilization
```
### Cost Issues
```bash
# Analyze costs with AWS CLI
aws ce get-cost-and-usage --time-period Start=2024-01-01,End=2024-01-31 \
--granularity MONTHLY --metrics BlendedCost
# Get cost recommendations
aws support describe-trusted-advisor-checks --language en
```
## 📚 Additional Resources
### AWS Documentation
- [Amazon RDS User Guide](https://docs.aws.amazon.com/rds/)
- [Amazon MemoryDB User Guide](https://docs.aws.amazon.com/memorydb/)
- [Amazon ECS Developer Guide](https://docs.aws.amazon.com/ecs/)
- [Amazon EKS User Guide](https://docs.aws.amazon.com/eks/)
- [AWS Well-Architected Framework](https://aws.amazon.com/architecture/well-architected/)
### ERPNext Specific
- [ERPNext Documentation](https://docs.erpnext.com/)
- [Frappe Framework Documentation](https://frappeframework.com/docs)
- [ERPNext GitHub Repository](https://github.com/frappe/erpnext)
### AWS Tools and SDKs
- [AWS CLI Documentation](https://docs.aws.amazon.com/cli/)
- [eksctl Documentation](https://eksctl.io/)
- [AWS CDK Documentation](https://docs.aws.amazon.com/cdk/)
### Monitoring & Operations
- [AWS CloudWatch User Guide](https://docs.aws.amazon.com/cloudwatch/)
- [AWS X-Ray Developer Guide](https://docs.aws.amazon.com/xray/)
- [Kubernetes Monitoring Best Practices](https://kubernetes.io/docs/tasks/debug-application-cluster/resource-usage-monitoring/)
## 🎯 Decision Matrix
### Choose ECS + Managed Services if:
- ✅ Want minimal operational overhead
- ✅ Team has limited Kubernetes experience
- ✅ Need rapid deployment and scaling
- ✅ Prefer AWS-native container orchestration
- ✅ Want to minimize infrastructure complexity
### Choose EKS + Managed Services if:
- ✅ Need advanced Kubernetes features
- ✅ Plan to run multiple applications
- ✅ Require fine-grained control over scheduling
- ✅ Have existing Kubernetes expertise
- ✅ Need advanced networking capabilities
- ✅ Want cloud-agnostic deployment patterns
## 📞 Support & Contributing
### Getting Help
- **Documentation Issues**: Create issues in the repository
- **AWS Support**: Use AWS Support Center for service issues
- **Community**: ERPNext Community Forum and GitHub Discussions
- **Professional Services**: AWS Professional Services for complex deployments
### Contributing
- **Documentation improvements**: Submit pull requests
- **Script enhancements**: Share automation improvements
- **Best practices**: Contribute lessons learned from production deployments
- **Cost optimizations**: Share optimization strategies and findings
### Feedback
We welcome feedback on these deployment guides. Please open an issue or submit a pull request with:
- Improvements to documentation clarity
- Additional troubleshooting scenarios
- Cost optimization techniques
- Security enhancements
- Performance optimization tips
## ⚡ Quick Commands Reference
### ECS Operations
```bash
# Check service status
aws ecs describe-services --cluster erpnext-cluster --services erpnext-backend
# View task logs
aws logs get-log-events --log-group-name /aws/ecs/erpnext-backend
# Scale service
aws ecs update-service --cluster erpnext-cluster --service erpnext-backend --desired-count 5
```
### EKS Operations
```bash
# Check pod status
kubectl get pods -n erpnext
# View logs
kubectl logs -f deployment/erpnext-backend -n erpnext
# Scale deployment
kubectl scale deployment erpnext-backend --replicas=5 -n erpnext
```
### Database Operations
```bash
# Create RDS snapshot
aws rds create-db-snapshot --db-instance-identifier erpnext-db --db-snapshot-identifier manual-backup-$(date +%Y%m%d)
# Monitor MemoryDB
aws memorydb describe-clusters --cluster-name erpnext-redis
```
---
**⚠️ Important Notes**:
- Managed services incur continuous costs even when applications are idle
- Always test deployments thoroughly in staging before production
- Monitor costs regularly using AWS Cost Explorer
- Keep credentials secure and rotate regularly
- Follow AWS security best practices and compliance requirements
- Review and update security groups and IAM policies regularly
**🎯 Recommendation**: For most production deployments, EKS with managed services provides the best balance of control, reliability, and operational efficiency, while ECS offers simplicity for teams new to container orchestration.
**🔄 Maintenance**: These guides are actively maintained. Check for updates regularly and ensure your AWS CLI, kubectl, and other tools are up to date.
Reference in New Issue View Git Blame Copy Permalink