AWS Deployment

For ease of deployment Zercurity provides an AMI. Which is based off of ami-05f27d4d6770a43d2 which is a Debian build.

Note

Our Zercurity AMI will need to be shared with you. Before you’ll be able to see it listed in your EC2 AMI list. Please contact support for access.

From the EC2 Dashboard scroll down and click on Launch instance. From there, select Shared with me on the left hand menu under the Ownership menu group. You should then see your Zercurity AMI.

../_images/onprem_aws_01.png

Navigate through the setup wizard. Please refer to our sizing guide for information on the best system configuration for the number of systems you’re looking to monitor.

../_images/onprem_aws_02.png

At the end of the setup you’ll simply need to create an SSH key. To enable secure remote login.

../_images/onprem_aws_03.png

Either create a new or use an existing SSH key. AWS will let you download the key upon successful creation. The default username for your instance is admin.

../_images/onprem_aws_04.png
ssh -i ~/Downloads/aws-cert.pem admin@aws-host

Starting Zercurity

To setup Zercurity copy across the installation files. Provided to you by your account manager. The ./setup.sh script will guide you through the process.

You’ll be required to enter the domain name you want to use which will update your production.dev file which stores all configuration settings. The setup will also download the latest version of Zercurity for Docker.

./setup.sh

Once the setup has downloaded all the container images you can start Zercurity like so:

sudo systemctl start zercurity

You can view the logs by using the journalctl command.

sudo journalctl -u zercurity -xef

You can also stop and restart zercurity using the following commands.

sudo systemctl stop zercurity
sudo systemctl restart zercurity

As the containers start (which will take a few minutes) you’ll notice two directories being created, certs and data.

  • The certs directory contains the SSL certificates for the NGINX web-server.
  • The data directory contains both a working directory for the creation of temp files and data for the prostgresql database.

The Zercurity web application will now be available at: https://app.zercurity.local

Warning

If you are using self-signed certificates you will need to manually visit https://app.zercurity.local, https://api.zercurity.local and https://download.zercurity.local in order for the web application to work correctly. Or you can add the generated CA to your preferred browser which can be found in the certs folder.

Updating Zercurity

You can update Zercurity by using the ./update.sh script. This will authenticate to our ECR repository and download all the latest docker images.

This script will not restart any Zercurity services. You will need to do this manually once the script has finished.

# There is no need to shutdown Zercurity. The new image containers will
# be fetched and used the next time the service is restarted.
./update.sh

sudo systemctl restart zercurity