OpenVidu Single Node Installation: AWS#
Regarding OpenVidu v2 compatibility
OpenVidu Single Node is not compatible with OpenVidu v2 API. For having compatibility with OpenVidu v2 applications, you must use OpenVidu Elastic or OpenVidu High Availability.
This section contains the instructions to deploy a production-ready OpenVidu Single Node deployment in AWS. Deployed services are the same as the On Premises Single Node Installation but automate the process with AWS CloudFormation.
First of all, import the template in the AWS CloudFormation console. You can click the following button...
...or access your AWS CloudFormation console and manually set this S3 URL in the Specify template
section:
https://s3.eu-west-1.amazonaws.com/get.openvidu.io/community/singlenode/latest/aws/cf-openvidu-singlenode.yaml
Info
If you want to deploy an specific version of OpenVidu Elastic, replace latest
with the version you want to deploy. For example, to deploy version 3.0.0
, use the following URL:
This is how the architecture of the deployment looks like:
CloudFormation Parameters#
Depending on your needs, you need to fill the following CloudFormation parameters:
Domain and SSL Certificate Configuration#
These are the three possible scenarios you may have to configure in this section:
For a production-ready setup, this scenario is ideal when you have an FQDN (Fully Qualified Domain Name) and an Elastic IP at your disposal. It leverages the services of Let's Encrypt to automatically generate valid certificates.
First, you need to have the FQDN pointing to the Elastic IP you are going to use.
Then, you need to fill in the following parameters:
As you can see, you need to specify the DomainName with your FQDN, the PublicElasticIP with the Elastic IP that the domain points to, and the LetsEncryptEmail with your email address for Let’s Encrypt notifications. These parameters are mandatory.
This is the most straightforward option for deploying OpenVidu on AWS when you do not have a Fully Qualified Domain Name (FQDN). This method allows for the immediate use of OpenVidu in AWS using CloudFormation.
However, this convenience comes with the caveat that users will need to manually accept the certificate in their web browsers. Please be aware that this configuration is solely for developmental and testing purposes and is not suitable for a production environment.
These are the parameters needed in this section to use self-signed certificates:
You don’t need to specify any parameters; just select the CertificateType as self-signed. The domain name used will be an AWS-generated one.
Opt for this method if you possess your own certificate for an existing FQDN. It enables you to deploy OpenVidu on AWS using your certificates.
You need to have a Fully Qualified Domain Name (FQDN) pointing to a previously created Elastic IP.
Also, you need a temporary HTTP server hosting your private and public certificate under a specific URL. These URLs are needed for the instance to be able to download and install your certificates.
The configured parameters would look like this:
You need to specify at OwnPublicCertificate and OwnPrivateCertificate the URLs where the public and private certificates are hosted, respectively. The DomainName and PublicElasticIP are mandatory parameters.
Certificates need to be in PEM format and the URLs must be accessible from the instance.
EC2 Instance Configuration#
You need to specify some properties for the EC2 instance that will be created.
The parameters in this section may look like this:
Simply select the type of instance you want to deploy at InstanceType, the SSH key you want to use to access the machine at KeyName, and the Amazon Image ID (AMI) to use at AmiId.
By default, the parameter AmiId is configured to use the latest LTS Ubuntu AMI, so ideally you don’t need to modify this.
S3 bucket for application data and recordings#
You can specify an S3 bucket to store the recordings and application data. If this parameter is not specified, a new S3 bucket will be created by the CloudFormation stack.
(Optional) TURN server configuration with TLS#
This section is optional. It is useful when your users are behind a restrictive firewall that blocks UDP traffic. This parameter will only works if you are using letsencrypt
or owncert
as the CertificateType parameter.
The parameters in this section may look like this:
Set the TurnDomainName parameter to the domain name you intend to use for your TURN server. It should be pointing to the PublicElasticIP
specified in the previous section.
If you are using letsencrypt
as the CertificateType parameter, you can leave the TurnOwnPublicCertificate and TurnOwnPrivateCertificate parameters empty. If you are using owncert
, you need to specify the URLs where the public and private certificates are hosted.
Deploying the Stack#
When you are ready with your CloudFormation parameters, just click on "Next", specify in "Stack failure options" the option "Preserve successfully provisioned resources" to be able to troubleshoot the deployment in case of error, click on "Next" again, and finally "Submit".
When everything is ready, you will see the following links in the "Outputs" section of CloudFormation:
Configure your Application to use the Deployment#
The Output Key ServicesAndCredentials of the previous section points to an AWS Secret Manager secret that contains all URLs and credentials to access the services deployed. You can access the secret by clicking on the link in the Output Value column.
Then, click on Retrieve secret value to get the JSON with all the information.
To point your applications to your OpenVidu deployment, check the values of the JSON secret. All access credentials of all services are defined in this object.
Your authentication credentials and URL to point your applications would be:
- URL: The value in the AWS Secret of
DOMAIN_NAME
as a URL. It could bewss://openvidu.example.io/
orhttps://openvidu.example.io/
depending on the SDK you are using. - API Key: The value in the AWS Secret of
LIVEKIT_API_KEY
- API Secret: The value in the AWS Secret of
LIVEKIT_API_SECRET
Troubleshooting Initial CloudFormation Stack Creation#
If something goes wrong during the initial CloudFormation stack creation, your stack may reach the CREATE_FAILED
status for multiple reasons. It could be due to a misconfiguration in the parameters, a lack of permissions, or a problem with the AWS services. When this happens, the following steps can help you troubleshoot the issue and identify what went wrong:
-
While deploying the stack, make sure at "Stack failure options" you have selected the option "Preserve successfully provisioned resources" to be able to troubleshoot the deployment in case of an error.
-
Check if the EC2 instance or instances are running. If they are not, check the CloudFormation events for any error messages.
-
If the EC2 instance or instances are running, SSH into the instance and check the logs of the following files:
/var/log/cloud-init-output.log
/var/log/cloud-init.log
These logs will give you more information about the CloudFormation stack creation process.
-
If everything seems fine, check the status and the logs of the installed OpenVidu services.
Configuration and administration#
When your CloudFormation stack reaches the CREATE_COMPLETE
status, your OpenVidu Single Node deployment is ready to use. You can check the Administration section to learn how to manage your deployment.