OpenVidu Single Node Installation: AWS

Regarding OpenVidu v2 compatibility

OpenVidu Single Node is not compatible with OpenVidu v2 API. For having compatibility with OpenVidu v2 applications, you must use OpenVidu Elastic or OpenVidu High Availability.

This section contains the instructions to deploy a production-ready OpenVidu Single Node deployment in AWS. Deployed services are the same as the On Premises Single Node Installation but automate the process with AWS CloudFormation.

First of all, import the template in the AWS CloudFormation console. You can click the following button...

Deploy OpenVidu Single Node in

...or access your AWS CloudFormation console and manually set this S3 URL in the Specify template section:

https://s3.eu-west-1.amazonaws.com/get.openvidu.io/community/singlenode/latest/aws/cf-openvidu-singlenode.yaml

Architecture overview

This is how the architecture of the deployment looks like:

OpenVidu Single Node AWS Architecture

CloudFormation Parameters

Depending on your needs, you need to fill the following CloudFormation parameters:

Domain and SSL Certificate Configuration

These are the three possible scenarios you may have to configure in this section:

Let's Encrypt Certificate (recommended)Self-Signed CertificateCustom Certificates

For a production-ready setup, this scenario is ideal when you have an FQDN (Fully Qualified Domain Name) and an Elastic IP at your disposal. It leverages the services of Let's Encrypt to automatically generate valid certificates.

First, you need to have the FQDN pointing to the Elastic IP you are going to use.

Then, you need to fill in the following parameters:

As you can see, you need to specify the DomainName with your FQDN, the PublicElasticIP with the Elastic IP that the domain points to, and the LetsEncryptEmail with your email address for Let’s Encrypt notifications. These parameters are mandatory.

This is the most straightforward option for deploying OpenVidu on AWS when you do not have a Fully Qualified Domain Name (FQDN). This method allows for the immediate use of OpenVidu in AWS using CloudFormation.

However, this convenience comes with the caveat that users will need to manually accept the certificate in their web browsers. Please be aware that this configuration is solely for developmental and testing purposes and is not suitable for a production environment.

These are the parameters needed in this section to use self-signed certificates:

You don’t need to specify any parameters; just select the CertificateType as self-signed. The domain name used will be an AWS-generated one.

Opt for this method if you possess your own certificate for an existing FQDN. It enables you to deploy OpenVidu on AWS using your certificates.

You need to have a Fully Qualified Domain Name (FQDN) pointing to a previously created Elastic IP.

Also, you need a temporary HTTP server hosting your private and public certificate under a specific URL. These URLs are needed for the instance to be able to download and install your certificates.

The configured parameters would look like this:

You need to specify at OwnPublicCertificate and OwnPrivateCertificate the URLs where the public and private certificates are hosted, respectively. The DomainName and PublicElasticIP are mandatory parameters.

Certificates need to be in PEM format and the URLs must be accessible from the instance.

EC2 Instance Configuration

You need to specify some properties for the EC2 instance that will be created.

EC2 Instance configuration

The parameters in this section may look like this:

Simply select the type of instance you want to deploy at InstanceType, the SSH key you want to use to access the machine at KeyName, and the Amazon Image ID (AMI) to use at AmiId.

By default, the parameter AmiId is configured to use the latest LTS Ubuntu AMI, so ideally you don’t need to modify this.

(Optional) TURN server configuration with TLS

This section is optional. It is useful when your users are behind a restrictive firewall that blocks UDP traffic. This parameter will only works if you are using letsencrypt or owncert as the CertificateType parameter.

TURN server configuration with TLS

The parameters in this section may look like this:

Set the TurnDomainName parameter to the domain name you intend to use for your TURN server. It should be pointing to the PublicElasticIP specified in the previous section.

If you are using letsencrypt as the CertificateType parameter, you can leave the TurnOwnPublicCertificate and TurnOwnPrivateCertificate parameters empty. If you are using owncert, you need to specify the URLs where the public and private certificates are hosted.

Deploying the Stack

When you are ready with your CloudFormation parameters, just click on "Next", specify in "Stack failure options" the option "Preserve successfully provisioned resources" to be able to troubleshoot the deployment in case of error, click on "Next" again, and finally "Submit".

When everything is ready, you will see the following links in the "Outputs" section of CloudFormation with all deployed services.

CloudFormation Outputs

Configure your Application to use the Deployment

To point your applications to your OpenVidu deployment, check the file of the EC2 instance /opt/openvidu/.env. All access credentials of all services are defined in this file.

Your authentication credentials and URLs to point your applications to are:

• URL: The value in .env of DOMAIN_OR_PUBLIC_IP as a URL. It could be wss://openvidu.example.io/ or https://openvidu.example.io/ depending on the SDK you are using.
• API Key: The value in .env of LIVEKIT_API_KEY
• API Secret: The value in .env of LIVEKIT_API_SECRET

Troubleshooting Initial CloudFormation Stack Creation

If something goes wrong during the initial CloudFormation stack creation, your stack may reach the CREATE_FAILED status for multiple reasons. It could be due to a misconfiguration in the parameters, a lack of permissions, or a problem with the AWS services. When this happens, the following steps can help you troubleshoot the issue and identify what went wrong:

1. While deploying the stack, make sure at "Stack failure options" you have selected the option "Preserve successfully provisioned resources" to be able to troubleshoot the deployment in case of an error.

   Disable Rollback on failure

   

2. Check if the EC2 instance or instances are running. If they are not, check the CloudFormation events for any error messages.

3. If the EC2 instance or instances are running, SSH into the instance and check the logs of the following files:

   • /var/log/cloud-init-output.log
   • /var/log/cloud-init.log

   These logs will give you more information about the CloudFormation stack creation process.

4. If everything seems fine, check the status and the logs of the installed OpenVidu services.

Configuration and administration

When your CloudFormation stack reaches the CREATE_COMPLETE status, your OpenVidu Single Node deployment is ready to use. You can check the Configuration and Administration section to learn how to manage your deployment.