description |
---|
Learn how to deploy Flowise on AWS |
This requires some basic understanding of how AWS works.
Two options are available to deploy Flowise on AWS:
CloudFormation template is available here: https://gist.github.com/MrHertal/549b31a18e350b69c7200ae8d26ed691
It deploys Flowise on an ECS cluster exposed through ELB.
It was inspired by this reference architecture: https://github.com/aws-samples/ecs-refarch-cloudformation
Feel free to edit this template to adapt things like Flowise image version, environment variables etc.
Example of command to deploy Flowise using the AWS CLI:
aws cloudformation create-stack --stack-name flowise --template-body file://flowise-cloudformation.yml --capabilities CAPABILITY_IAM
After deployment, the URL of your Flowise application is available in the CloudFormation stack outputs.
The Terraform files (variables.tf
, main.tf
) are available in this GitHub repository: terraform-flowise-setup.
This setup deploys Flowise on an ECS cluster exposed through an Application Load Balancer (ALB). It is based on AWS best practices for ECS deployments.
You can modify the Terraform template to adjust:
- Flowise image version
- Environment variables
- Resource configurations (CPU, memory, etc.)
- Initialize Terraform:
terraform init
terraform apply
terraform destroy
- In the EC2 dashboard, click Launch Instance
- Scroll down and Create new key pair if you don't have one
- Fill in your preferred key pair name. For Windows, we will use
.ppk
and PuTTY to connect to the instance. For Mac and Linux, we will use.pem
and OpenSSH
- Click Create key pair and select a location path to save the
.ppk
file - Open the left side bar, and open a new tab from Security Groups. Then Create security group
- Fill in your preferred security group name and description. Next, add the following to Inbound Rules and Create security group
- Back to the first tab (EC2 Launch an instance) and scroll down to Network settings. Select the security group you've just created
- Click Launch instance. Navigate back to EC2 Dashboard, after few mins we should be able to see a new instance up and running 🎉
- For Windows, we are going to use PuTTY. You can download one from here.
- Open PuTTY and fill in the HostName with your instance's Public IPv4 DNS name
- From the left hand side bar of PuTTY Configuration, expand SSH and click on Auth. Click Browse and select the
.ppk
file you downloaded earlier.
- Click Open and Accept the pop up message
- Then login as
ec2-user
- Now you are connected to the EC2 instance
- Open the Terminal application on your Mac/Linux.
- (Optional) Set the permissions of the private key file to restrict access to it:
chmod 400 /path/to/mykey.pem
- Use the
ssh
command to connect to your EC2 instance, specifying the username (ec2-user
), Public IPv4 DNS, and the path to the.pem
file.
ssh -i /Users/username/Documents/mykey.pem ec2-user@ec2-123-45-678-910.compute-1.amazonaws.com
- Press Enter, and if everything is configured correctly, you should successfully establish an SSH connection to your EC2 instance
- Apply pending updates using the yum command:
sudo yum update
- Search for Docker package:
sudo yum search docker
- Get version information:
sudo yum info docker
- Install docker, run:
sudo yum install docker
- Add group membership for the default ec2-user so you can run all docker commands without using the sudo command:
sudo usermod -a -G docker ec2-user
id ec2-user
newgrp docker
- Install docker-compose:
sudo yum install docker-compose-plugin
- Enable docker service at AMI boot time:
sudo systemctl enable docker.service
- Start the Docker service:
sudo systemctl start docker.service
sudo yum install git -y
- Clone the repo
git clone https://github.com/FlowiseAI/Flowise.git
- Cd into docker folder
cd Flowise && cd docker
- Create a
.env
file. You can use your favourite editor. I'll usenano
nano .env
- Specify the env variables:
PORT=3000
DATABASE_PATH=/root/.flowise
APIKEY_PATH=/root/.flowise
SECRETKEY_PATH=/root/.flowise
LOG_PATH=/root/.flowise/logs
BLOB_STORAGE_PATH=/root/.flowise/storage
- (Optional) You can also specify
FLOWISE_USERNAME
andFLOWISE_PASSWORD
for app level authorization. See more broken-reference - Then press
Ctrl + X
to Exit, andY
to save the file - Run docker compose
docker compose up -d
- Your application is now ready at your Public IPv4 DNS on port 3000:
http://ec2-123-456-789.compute-1.amazonaws.com:3000
- You can bring the app down by:
docker compose stop
- You can pull from latest image by:
docker pull flowiseai/flowise
Alternatively:
docker-compose pull
docker-compose up --build -d
If you want to get rid of the :3000 on the url and have a custom domain, you can use NGINX to reverse proxy port 80 to 3000 So user will be able to open the app using your domain. Example: http://yourdomain.com
.
-
sudo yum install nginx
-
nginx -v
-
sudo systemctl start nginx
-
sudo nano /etc/nginx/conf.d/flowise.conf
- Copy paste the following and change to your domain:
server {
listen 80;
listen [::]:80;
server_name yourdomain.com; #Example: demo.flowiseai.com
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
press Ctrl + X
to Exit, and Y
to save the file
-
sudo systemctl restart nginx
- Go to your DNS provider, and add a new A record. Name will be your domain name, and value will be the Public IPv4 address from EC2 instance
- You should now be able to open the app:
http://yourdomain.com
.
If you like your app to have https://yourdomain.com
. Here is how:
- For installing Certbot and enabling HTTPS on NGINX, we will rely on Python. So, first of all, let's set up a virtual environment:
sudo python3 -m venv /opt/certbot/
sudo /opt/certbot/bin/pip install --upgrade pip
- Afterwards, run this command to install Certbot:
sudo /opt/certbot/bin/pip install certbot certbot-nginx
- Now, execute the following command to ensure that the
certbot
command can be run:
sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot
- Finally, run the following command to obtain a certificate and let Certbot automatically modify the NGINX configuration, enabling HTTPS:
sudo certbot --nginx
- After following the certificate generation wizard, we will be able to access our EC2 instance via HTTPS using the address
https://yourdomain.com
To enable Certbot to automatically renew the certificates, it is sufficient to add a cron job by running the following command:
echo "0 0,12 * * * root /opt/certbot/bin/python -c 'import random; import time; time.sleep(random.random() * 3600)' && sudo certbot renew -q" | sudo tee -a /etc/crontab > /dev/null
You have successfully setup Flowise apps on EC2 instance with SSL certificate on your domain🥳