Powerful Redmine in AWS
AWS Account, with your ssh key:
Generate your ssh with this cli (please, run this command with your user, DO NOT USE sudo):
ssh-keygen -t rsa -b 2048
In AWS Key Pairs, click Import Key Pairs, Choose File, select your id_rsa.pub, put a Key Pair Name on it.
Security Group:
EC2 Group
Inbound – All traffic – All – All – yourip
Inbound – HTTP – TCP – 80 – 0.0.0.0/0
Outbound – All traffic – All – All – 0.0.0.0/0
RDS Group
Inbound – MYSQL – TCP – 3306 – InstancePrivateIP
Outbound – All traffic – All – All – 0.0.0.0/0
ElastiCache Group
Inbound – Custom TCP Rule – TCP – 11211 – InstancePrivateIP
Outbound – All traffic – All – All – 0.0.0.0/0
EC2, t1.micro with 8GB is sufficient, ubuntu 14.04 will be used here.
While creating ec2:
Use this image Ubuntu Server 14.04 LTS (PV), 64-bit.
Select your EC2 Security Group.
S3 bucket for Redmine files, create one with AWS S3 Console
Memcached create one node with AWS ElastiCache Console
RDS (we are going to use MySQL) create one in AWS RDS Console
Redmine github https://github.com/redmine/redmine
Redmine S3 github https://github.com/ka8725/redmine_s3
Redmine Backlogs https://github.com/backlogs/redmine_backlogs
SES for redmine send emails, check more about it here.
Create an IAM user with permission for this s3 redmine bucket.
Generate Keys for this user, and keep it.
Policy example:
{
“Statement”: [
“Effect”: “Allow”,
“Action”: “s3:ListAllMyBuckets”,
“Resource”: “arn:aws:s3:::*”
},
{
“Effect”: “Allow”,
“Action”: “s3:*”,
“Resource”: [
"arn:aws:s3:::yourbucketname",
"arn:aws:s3:::yourbucketname/*"
]
}
]
}
Start RDS, with RDS Security Group, login using mysql-client (you dont have ssh shell for a RDS) and create a user for redmine that can only access redmine database.
Example:
mysql -h mysqlrdsaddress.com -U myuser -p
type your password.
create user ‘myredmine’@’%’ identified by ‘mypass’;
create database myredminedatabase;
grant all privileges on myredminedatabase.* to ‘myredmine’@’%’;
Ps. For additional security, you should change the wildcard from % to your instance Private IP.
Start EC2, with EC2 Security Group, your Key Pair and ssh to it with ubuntu@yourmachineip, if you can’t login, check your security group and your keypair.
Install needed packages.
$ sudo apt-get install apache2 libapache2-mod-passenger git postfix libmysqlclient-dev libmagickwand-dev imagemagick bundler
Postfix will make some questions, just press enter until the end.
Configure your .bashrc:
You can skip this, but this is so cool and easy… 🙂
vim ~/.bashrc +46
Remove the comment in the line 46 to force color prompt.
Change your line 60 to show git branch.
PS1='${debian_chroot:+($debian_chroot)}[33[01;32m]u@h[33[00m]:[33[01;34m]w[33[00m]$(__git_ps1 " (%s)") $ '
Logout and login again.
Go to where you want to place your redmine (In this post i will use /srv this will be used in Apache2 configuration) and clone the redmine repository:
$ cd /srv
$ sudo git clone https://github.com/redmine/redmine
Go inside redmine and create a branch tracking the newest version.
$ cd redmine
$ sudo git checkout -b myProd --track origin/2.5-stable
Configure redmine.
$ cd config
You can skip this if you dont want to use ElastiCache.
$ sudo cp additional_environment.rb.example additional_environment.rb
Add this line to the file. To get your address, just go to ElastiCache console and get the ‘Configuration endpoint’
$ sudo vim additional_environment.rb
put config.cache_store = :mem_cache_store, "yourmemcacheaddress:11211"
Add this to the second line of your Gemfile:
$ sudo vim ../Gemfile
gem "memcache-client", "1.8.5"
Configuring database.
$ sudo cp database.yml.example database.yml
$ sudo vim database.yml
Change the production setup to your settings.
Example:
production:
adapter: mysql2
database: redmine
host: mysql.mydomain.com
username: myredmine
password: "mypass"
encoding: utf8
Configuring email smtp
$ sudo cp configuration.yml.example configuration.yml
default:
# Outgoing emails configuration (see examples above)
email_delivery:
delivery_method: :smtp
smtp_settings:
address: your SES endpoint
port: 25
openssl_verify_mode: “none”
user_name: “Access Key ID”
password: “Secret Access Key”
Installing Redmine:
$ cd /srv/redmine
$ sudo touch /srv/redmine/log/production.log
$ sudo chmod 0666 /srv/redmine/log/production.log
$sudo bundle install --without development test
$ sudo rake generate_secret_token
$ sudo RAILS_ENV=production rake db:migrate
$ sudo RAILS_ENV=production rake redmine:load_default_data
Apache 2 Configuration:
$ sudo a2dissite 000-default
$ sudo vim /etc/apache2/sites-available/redmine.conf
paste it:
ServerAdmin [email protected]
DocumentRoot /srv/redmine/public
RailsBaseURI /redmine
PassengerResolveSymlinksInDocumentRoot on
Require all granted
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
ErrorLog ${APACHE_LOG_DIR}/redmine-error.log
CustomLog ${APACHE_LOG_DIR}/redmine-access.log combined
$ sudo a2ensite redmine
$ sudo service apache2 restart
Type your Instance IP in your browser and login with admin/admin.
Redmine plugins:
Redmine Backlogs
go inside plugins directory and clone Redmine Backlogs
$ cd plugins
$ sudo git clone https://github.com/backlogs/redmine_backlogs
$ cd redmine_backlogs
$sudo git checkout -b myProd --track origin/master
$ cd ../..
$sudo bundle install --without development test
$ sudo RAILS_ENV=production bundle exec rake db:migrate
$ sudo RAILS_ENV=production bundle exec rake redmine:backlogs:install
$ sudo service apache2 restart
Login and test.
Redmine S3
go inside plugins directory and clone Redmine S3
$ cd plugins
$ sudo git clone https://github.com/ka8725/redmine_s3
cd redmine_s3
$sudo git checkout -b myProd --track origin/master
$ sudo cp config/s3.yml.example ../../config/s3.yml
$ cd ../..
$ sudo vim config/s3.yml
Add your Access Key ID, Secret Access Key and bucket on production setup.
Save and to migrate your files, type:
$ sudo bundle install --without development test
$ sudo RAILS_ENV=production rake redmine_s3:files_to_s3
$ sudo service apache2 restart
Login and test.
Create image of this instance (this image is named AMI in AWS)
Make a Load Balance with this setup, in Health Check configure it to ping /news.atom
Make a Launch Configuration with this AMI (it will be show at My AMIs)
Make an Auto Scaling group using this launch configuration (select all available subnet)
Click Advanced Details and check Receive traffic from Elastic Load Balancer, select your load balance.
Make a policy for auto scaling:
>= 75% CPU usage for 60 seconds add 10% of group in increments or at least 1 instance
<= 15% CPU usage for 60 seconds remove 10% of group in increments or at least 1 instance
Access your instances with load balance address, and it is done 🙂
Comments are Disabled