How can we help?
Table of Contents
< All Topics
Print

Standard Installation Guide

PostedJune 28, 2023
UpdatedNovember 28, 2023

This installation guide will walk you through the step-by-step process of installing Paladin Cloud on AWS Cloud. If you would like a Quick Installation, you can find it here

Note:

  • Before installing, please review the release notes on the Release page for any important updates or changes.

For Existing Users:

  • If you are upgrading from version 2.0.0 or below to the latest version of Paladin Cloud, please take the following steps:

    1. Uninstall Existing Version: Before proceeding with the upgrade, uninstall the current version of Paladin Cloud.

    2. Terminate EC2 Instance: Once the existing version is uninstalled, terminate the EC2 Instance that was used for your previous installation.

    3. IAM Permissions: If you are using the existing IAM role for the new version, please update the AWS IAM permissions 

    For detailed, step-by-step instructions on uninstalling the existing version and terminating the EC2 Instance, please refer to this link.

Prerequisites:

  • AWS account with relevant permissions
  • CloudFormation template to create an IAM role. You can find the document link for this template here.
  • Please note that if the AMI, PaladinCloud-Installer, is unavailable in your region, copy the AMI from any other region (listed in the table below) before launching the machine.

Region-Specific AMI IDs

Region AMI ID

Us-east-1(N. Virginia)

ami-00b6f41a7702f09d2

Us-east-2(Ohio)

ami-05008790feb917df7

Us-west-1(N. California)

ami-0344a20ebee057f6e

Us-west-2(Oregon)

ami-0e08a9b6e34fb9b3d

Note: Our AMI is on AWS Linux, and we continuously test our application using Amazon AWS Linux-based installer boards. If you want any other OS flavor, please raise a ticket here.

Create a VPC and Subnet

  1. Go to the AWS Management Console.
  2. Login using your credentials.
  3. In the navigation bar at the top of the screen, search for VPC in the search box and select VPC from the displayed results. This opens the Your VPCs page.
  4. Click the Create VPC button on the top right corner of the page. This opens the Create VPC page.
  5. Under VPC Settings, select the VPC and more option.
  6. Enter a value for the Name tag auto-generation. Choose a name of your choice.
  7. Scroll down to Number of Availability Zones (AZs) and select 2.
  8. Set Number of public subnets to 2.
  9. Set Nat gateways to in 1 Az or 1 per AZ, based on your requirements.
  10. Click Create.

This will create the VPC and Subnets and open the Your VPCs page. Click the VPC you just created to open the VPC details page.

  1. Under Subnets in the Resource map, click the public Subnet to open the subnet details page.
  2. Click Action on the top right of the page and select Edit Subnet Settings.
  3. Under Auto-assign IP settings, select the Enable auto-assign public IPv4 address checkbox.
  4. Click Save. You will get a confirmation message that the Subnet Settings have been changed.
  5. Follow the same steps to change the settings for the second Public Subnet too.

Create an EC2 Instance from AMI

  1. Go to the AWS Management Console.
  2. Login using your credentials.
  3. In the navigation bar at the top of the screen, search for EC2 in the search box and select EC2 from the displayed results. This opens the EC2 dashboard.
  4. From the left pane, go to Images -> AMIs.
  5. Select Public Images from the drop-down list before the search bar.
  6. In the search bar on top, enter the AMI ID you selected from the Region-Specific AMI IDs table.
  7. Select the AMI ID from the displayed results and click Launch Instance from AMI. This opens the Launch an Instance page.
  8. Name the Instance under the Name and Tag text box.
  9. Scroll down to the Application and OS Images (Amazon Machine Image) section and select the AMI from under AMI from Catalog.
  10. Under Instance Type, select t2.xlarge or any instance greater than t2.xlarge, depending on your requirements.
  11. Scroll to Key pair (Log in) section and click Create new key pair.
  12. Enter a descriptive name for the key pair.
  13. Choose RSA for Key pair type and .pem for Private Key file format.
  14. Click Create key pair.
  15. A .pem file is generated with the name you gave for the new Key pair. This file is generally available under the Downloads folder on your system.
  16. Go to the Network Settings section and click Edit.
  17. Choose the VPC that you created. If you are using the Default VPC, you can skip this step.
  18. Choose a Public Subnet.
  19. Ensure that Auto-assign public IP is set to Enable.
  20. Enter a name of your choice in the security group name field. The description field can be the same as the Security Group name field.
  21. Scroll down to Configure Storage and ensure the configured storage is set to 40GB.
  22. Click Launch Instance on the right.

Once the Instance is launched successfully, you will get a confirmation message and the Instance ID.

Create an IAM Role and Attach it to EC2 

  1. Download the cloud formation template file, available here.
  2. For the base account (the account where the Paladin Cloud application will be deployed), access the AWS console for that account and navigate to CloudFormation.
  3. Click on Stacks and select Create Stack > With New Resources.
  4. Under Prerequisites, select Template is ready option.
  5. Under Specify Template, choose Upload a template file and upload the downloaded template file.
  6. Provide a name for the stack (e.g., PaladinCloudIntegration) and click Next.
  7. This opens the Configure Stack Options page. Click Next.
  8. Accept the capability check box and click Submit. This will initiate the creation of the necessary resources and permissions.
  9. Navigate to the EC2 console.
  10. Select the EC2 instance you created in the section above.
  11. Click Action->Security-> Modify IAM Role
  12. Select PaladinCloudInstallerRole from the list
  13. Click Update IAM Role.

Connect to the EC2 Instance

  1. After successfully launching the instance, go to the Instances tab on the left and select Instances. This will open the Instances page.
  2. From the list of Instances displayed, select the instance you created.
  3. Wait for the Instance State to change to Running, then click Connect at the top of the page. This opens the Connect to Instance page.

The next step is to change the user from root to ec2-user. There are two options to do this change.

Option1:

  1. Click the EC2 Instance Connect tab
  2. In the Connection Type option, select Connect Using EC2 Instance Connect.
  3. Under User name, change the user name to ec2-user
  4. Click Connect.

You are now logged into your AWS EC2 Instance.

Option 2:

  1. Click the SSH client tab and follow the instructions provided in the tab.
  1. For a more detailed step-by-step guide on this option, you can refer to the following document:

            Connect to your Linux instance using SSH

 

Install Paladin Cloud

  1. Navigate to the Releases and copy the latest release (tag) number.
  2. Open the terminal on the EC2 instance.
  3. Clone the Paladin Cloud repository using the following command:

        git clone https://github.com/PaladinCloud/CE

  1. Change the directory to the cloned CE repository using the command:
    cd CE
  2. Check out the latest release of Paladin Cloud using the command:
    git checkout tags/3.0.0
  3. Change the directory to the installer directory using the command:

           cd installer

  1. Copy the default.local.py to local.py with the following command:

           cp settings/default.local.py settings/local.py

  1. Open local.py using the preferred text editor (e.g., vi):

           vi settings/local.py

  1. Update the following configuration values:
  •    VPC details (created in Step 1):

                 vpc = {

                      "ID": "VPC-1",

                      "CIDR_BLOCKS": ["10.0.0.0/16"],

                      "SUBNETS": ["subnet-1", "subnet-2"]

                  }

  • Cognito Configuration:

             COGNITO_ADMIN_EMAIL_ID = "[email protected]"

             COGNITO_DOMAIN = "xyzPaladinCloud"  # Replace with your preferred domain

  • Update AWS region:

              AWS_REGION = "update_aws_region"

  • Add your base ACCOUNT_ID and ACCOUNT_NAME:

             ACCOUNT_ID = "update_account_id"

             ACCOUNT_NAME = "update_account_name"

  • Add Mandatory tags as per your organization policy (This is optional):

              MANDATORY_TAGS = "Application,Environment"

  1. Save the local.py file after updating the values.

Security Note: By default, the Paladin Cloud application is not accessible from outside the VPC. If you wish to make it publicly accessible (SECURITY RISK), please follow your organization’s policy to expose a website to the Internet.

  1. Proceed with the Paladin Cloud installation using the following command:

             sudo python3 manager.py install

  1. You will be prompted to choose an authentication mechanism. Choose option 3 Using the IAM role attached to this instance.

Note: Once you run the install command, please make sure that the terminal connection is alive and do not close the terminal.

The installation process may take approximately 30-35 minutes.

Once the installation process is finished, a window named output is displayed on the screen. This window contains vital information about the URL, hostname, and other essential credentials.

  1. Upon successful installation, an email containing your login credentials will be generated and sent to the email address you provided in the local.py file during the installation process.

Final Steps

  1. Click here for the steps to connect to the portal.
  2. Go to the link you received in the email after installation and sign in using the login credentials provided in the email.
  3. You will be prompted to create a new password. Once you create the password, you can access the web application.

In case of any failures, please check the troubleshooting steps here.

      Installation logs are available in the log directory:

        `tail -f log/debug.log`: To see the debug log

        `tail -f log/error.log`: To see the error log

        `tail -f log/terraform_install.log`: To see the Terraform Installation log

        `tail -f log/terraform_destroy.log`: To see the Terraform Destroy log

Important Notes:

  1. After completing the installation process, it is recommended to put your EC2 instance into ‘Stop‘ mode. This practice conserves resources and helps optimize costs, ensuring a more efficient utilization of your infrastructure.
  2. Paladin Cloud’s default installation is HTTP-only. If you require an HTTPS connection, please follow this link for detailed instructions.

You have successfully installed Paladin Cloud on AWS Cloud. Please contact our support team for further assistance in case of any issues with the installation.

  1.  

  1.