Deployment
10.5.2603
Search this version
Deployment
Deployment
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Deployment High Availability on AWS
Summarize Page
Copy Markdown
Open in ChatGPT
Open in Claude
Purpose
Give operators a concise, end-to-end view of the MOCM on‑prem deployment on AWS, with links to the detailed guides, expected inputs/outputs per step, and a post-deploy validation checklist.
Prerequisites (high-level)
- AWS account with permissions for VPC, EKS, EC2, S3, Amazon MQ, ElastiCache, ACM, and Route 53
- Local tooling installed: OpenTofu/Terraform, AWS CLI, kubectl, Helm, Helmfile, jq
- Access to the MOCM on‑prem deployment package (Terraform modules, Ansible roles, Helm charts, images)
Ensure network egress and IAM permissions allow provisioning of required resources and SSM connectivity for configuration steps.
Deployment workflow (2 steps)
Step 1 – Deploy Infrastructure (AWS)
Goal: Provision the foundational cloud resources to run MOCM.
- Core networking: VPC, subnets, NAT, VPC endpoints
- EKS cluster, node groups, and ALB ingress controller
- Data services: MongoDB (via Ansible over SSM), Amazon MQ (RabbitMQ), Redis (ElastiCache), S3 buckets
- DNS and certificates: Route 53 hosted zone and ACM certificate
Guide: Deploy Infrastructure (AWS)
Expected outputs from Step 1 (hand‑off to Step 2)
- EKS cluster reachable with kubectl (cluster name and region known)
- Application DNS hostnames reserved and ACM certificate issued/validated
- MongoDB replica set endpoints and credentials are ready
- RabbitMQ (Amazon MQ) and Redis endpoints are available
- S3 buckets and prefixes for object storage are configured
Step 2 – Deploy Application (Helm Charts)
Goal: Install and configure MOCM services onto the provisioned EKS cluster.
- Push container images to your registry (e.g., ECR)
- Populate values in Helm charts (hosts, credentials, storage, scaling)
- Deploy with Helm/Helmfile and verify pods, services, and ingress
Guide: Deploy Application with Helm Charts
Where to find required values
- OpenTofu/Terraform outputs: cluster name, VPC/network, data service endpoints, S3 bucket names
- AWS Secrets Manager: credentials (MongoDB, RabbitMQ, Redis), application secrets, TLS private keys if managed there
Keep a single hand-off record that maps Terraform outputs to Helm values (e.g., endpoints, ports, database names). This reduces misconfiguration and accelerates Step 2.
Post-deploy validation checklist
- DNS and Certificates: Domain resolves to the ingress load balancer; ACM certificate shows issued and is attached to the ingress
- Ingress/Networking: Ingress resources exist; ALB/NGINX shows healthy targets; security groups allow traffic from clients
- Cluster Health: kubectl shows all pods in Running/Ready; no CrashLoopBackOff; node capacity sufficient for default replicas
- UI Access: Browse to the configured hostname over HTTPS and log in successfully
- Smoke Checks: Core API endpoints respond 2xx; background jobs/processors start; storage interactions (S3) succeed
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Last updated on
Was this page helpful?
Next to read:
Deploy Infrastructure (AWS)null
Discard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message