How to deploy on AWS EC2

vm

Amazon Web Services is a popular subsidiary of Amazon that provides on-demand cloud computing platforms on a metered pay-as-you-go basis.

AWS web console: console.aws.amazon.com

Prerequisites

  • A physical or virtual machine running Ubuntu 24.04+

  • Juju 3.6+ installed via snap


Install the AWS CLI

Install the Amazon Web Services CLI by following the official AWS documentation .

To check it is correctly installed, run

user@host:~$
aws --version
aws-cli/2.13.25 Python/3.11.5 Linux/6.2.0-33-generic exe/x86_64.ubuntu.23 prompt/off

Authenticate

Create an IAM account or use legacy access keys to operate AWS EC2:

user@host:~$
mkdir -p ~/.aws && cat <<- EOF >  ~/.aws/credentials.yaml
credentials:
  aws:
    NAME_OF_YOUR_CREDENTIAL:
      auth-type: access-key
      access-key: SECRET_ACCESS_KEY_ID
      secret-key: SECRET_ACCESS_KEY_VALUE
EOF

Add AWS credentials to Juju:

user@host:~$
juju add-credential aws -f ~/.aws/credentials.yaml

Bootstrap Juju controller on AWS EC2

Bootstrap a Juju controller:

user@host:~$
juju bootstrap aws <controller-name>
Creating Juju controller "<controller-name>" on aws/<region-name>
Looking for packaged Juju agent version 3.5.4 for amd64
Located Juju agent version 3.5.4-ubuntu-amd64 at https://juju-dist-aws.s3.amazonaws.com/agents/agent/3.5.4/juju-3.5.4-linux-amd64.tgz
Launching controller instance(s) on aws/<region-name>...
 - i-0f4615983d113166d (arch=amd64 mem=8G cores=2)
Installing Juju agent on bootstrap instance
Waiting for address
Attempting to connect to 54.226.221.6:22
Attempting to connect to 172.31.20.34:22
Connected to 54.226.221.6
Running machine configuration script...
Bootstrap agent now started
Contacting Juju controller at 54.226.221.6 to verify accessibility...

Bootstrap complete, controller "<controller-name>" is now available
Controller machines are in the "controller" model

Now you can run
	juju add-model <model-name>
to create a new model to deploy workloads.

See also: Juju | Amazon EC2 bootstrap options

You can check the instance availability in the web interface

image|690x118

(Make sure to choose the right region!)

Access a test database (optional)

This section walks you through creating and accessing a test database in your newly configured cloud.

Create a Juju model:

user@host:~$
juju add-model <model-name>

The following command deploys PostgreSQL and the data-integrator charm to request a test database:

user@host:~$
juju deploy postgresql --channel 16/stable
user@host:~$
juju deploy data-integrator --config database-name=test-db
user@host:~$
juju integrate postgresql data-integrator

Once juju status shows the apps as active and idle, request the credentials for your newly bootstrapped PostgreSQL database:

user@host:~$
juju run data-integrator/leader get-credentials

Take note of the values for <username>, <password>, and <endpoint>.

At this point, you can access your cloud database using the internal IP address.

All further Juju applications will use the database through the internal network:

user@host:~$
psql postgresql://<username>:<password>@<endpoint>/test-db
psql (15.6 (Ubuntu 15.6-0ubuntu0.23.10.1), server 16.9 (Ubuntu 14.12-0ubuntu0.24.04.1))
Type "help" for help.

test-db=>

Expose database (optional)

To access the database from outside of the cloud, open the the cloud’s firewall using juju expose :

user@host:~$
juju expose postgresql

Once exposed, you can connect your database using the same credentials as above except the IP. This time, use the public IP assigned by the cloud provider to the PostgreSQL instance.

You can find it it with juju status:

user@host:~$
juju status postgresql
...
Unit           Workload  Agent  Machine  Public address  Ports     Message
postgresql/0*  active    idle   0        <public-ip>     5432/tcp  Primary
...
user@host:~$
psql postgresql://<username>:<password>@<public-ip>  :5432/test-db
psql (15.6 (Ubuntu 15.6-0ubuntu0.23.10.1), server 16.9 (Ubuntu 14.12-0ubuntu0.24.04.1))
Type "help" for help.

test-db=>

To close public access, run:

user@host:~$
juju unexpose postgresql

Clean up

Always clean cloud resources that are no longer necessary; they could be costly!

See all controllers in your machine with

user@host:~$
juju controllers
Controller         Model         User   Access     Cloud/Region                Models  Nodes    HA  Version
<controller-name>  <model-name>  admin  superuser  <cloud-name>/<region-name>  1       1      none  3.6.1

The following command will destroy the Juju controller and remove the cloud instance - meaning all your data will be permanently removed:

user@host:~$
juju destroy-controller <controller-name> --destroy-all-models --destroy-storage --force

Next, check and manually delete all unnecessary AWS EC2 instances and resources.

To show the list of all your EC2 instances run the following command:

user@host:~$
aws ec2 describe-instances --region us-east-1 --query "Reservations[].Instances[*].{InstanceType: InstanceType, InstanceId: InstanceId, State: State.Name}" --output table
-------------------------------------------------------
|                  DescribeInstances                  |
+---------------------+----------------+--------------+
|     InstanceId      | InstanceType   |    State     |
+---------------------+----------------+--------------+
|  i-0f374435695ffc54c|  m7i.large     |  terminated  |
|  i-0e1e8279f6b2a08e0|  m7i.large     |  terminated  |
|  i-061e0d10d36c8cffe|  m7i.large     |  terminated  |
|  i-0f4615983d113166d|  m7i.large     |  terminated  |
+---------------------+----------------+--------------+

List your Juju credentials:

user@host:~$
juju credentials
...
Client Credentials:
Cloud        Credentials
aws          <credential-name>
...

Remove AWS EC2 CLI credentials from Juju:

user@host:~$
juju remove-credential aws <credential-name>

Finally, remove AWS CLI user credentials (to avoid forgetting and leaking):

user@host:~$
rm -f ~/.aws/credentials.yaml