AWS

Learn how to deploy Flowise on AWS

Prerequisite

This requires some basic understanding of how AWS works.

Two options are available to deploy Flowise on AWS:

Deploy on ECS using CloudFormation

CloudFormation template is available here: https://gist.github.com/MrHertal/549b31a18e350b69c7200ae8d26ed691

It deploys Flowise on an ECS cluster exposed through ELB.

It was inspired by this reference architecture: https://github.com/aws-samples/ecs-refarch-cloudformation

Feel free to edit this template to adapt things like Flowise image version, environment variables etc.

Example of command to deploy Flowise using the AWS CLI:

aws cloudformation create-stack --stack-name flowise --template-body file://flowise-cloudformation.yml --capabilities CAPABILITY_IAM

After deployment, the URL of your Flowise application is available in the CloudFormation stack outputs.

Deploy on ECS using Terraform

The Terraform files (variables.tf, main.tf) are available in this GitHub repository: terraform-flowise-setup.

This setup deploys Flowise on an ECS cluster exposed through an Application Load Balancer (ALB). It is based on AWS best practices for ECS deployments.

You can modify the Terraform template to adjust:

  • Flowise image version

  • Environment variables

  • Resource configurations (CPU, memory, etc.)

Example Commands for Deployment:

  1. Initialize Terraform:

terraform init
terraform apply
terraform destroy

Launch EC2 Instance

  1. In the EC2 dashboard, click Launch Instance

  1. Scroll down and Create new key pair if you don't have one

  1. Fill in your preferred key pair name. For Windows, we will use .ppk and PuTTY to connect to the instance. For Mac and Linux, we will use .pem and OpenSSH

  1. Click Create key pair and select a location path to save the .ppk file

  2. Open the left side bar, and open a new tab from Security Groups. Then Create security group

  1. Fill in your preferred security group name and description. Next, add the following to Inbound Rules and Create security group

  1. Back to the first tab (EC2 Launch an instance) and scroll down to Network settings. Select the security group you've just created

  1. Click Launch instance. Navigate back to EC2 Dashboard, after few mins we should be able to see a new instance up and running 🎉

How to Connect to your instance (Windows)

  1. For Windows, we are going to use PuTTY. You can download one from here.

  2. Open PuTTY and fill in the HostName with your instance's Public IPv4 DNS name

  1. From the left hand side bar of PuTTY Configuration, expand SSH and click on Auth. Click Browse and select the .ppk file you downloaded earlier.

  1. Click Open and Accept the pop up message

  1. Then login as ec2-user

  1. Now you are connected to the EC2 instance

How to Connect to your instance (Mac and Linux)

  1. Open the Terminal application on your Mac/Linux.

  2. (Optional) Set the permissions of the private key file to restrict access to it:

chmod 400 /path/to/mykey.pem

  1. Use the ssh command to connect to your EC2 instance, specifying the username (ec2-user), Public IPv4 DNS, and the path to the .pem file.

ssh -i /Users/username/Documents/mykey.pem ec2-user@ec2-123-45-678-910.compute-1.amazonaws.com

  1. Press Enter, and if everything is configured correctly, you should successfully establish an SSH connection to your EC2 instance

Install Docker

  1. Apply pending updates using the yum command:

sudo yum update

  1. Search for Docker package:

sudo yum search docker

  1. Get version information:

sudo yum info docker

  1. Install docker, run:

sudo yum install docker

  1. Add group membership for the default ec2-user so you can run all docker commands without using the sudo command:

sudo usermod -a -G docker ec2-user
id ec2-user
newgrp docker

  1. Install docker-compose:

sudo yum install docker-compose-plugin

  1. Enable docker service at AMI boot time:

sudo systemctl enable docker.service

  1. Start the Docker service:

sudo systemctl start docker.service

Install Git

sudo yum install git -y

Setup

  1. Clone the repo

git clone https://github.com/FlowiseAI/Flowise.git

  1. Cd into docker folder

cd Flowise && cd docker

  1. Create a .env file. You can use your favourite editor. I'll use nano

nano .env

  1. Specify the env variables:

PORT=3000
DATABASE_PATH=/root/.flowise
APIKEY_PATH=/root/.flowise
SECRETKEY_PATH=/root/.flowise
LOG_PATH=/root/.flowise/logs
BLOB_STORAGE_PATH=/root/.flowise/storage

  1. (Optional) You can also specify FLOWISE_USERNAME and FLOWISE_PASSWORD for app level authorization. See more https://github.com/FlowiseAI/FlowiseDocs/blob/main/configuration/deployment/broken-reference/README.md

  2. Then press Ctrl + X to Exit, and Y to save the file

  3. Run docker compose

docker compose up -d

  1. Your application is now ready at your Public IPv4 DNS on port 3000:

http://ec2-123-456-789.compute-1.amazonaws.com:3000

  1. You can bring the app down by:

docker compose stop

  1. You can pull from latest image by:

docker pull flowiseai/flowise

Alternatively:

docker-compose pull
docker-compose up --build -d

Using NGINX

If you want to get rid of the :3000 on the url and have a custom domain, you can use NGINX to reverse proxy port 80 to 3000 So user will be able to open the app using your domain. Example: http://yourdomain.com.

  1. sudo yum install nginx
  2. nginx -v
  3. sudo systemctl start nginx
  4. sudo nano /etc/nginx/conf.d/flowise.conf

  5. Copy paste the following and change to your domain:

server {
    listen 80;
    listen [::]:80;
    server_name yourdomain.com; #Example: demo.flowiseai.com
    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_cache_bypass $http_upgrade;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

press Ctrl + X to Exit, and Y to save the file

  1. sudo systemctl restart nginx

  2. Go to your DNS provider, and add a new A record. Name will be your domain name, and value will be the Public IPv4 address from EC2 instance

  1. You should now be able to open the app: http://yourdomain.com.

Install Certbot to have HTTPS

If you like your app to have https://yourdomain.com. Here is how:

  1. For installing Certbot and enabling HTTPS on NGINX, we will rely on Python. So, first of all, let's set up a virtual environment:

sudo python3 -m venv /opt/certbot/
sudo /opt/certbot/bin/pip install --upgrade pip

  1. Afterwards, run this command to install Certbot:

sudo /opt/certbot/bin/pip install certbot certbot-nginx

  1. Now, execute the following command to ensure that the certbot command can be run:

sudo ln -s /opt/certbot/bin/certbot /usr/bin/certbot

  1. Finally, run the following command to obtain a certificate and let Certbot automatically modify the NGINX configuration, enabling HTTPS:

sudo certbot --nginx

  1. After following the certificate generation wizard, we will be able to access our EC2 instance via HTTPS using the address https://yourdomain.com

Set up automatic renewal

To enable Certbot to automatically renew the certificates, it is sufficient to add a cron job by running the following command:

echo "0 0,12 * * * root /opt/certbot/bin/python -c 'import random; import time; time.sleep(random.random() * 3600)' && sudo certbot renew -q" | sudo tee -a /etc/crontab > /dev/null

Congratulations!

You have successfully setup Flowise apps on EC2 instance with SSL certificate on your domain🥳

PreviousDeploymentNextAzure

Last updated