Deploy Chatwoot on AWS with a reference HA architecture
name
tag, enter
chatwoot-vpc
and use the CIDR block 10.0.0.0/16
.Create VPC
.Create Subnet
. Select the chatwoot-vpc
we created before, name it as chatwoot-public-1
, select an availability zone (for example, ap-south-1a), and the CIDR block as
10.0.0.0/24
.Name | Type | Availability Zone | CIDR Block |
---|---|---|---|
chatwoot-public-1 | public | ap-south-1a | 10.0.0.0/24 |
chatwoot-public-2 | public | ap-south-1b | 10.0.1.0/24 |
chatwoot-private-1 | private | ap-south-1a | 10.0.2.0/24 |
chatwoot-private-2 | private | ap-south-1b | 10.0.3.0/24 |
auto assign public ipv4 address
for public subnets under Actions
> Subnet Settings
.Create Internet Gateway
, name it chatwoot-igw
, and click create.Attach to VPC
.chatwoot-vpc
and click attach.NAT gateways
.
Create NAT Gateway
.
chatwoot-nat-1
.chatwoot-public-1
subnet.Allocate Elastic IP
.Create NAT gateway
.chatwoot-nat-2
) and choose the chatwoot-public-2
subnet.Route Tables
.
Create route table
.chatwoot-public-rt
and choose chatwoot-vpc
under VPC.Create
.chatwoot-igw
).
chatwoot-public-rt
route table from the list and click on Edit routes
> Add Route
.0.0.0.0/0
and choose the target as chatwoot-igw
. Click on Save Changes
.chatwoot-public-rt
route table from the list and click on Subnet Associations
> Edit subnet associations
.chatwoot-public-1
,chatwoot-public-2
) and click save
.chatwoot-private-a
and chatwoot-private-b
.chatwoot-private-a
, add a route to 0.0.0.0/0
and target as chatwoot-nat-1
.chatwoot-private-b
, add a route to 0.0.0.0/0
and target as chatwoot-nat-2
.chatwoot-private-a
, associate chatwoot-private-1
subnet.chatwoot-private-b
, associate chatwoot-private-2
subnet.Create Load Balancer
.
Application Load Balancer
.chatwoot-loadbalancer
.internet-facing
and IP address type as IPv4
.chatwoot-vpc
.chatwoot-public-1
and chatwoot-public-2
under the mapping section.chatwoot-loadbalancer-sg
.0.0.0.0/0
, ::/0
).http
to https
.
chatwoot-tg
, that will forward the requests to port 3000
(Chatwoot listens on this port)./api
. This endpoint is not authenticated and should return the application version.chatwoot-rds-sg
.chatwoot-vpc
and add an inbound rule for postgres port with source chatwoot-loadbalancer-sg
.chatwoot-rds-group
and choose chatwoot-vpc
.chatwoot-vpc
and select the rds security group we created earlier.Ubuntu 20.04 image
with a t3.micro
type.chatwoot-vpc
and subnet chatwoot-public-1
.chatwoot-bastion-a
.chatwoot-bastion-sg
and enable ssh access from anywhere.chatwoot-bastion-b
in the other AZ.
Ubuntu 20.04 image
with a c5.xlarge
instance type.chatwoot-private-1
.Name
tag to chatwoot
.root
user.chatwoot
service.
chatwoot-base-ami
.