Deploy with AWS EC2
This document provides instructions to start an AWS EC2 virtual machine and run an Insight Point as a Docker image. For generic instructions for Docker (suitable for Azure VMs), see Deploy with Docker on Ubuntu or Deploy with Docker on RHEL.
Installation
Follow the instructions to launch a new AWS EC2 instance, install prerequisites, and download and run the Insight Point. You can opt to use an existing EC2 instance, provided that the docker version is 19.09
or later.
Open the AWS EC2 Console
Ensure that the region where you want to initialize the instance is selected
Click Launch Instance
Add a name for the instance ("Veza Insight Point")
Choose
Amazon Linux 2023
OS imageDedicate at least
2 CPU
,4GB RAM
for the instanceChoose an existing key pair or create a new one
Install Docker. On Amazon Linux 2023:
Connect to the instance using SSH.
Update package list
sudo yum update -y
Install Docker
sudo yum -y install docker
Add the ec2-user to the docker group
sudo usermod -a -G docker ec2-user
Start Docker
sudo service docker start
Change the permissions of the docker.sock
sudo chmod 666 /var/run/docker.sock
Enable Docker service
sudo systemctl enable docker
Install Docker Compose:
Download Docker Compose plugin from the repo:
sudo curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
Apply permissions to the binary:
sudo chmod +x /usr/local/bin/docker-compose
Configure and run the Insight Point:
Generate an Insight Point Registration key under Veza Configuration > Insight Point. Back up a copy of the Insight Point key in a secure location - it cannot be recovered if lost.
Set the Insight Point Registration key as an environment variable
export VEZA_IP_REGISTER_KEY=[key from the Veza tenant]
Download and save the docker-compose.yml file:
Edit the compose file to change environment variables, or enable proxy servers or custom certificates.
Start Docker Container
docker-compose up --detach
To discover standalone RDS or Trino databases, ensure that Security Group Inbound Rules allow communication to and from the Insight Point's outbound IP address.
Verifying Connectivity
You can run the following commands to verify to inspect logs for any errors. First, get the container ID of the Veza Insight Point:
Next, follow the Insight Point docker container logs. You can press CTL+C to exit or omit the -f parameter. Replace <CONTAINER_ID>
with the Insight Point Docker Container ID from the earlier command:
Last updated