Ce contenu n’est pas encore disponible dans votre langue.
AWS ECS Deployment
Amazon Elastic Container Service (ECS) provides a robust production deployment solution with global availability across AWS regions.
For compliance information, see: AWS Compliance Resources
Benefits
- Ideal for existing AWS customers
- Highly configurable deployment options
- Integrated AWS security and monitoring
Requirements
- Active AWS account
- AWS CLI installed (installation guide)
Replicas
Multi-replica (multi-instance) deployments are supported only with an Enterprise license. For all other license plans, ensure that only a single replica is used.
CloudFormation Deployment
AWS CloudFormation provides the simplest deployment method using our pre-configured template.
Stack Components
The template creates:
- ECS Service (Fargate launch type)
- Persistent EFS storage volume
- Internet-facing Application Load Balancer (ALB)
- Optional custom domain configuration
Deployment Command
aws cloudformation deploy \ --template-url https://raw.githubusercontent.com/altcha-org/sentinel/main/aws/aws-esc-alb.yml \ --stack-name altcha-sentinel-stack \ --capabilities CAPABILITY_IAMConfiguration Parameters
| Parameter | Description | Default Value |
|---|---|---|
ImageURI | Container image location | ghcr.io/altcha-org/sentinel:<version> |
ServiceName | ECS service name | altcha-sentinel |
DomainName | Custom domain (optional) | - |
CertificateArn | ACM certificate ARN for HTTPS (required if using DomainName) | - |
TaskCPU | CPU units (1024 = 1 vCPU) | 2048 (2 vCPU) |
TaskMemory | Memory in MiB (must match AWS CPU/Memory combinations) | 4096 (4GB) |
Example with custom parameters:
aws cloudformation deploy \ --template-url https://raw.githubusercontent.com/altcha-org/sentinel/main/aws/aws-esc-alb.yml \ --stack-name altcha-sentinel-stack \ --capabilities CAPABILITY_IAM \ --parameter-overrides \ DomainName=sentinel.example.com \ CertificateArn=arn:aws:acm:us-east-1:123456789012:certificate/xxxx-xxxx-xxxx \ TaskCPU=4096 \ TaskMemory=8192Accessing ALTCHA Sentinel
Default endpoint:
https://[your-alb-dns].elb.amazonaws.com/
Default credentials:
- Username:
root - Password:
root
Key endpoints:
- Web Interface:
https://[your-alb-dns].elb.amazonaws.com/ - API:
https://[your-alb-dns].elb.amazonaws.com/v1 - API Documentation:
https://[your-alb-dns].elb.amazonaws.com/v1/docs
If configured with a custom domain, replace the ALB DNS name with your domain.
Upgrading Sentinel
To upgrade Sentinel in your AWS ECS deployment, simply deploy a new version of the container image. This is handled entirely through CloudFormation by updating the ImageURI parameter.
Step-by-Step Upgrade
- Tag and Push the New Image
Ensure the latest version of Sentinel is tagged and pushed to your container registry (e.g. GitHub Container Registry):
docker buildx build --push \ --platform linux/amd64,linux/arm64 \ -t ghcr.io/altcha-org/sentinel:1.2.3 .- Update the CloudFormation Stack
Use the same deployment command, but update the ImageURI parameter to point to the new version tag:
aws cloudformation deploy \ --template-url https://raw.githubusercontent.com/altcha-org/sentinel/main/aws/aws-esc-alb.yml \ --stack-name altcha-sentinel-stack \ --capabilities CAPABILITY_IAM \ --parameter-overrides \ ImageURI=ghcr.io/altcha-org/sentinel:1.2.3CloudFormation will detect the change and perform a rolling update of the ECS service with zero downtime.
Optional: Roll Back to Previous Version
If needed, you can roll back by re-running the deployment command with a previous image tag:
aws cloudformation deploy \ --template-url https://raw.githubusercontent.com/altcha-org/sentinel/main/aws/aws-esc-alb.yml \ --stack-name altcha-sentinel-stack \ --capabilities CAPABILITY_IAM \ --parameter-overrides \ ImageURI=ghcr.io/altcha-org/sentinel:1.2.2Notes
- The ALB DNS and service configuration remain unchanged during upgrades.
- If you’re using
latesttags, AWS may not detect changes unless the image digest changes. Using explicit version tags is recommended.
Next Steps
- Follow the Integration Checklist to ensure a secure deployment.