Deploy to Azure
OpenReplay stack can be installed on a single machine and Microsoft Azure is an ideal candidate. Here's how to do it.
Launch a VM
- Sign in to your portal
- Click 'Virtual Machine' if it is available on the main screen. Otherwise, click 'Create a Resource' > 'Compute' > 'Virtual Machine'
- On the 'Virtual Machine' page, click 'Add' in case you're not automatically redirected to the creation page
- Pick Ubuntu Server 20.04 LTS for the 'Image'
- Pick your VM specifications. The minimum resources are
2 vCPUs, 8 GB of RAM, 50 GB of storage
, otherwise OpenReplay backend services won't simply start. The minimum specs are enough for a low/moderate volume. If you're expecting high traffic, you should scale from here. - Enable HTTP (80), HTTPS (443) and SSH (22) ports and take note of the
username
- Click 'Review + create'
Deploy OpenReplay
- Make sure your VM is
Running
then connect to it:
## From your terminalSSH_KEY=~/Downloads/openreplay-key.pem ## only if you've previously created an SSH keychmod 400 $SSH_KEYINSTANCE_IP=REPLACE_WITH_INSTANCE_PUBLIC_IPssh <username>@$INSTANCE_IP ## or ssh -i $SSH_KEY <username>@$INSTANCE_IP if you have a key
- Install OpenReplay by providing the domain on which it will be running (e.g. DOMAIN_NAME=openreplay.mycompany.com):
git clone https://github.com/openreplay/openreplay.gitcd openreplay/scripts/helmchartsDOMAIN_NAME=openreplay.mycompany.com bash init.sh
Configure TLS/SSL
OpenReplay deals with sensitive user data and therefore requires HTTPS to run. This is mandatory, otherwise the tracker simply wouldn't start recording. Same thing for the dashboard, without HTTPS you won't be able to replay user sessions.
You must therefore generate (or bring) your own SSL certificate.
First, go to Azure DNS (or your other DNS service provider) and create an
A Record
. Use the domain you previously provided during the installation step and point it to the VM using its public IP.If you're bringing your own certificate, create an SSL secret using the following command:
kubectl create secret tls openreplay-ssl -n app --key="private_key_file.pem" --cert="certificate.crt"
.
Note: If you don't have a certificate, generate one, that auto-renews, for your subdomain (the one provided during installation) using Let's Encrypt. Simply connect to OpenReplay VM, run
cd openreplay/scripts/helmcharts && bash certmanager.sh
and follow the steps.
- If you wish to enable http to https redirection (recommended), then uncomment the below block, under the
ingress-nginx
section, inopenreplay/scripts/helmcharts/vars.yaml
:
ingress-nginx: &ingress-nginxcontroller:config:ssl-redirect: trueforce-ssl-redirect: true
It's worth mentioning that our ingress-nginx
runs by default on ports 80|443
, but this can be easily changed, if needed, in vars.yaml
:
ingress-nginx: &ingress-nginxcontroller:service:ports:http: 80https: 443
- Finally reinstall OpenReplay NGINX:
cd openreplay/scripts/helmcharts && ./openreplay-cli -I
You're all set now, OpenReplay should be accessible on your subdomain. You can create an account by visiting the /signup
page (i.e. openreplay.mycompany.com/signup).
Note: For additional security, you can also run OpenReplay instance behind an Azure Load Balancer. Check the Azure LB docs for more details.
Troubleshooting
If you encounter any issues, connect to our Slack and get help from our community.