Docker Cloud Deployment
This guide covers deploying DBConvert Streams to cloud hosting providers such as AWS, Google Cloud, Azure, or DigitalOcean using Docker.
🔥 Quick Start
Easiest Installation (Recommended)
curl -fsSL https://dbconvert.nyc3.digitaloceanspaces.com/downloads/streams/latest/docker-install.sh | sh
This automatically:
- ✅ Installs Docker Compose (if missing)
- ✅ Sets up networking & volumes
- ✅ Detects public/local IP
- ✅ Configures NGINX
- ✅ Generates SSL Certificates.
DigitalOcean Marketplace
For the easiest cloud deployment option, DBConvert Streams is available as a 1-Click App on the DigitalOcean Marketplace: DBConvert Streams on DigitalOcean Marketplace
📖 Table of Contents
- Prerequisites
- Required Ports
- Service Architecture
- Installation
- IP Address Configuration
- Cloud Provider-Specific Instructions
- Managing Services
- Security Considerations
- Scaling Considerations
- Troubleshooting
Prerequisites
- Docker Engine 20.10.0 or newer
- Docker Compose v2.0.0 or newer
- Either
curl
ORwget
for downloading files - At least 2GB of available RAM
- 2GB of free disk space
- 2 CPU cores minimum (3+ cores recommended)
- A cloud server instance with a public IP address
Required Ports
When deploying to a cloud hosting provider, you need to ensure the following ports are open in your hosting provider's security group or firewall:
Port | Service | Description |
---|---|---|
22 | SSH | For SSH access to the server |
80 | HTTP | For Streams UI and API access |
443 | HTTPS | For secure UI and API access (if using HTTPS) |
These ports must be opened on your hosting provider to allow incoming connections from the internet. All other services run internally and don't need exposed ports.
API Access
The Streams API is now accessible through the Nginx proxy at:
- HTTP:
http://SERVER/api/
- HTTPS:
https://SERVER/api/
(if HTTPS is enabled)
You no longer need to expose port 8020 directly.
🛠 Service Architecture
DBConvert Streams consists of 3 main parts:
1️⃣ Core Services
stream-api
: REST API (via Nginx)stream-reader
: Reads source databasesstream-writer
(multiple instances): Writes to target DBsstream-ui
: Web interface (via Nginx)
2️⃣ Infrastructure Services
nats
: Messaging system (internal only)consul
: Service discovery (internal only)vault
: Secrets management (internal only)nginx
: Reverse proxy + SSL (ports 80, 443)
3️⃣ Network & Security
- All services run in
stream-net
(Docker network). - Nginx handles HTTPS & API routing.
- Internal services are not exposed.
- Stream logs are delivered via Server-Sent Events (SSE) through the Nginx proxy.
📥 Installation
1️⃣ Basic Install
Using curl
:
curl -fsSL https://dbconvert.nyc3.digitaloceanspaces.com/downloads/streams/latest/docker-install.sh | sh
Using wget
:
wget -qO- https://dbconvert.nyc3.digitaloceanspaces.com/downloads/streams/latest/docker-install.sh | sh
2️⃣ Advanced Install Options
Feature | Command |
---|---|
Install Specific Version | sh -s -- --version v1.0.0 |
Use Custom IP | sh -s -- --ip YOUR_PUBLIC_IP |
Local Development | sh -s -- --local |
Note about HTTPS
The --secure
option is not available during installation but can be used when starting services:
# Start services with HTTPS enabled
./start.sh --secure
IP Address Configuration
DBConvert Streams needs to know your server's public IP address to properly generate SSL certificates and configure network settings when deployed to cloud hosting providers. The system handles this in the following way:
- During installation, the
install.sh
script detects your public IP address and saves it to.env.public_ip
- The
start.sh
script uses this saved IP address for configuration - You can override the IP at any time by using the
--ip
flag with any script - If you need to change the IP after installation, simply run any script with the
--ip
flag
If you're experiencing connection issues, you can manually specify the IP address:
./start.sh --ip YOUR_PUBLIC_IP
Cloud Provider-Specific Instructions
DigitalOcean (Recommended)
Option 1: 1-Click App (Easiest Method)
- Visit the DBConvert Streams on DigitalOcean Marketplace
- Click "Create DBConvert Streams Droplet"
- Select your preferred Droplet size (2GB RAM / 2 vCPUs minimum recommended)
- Select a datacenter region
- Add your SSH keys
- Click "Create Droplet"
- Wait for deployment to complete (~2 minutes)
- Access your instance at the Droplet's IP address
Option 2: Manual Installation on a Droplet
- Create a Droplet:
- Recommended: Standard Droplet with 2GB RAM / 2 vCPUs or larger
- OS: Ubuntu 20.04 or newer
- Configure firewall:
- Create a firewall and allow ports 22, 80, and 443 (if using HTTPS)
- Install DBConvert Streams:bash
curl -fsSL https://dbconvert.nyc3.digitaloceanspaces.com/downloads/streams/latest/docker-install.sh | sh
Other Cloud Providers
The installation process is similar for AWS, Google Cloud, and Azure:
Create a VM/instance:
- Recommended specs: 2GB+ RAM, 2+ vCPUs
- Supported OS: Ubuntu 20.04+, Debian 10+, CentOS 7+, Amazon Linux 2
- Storage: At least 20GB
Configure security/firewall rules:
- Allow inbound traffic on ports 22, 80, and 443 (if using HTTPS)
Install DBConvert Streams:
bashcurl -fsSL https://dbconvert.nyc3.digitaloceanspaces.com/downloads/streams/latest/docker-install.sh | sh
Provider-Specific Notes
AWS EC2:
- Recommended instance type: t3.medium or larger
Google Cloud:
- Recommended machine type: e2-standard-2 or larger
- Make sure to allow HTTP/HTTPS traffic when creating the VM
Azure:
- Recommended VM size: Standard_B2s or larger
- Set up appropriate network security group rules
📌 Managing Services
🏁 Start Services
Before starting the services, obtain your API key from https://streams.dbconvert.com/account.
# Start with standard HTTP
./start.sh
If you need to manually specify the IP address:
./start.sh --ip YOUR_PUBLIC_IP
To enable HTTPS (requires generated certificates):
./start.sh --secure
To explicitly use HTTP only:
./start.sh --no-secure
❌ Stop Services
To temporarily stop all services while preserving data:
./stop.sh
🔄 Update Services
To update the DBConvert Streams services to a newer version:
# Update to latest version
./update.sh
# Update to specific version
./update.sh --version v1.0.0
Security Considerations
Firewall Configuration
It's recommended to use a firewall to restrict access to only the necessary ports:
# For Ubuntu/Debian with UFW
sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp # If using HTTPS
sudo ufw enable
SSL/TLS for Production
The installation automatically sets up Nginx as a reverse proxy with self-signed SSL certificates. While these work for testing, they cause browser warnings in production. For a production environment:
Option 1: Use Let's Encrypt (Recommended)
- Register a domain and point it to your server's IP address
- Install Certbot:bash
sudo apt update sudo apt install -y certbot python3-certbot-nginx
- Obtain certificates:bash
sudo certbot --nginx -d yourdomain.com
- Start with HTTPS enabled:bash
./start.sh --secure
Certbot automatically configures Nginx to use the new certificates, so no additional configuration is needed.
Option 2: Use Your Own Certificates
If you already have SSL certificates from another provider:
- Place your certificates in the
config/certs
directory:config/certs/certificate.crt
(your certificate file)config/certs/private.key
(your private key file)
- Start with HTTPS enabled:bash
./start.sh --secure
Scaling Considerations
Vertical Scaling
To improve performance, you can increase resources on your cloud instance:
- Increase CPU and RAM
- Use SSD storage for better I/O performance
🛠 Troubleshooting
Common Issues & Fixes
Issue | Fix |
---|---|
Docker not running? | sudo systemctl start docker |
Docker Compose not found? | docker compose version |
Wrong IP detected? | ./start.sh --ip YOUR_IP |
HTTPS not working? | ./generate_certs.sh → ./start.sh |
Firewall blocking ports? | sudo ./configure_firewall.sh |
Check Service Status
docker compose ps
View logs:
docker compose logs -f [service_name]
Reset Vault Credentials
docker compose logs vault-init | grep "Root Token:"
IP Address Issues
If you're experiencing connection issues related to the IP address:
Check what IP address is being used:
bashcat .env.public_ip
If the IP is incorrect, specify the correct IP manually:
bash./start.sh --ip YOUR_PUBLIC_IP
Cloud Provider-Specific Issues
AWS:
- Check that your security group is correctly configured for ports 22, 80, and 443
- Verify that your instance type has sufficient resources
Google Cloud:
- Ensure firewall rules are correctly applied for ports 22, 80, and 443
- Check that you've allowed HTTP traffic during VM creation
Azure:
- Verify network security group rules for ports 22, 80, and 443
- Check that endpoints are properly configured
DigitalOcean:
- Confirm firewall settings allow traffic on required ports (22, 80, and 443)
- Check that your Droplet has sufficient resources
🗑️ Uninstallation
To completely remove DBConvert Streams:
./uninstall.sh
This will:
- ✅ Stop & remove all containers
- ✅ Delete the Docker network
- ✅ Remove logs & configs
- ✅ Prompt before deleting data