Practical Liferay Series: Liferay on AWS

This is the second in a series of discussions on Liferay deployment environments and other practical issues. In this discussion, we look at using Amazon Web Services for building Liferay environments.

Cloud services and solutions have been on the rise in recent years, with hosted commodity servers and administrative tools easing system administration for development, testing and production environments. One popular cloud environment and services platform is Amazon’s AWS (Amazon Web Services) with its EC2 (Elastic Compute Cloud) servers and RDS (Relational Database Service) database servers.

AWS works well for setting up simple or complicated environments that are useful for development, integration, QA and production environments.

Through the AWS Management Console, AWS command line tools, Eclipse plugin or other means, it is easy to instantiate AWS resources such as a VPC (Virtual Private Cloud), EC2 instances, RDS databases, web servers, load balancers, etc. Furthermore, the creation of a group of these resources is easy to script using the Cloud Formation tools.


These are parts of a sample Cloud Formation template script for setting up a two-tier EC2 environment (one with Apache, one with a Liferay install) with an RDS MySQL database. These samples illustrate the JSON structure used for specifying EC2 entities.

Below is a JSON specification for creating a Linux EC2 instance with attached volume (ideal for locating the Liferay document library).

Resource definition for an EC2 instance:

"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"AvailabilityZone" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "TestAz" ]},
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ],
"KeyName" : { "Ref" : "KeyName" },
"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]},
"Volumes" : [
{ "VolumeId" : { "Ref" : "NewVolume" },
"Device" : "/dev/sdk"

"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access via port 22",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" : ""
} ]

"NewVolume" : {
"Type" : "AWS::EC2::Volume",
"Properties" : {
"Size" : "100",
"AvailabilityZone" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "TestAz" ]}

These JSON examples are for gathering parameters for creating a MySQL database in RDS :

"DBName": {
"Default": "MyDatabase",
"Description" : "The database name",
"Type": "String",
"MinLength": "1",
"MaxLength": "64",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters."

"DBUsername": {
"Default": "admin",
"NoEcho": "true",
"Description" : "The database admin account username",
"Type": "String",
"MinLength": "1",
"MaxLength": "16",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*",
"ConstraintDescription" : "must begin with a letter and contain only alphanumeric characters."

"DBPassword": {
"Default": "adminpw",
"NoEcho": "true",
"Description" : "The database admin account password",
"Type": "String",
"MinLength": "1",
"MaxLength": "41",
"AllowedPattern" : "[a-zA-Z0-9]*",
"ConstraintDescription" : "must contain only alphanumeric characters."

"DBClass" : {
"Default" : "db.m1.small",
"Description" : "Database instance class",
"Type" : "String",
"AllowedValues" : [ "db.m1.small", "db.m1.large", "db.m1.xlarge", "db.m2.xlarge", "db.m2.2xlarge", "db.m2.4xlarge" ],
"ConstraintDescription" : "must select a valid database instance type."

"DBAllocatedStorage" : {
"Default": "5",
"Description" : "The size of the database (Gb)",
"Type": "Number",
"MinValue": "5",
"MaxValue": "1024",
"ConstraintDescription" : "must be between 5 and 1024Gb."

The JSON resource specification to create the database:

"Resources" : {

"MyDBSubnetGroup" : {
"Type" : "AWS::RDS::DBSubnetGroup",
"Properties" : {
"DBSubnetGroupDescription" : "Subnets available for the RDS DB Instance",
"SubnetIds" : { "Ref" : "Subnets" }

"MyDBSecurityGroup" : {
"Type" : "AWS::RDS::DBSecurityGroup",
"Properties" : {
"GroupDescription" : "Security group for RDS DB Instance",
"EC2VpcId" : { "Ref" : "VpcId" }

"MyDB" : {
"Type" : "AWS::RDS::DBInstance",
"Properties" : {
"DBName" : { "Ref" : "DBName" },
"AllocatedStorage" : { "Ref" : "DBAllocatedStorage" },
"DBInstanceClass" : { "Ref" : "DBClass" },
"Engine" : "MySQL",
"EngineVersion" : "5.5",
"MasterUsername" : { "Ref" : "DBUsername" } ,
"MasterUserPassword" : { "Ref" : "DBPassword" },
"DBSubnetGroupName" : { "Ref" : "MyDBSubnetGroup" },
"DBSecurityGroups" : [ { "Ref" : "MyDBSecurityGroup" } ]

"Outputs" : {
"JDBCConnectionString": {
"Description" : "JDBC connection string for database",
"Value" : { "Fn::Join": [ "", [ "jdbc:mysql://",
{ "Fn::GetAtt": [ "MyDB", "Endpoint.Address" ] },
{ "Fn::GetAtt": [ "MyDB", "Endpoint.Port" ] },
{ "Ref": "DBName" }]]}

Resource specifications such as these can be utilized to script the creation and configuration of any AWS resource and create simple to complex architectures. More examples are available on the Amazon AWS website, linked in the references below.


During the creation of an EC2 instance, you set the ssh keys for the instance so that you can ssh into Liferay or any other software on the EC2 instance, either directly if the EC2 instance has an Elastic IP address or via a Bastion (internet access) server. Access control and connectivity can be controlled via the security groups and network access control lists that are part of an AWS environment configuration.

Installing Liferay, whether as a bundle with Tomcat or Glassfish, or unbundled on an EC2 instance is no different from installing on a local Linux machine or VM.

Using S3

Amazon’s S3 (Simple Storage Service) can be used with EC2 to store artifacts such as database dumps or tar files of a Liferay document library created by backup scripts. Additionally, a Liferay distribution tar file could be placed in an S3 bucket and pulled down and installed onto an EC2 instance via a script run as part of the Cloud Formation process.


Amazon’s AWS services and tools provide a useful means for quickly setting up development, testing and production environments for deploying web applications such as Liferay without the investment of in-house servers and system administrators, facilitating rapid development and deployment.


Amazon AWS

Getting Started With EC2

EC2 Documentation

Cloud Formation User Guide

VPC Documentation

RDS Documentation

Share with your peeps...Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedIn
Tagged with: , — Posted in Software Development

2 comments on “Practical Liferay Series: Liferay on AWS

  1. Hi Robert, thank you very much for sharing your knowledge in Liferay and AWS here. I have a question regarding S3 and CloudFront. How do you configure Liferay to store static content in S3 bucket, and then use CloudFront as CDN to deliver that static content to end users (static I mean, images, CCS, JS, etc). BIG THANKS! in advance.

    • Hello, glad the blog was helpful. I believe to do what you are looking for is first to configure Liferay to use S3 as it’s document library. I found
      this article that describes how to configure Liferay to use S3 for the document library. Once you do that, you would need to configure Cloudfront to use S3 as described here . Hope this helps.

Comments are closed.