AWS Deployment - Ant Media Server

Overview

Ant Media Server can be deployed on Amazon Web Services (AWS) using multiple methods: EC2 instances with manual installation, AWS Marketplace one-click deployment, or automated CloudFormation templates for auto-scaling clusters.

Deployment Methods

AWS Marketplace (Recommended)

The fastest way to deploy Ant Media Server on AWS is through the AWS Marketplace:

Community Edition: AWS Marketplace Link
Enterprise Edition: AWS Marketplace Link

Manual EC2 Installation

Deploy on a standard EC2 instance using the Linux installation script.

CloudFormation Auto-Scaling

Use CloudFormation templates to deploy a complete auto-scaling cluster in minutes.

EC2 Instance Requirements

Instance Types

Minimum Requirements (Testing/Development):

Instance Type: t3.medium or t3a.medium
vCPUs: 2
Memory: 4 GB
Network: Moderate bandwidth

Recommended for Production:

Instance Type: c5.xlarge, c5.2xlarge, or c6i.xlarge
vCPUs: 4-8
Memory: 8-16 GB
Network: Up to 10 Gbps
Enhanced Networking: Enabled

High-Performance Streaming:

Instance Type: c5n.2xlarge, c6i.4xlarge
vCPUs: 8-16
Memory: 16-32 GB
Network: 25-50 Gbps
EBS-Optimized: Yes

Operating System

Supported AMIs:

Ubuntu Server 20.04 LTS (HVM)
Ubuntu Server 22.04 LTS (HVM)
Amazon Linux 2
Red Hat Enterprise Linux 8/9

Ubuntu 20.04 LTS or 22.04 LTS is recommended for best compatibility.

Storage

Root Volume: 20 GB minimum (GP3 recommended)
Additional Volume: 50-500 GB for recorded streams (GP3 or io2)
IOPS: 3000+ IOPS for production workloads

Quick Start: AWS Marketplace Deployment

Access AWS Marketplace

Log into your AWS Console
Navigate to AWS Marketplace
Search for “Ant Media Server”
Select Community or Enterprise Edition

Configure Instance

Click Continue to Subscribe then Continue to Configuration:

Region: Select your preferred AWS region
Software Version: Latest version
Fulfillment Option: CloudFormation or EC2

Launch Instance

Configure launch parameters:

Instance Type: c5.xlarge (or as needed)
VPC and Subnet: Select or create
Security Group: Configure or use default
Key Pair: Select existing or create new

Access Web Panel

Once the instance is running:

Get the public IP from EC2 dashboard
Open browser to http://PUBLIC_IP:5080
Create admin account on first access

Manual EC2 Installation

Launch EC2 Instance

Create a new EC2 instance:

# Using AWS CLI
aws ec2 run-instances \
  --image-id ami-0557a15b87f6559cf \
  --instance-type c5.xlarge \
  --key-name your-key-pair \
  --security-group-ids sg-xxxxxxxx \
  --subnet-id subnet-xxxxxxxx \
  --block-device-mappings '[{"DeviceName":"/dev/sda1","Ebs":{"VolumeSize":30,"VolumeType":"gp3"}}]' \
  --tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=AntMediaServer}]'

Connect to Instance

SSH into your instance:

ssh -i your-key.pem ubuntu@YOUR_INSTANCE_PUBLIC_IP

Install Ant Media Server

Download and run the installation script:

wget https://raw.githubusercontent.com/ant-media/Scripts/master/install_ant-media-server.sh
chmod +x install_ant-media-server.sh
sudo ./install_ant-media-server.sh

Verify Installation

Check if the service is running:

sudo systemctl status antmedia

Access the web panel at http://YOUR_INSTANCE_PUBLIC_IP:5080

Security Group Configuration

Required Inbound Rules

Create a security group with the following inbound rules:

Type	Protocol	Port Range	Source	Description
HTTP	TCP	5080	0.0.0.0/0	Web Panel HTTP
HTTPS	TCP	5443	0.0.0.0/0	Web Panel HTTPS
Custom TCP	TCP	1935	0.0.0.0/0	RTMP
Custom TCP	TCP	8443	0.0.0.0/0	RTMPS (if SSL enabled)
Custom UDP	UDP	5000-65000	0.0.0.0/0	WebRTC Media
SSH	TCP	22	Your IP	SSH Access

Using AWS CLI

# Create security group
aws ec2 create-security-group \
  --group-name antmedia-sg \
  --description "Ant Media Server Security Group" \
  --vpc-id vpc-xxxxxxxx

# Add rules
aws ec2 authorize-security-group-ingress --group-id sg-xxxxxxxx --protocol tcp --port 5080 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-id sg-xxxxxxxx --protocol tcp --port 5443 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-id sg-xxxxxxxx --protocol tcp --port 1935 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-id sg-xxxxxxxx --protocol udp --port 5000-65000 --cidr 0.0.0.0/0
aws ec2 authorize-security-group-ingress --group-id sg-xxxxxxxx --protocol tcp --port 22 --cidr YOUR_IP/32

For production, restrict port 22 (SSH) to specific IP addresses only. Avoid using 0.0.0.0/0 for SSH access.

Elastic IP Configuration

Assign an Elastic IP for a static public IP address:

# Allocate Elastic IP
aws ec2 allocate-address --domain vpc

# Associate with instance
aws ec2 associate-address \
  --instance-id i-xxxxxxxx \
  --allocation-id eipalloc-xxxxxxxx

Configure Server Name

Update the server configuration with your Elastic IP or domain:

sudo nano /usr/local/antmedia/conf/red5.properties

Set:

server.name=YOUR_ELASTIC_IP_OR_DOMAIN

Restart the service:

sudo systemctl restart antmedia

CloudFormation Auto-Scaling Deployment

Quick Deploy with CloudFormation

Deploy a complete auto-scaling cluster in 5 minutes using AWS CloudFormation.

Access CloudFormation Template

Use the official Ant Media Server CloudFormation template:

Configure Parameters

Key CloudFormation parameters:

Instance Type: c5.xlarge or larger
Min/Max Instances: Auto-scaling limits (e.g., 2-10)
License Key: Your Enterprise license key
VPC and Subnets: Network configuration
Key Pair: SSH key for instances
SSL Certificate: Optional ACM certificate ARN

Deploy Stack

Review all parameters
Acknowledge IAM resource creation
Click Create Stack
Monitor stack creation (10-15 minutes)

Access Load Balancer

Once stack is complete:

Get the Load Balancer DNS from Outputs tab
Access dashboard: http://LOAD_BALANCER_DNS:5080

CloudFormation Stack Components

The auto-scaling stack creates:

Application Load Balancer (ALB): Distributes traffic across instances
Auto Scaling Group: Scales instances based on CPU/memory
Launch Template: Defines instance configuration
DocumentDB or MongoDB: Cluster database (Enterprise)
Security Groups: Network security configuration
CloudWatch Alarms: Monitoring and alerts
Target Groups: Health checking and routing

Storage Configuration

EBS Volume for Recordings

Attach additional EBS volume for stream recordings:

# Create volume
aws ec2 create-volume \
  --size 100 \
  --volume-type gp3 \
  --iops 3000 \
  --availability-zone us-east-1a

# Attach to instance
aws ec2 attach-volume \
  --volume-id vol-xxxxxxxx \
  --instance-id i-xxxxxxxx \
  --device /dev/sdf

Mount the volume:

# Format (first time only)
sudo mkfs -t ext4 /dev/xvdf

# Create mount point
sudo mkdir -p /mnt/streams

# Mount
sudo mount /dev/xvdf /mnt/streams

# Add to fstab for persistence
echo '/dev/xvdf /mnt/streams ext4 defaults,nofail 0 2' | sudo tee -a /etc/fstab

# Change ownership
sudo chown -R antmedia:antmedia /mnt/streams

S3 Integration

Configure S3 for stream recording storage:

# Create S3 bucket
aws s3 mb s3://your-antmedia-recordings --region us-east-1

# Configure lifecycle policy for automatic cleanup
aws s3api put-bucket-lifecycle-configuration \
  --bucket your-antmedia-recordings \
  --lifecycle-configuration file://lifecycle.json

Configure in Ant Media Server application settings via web panel or API.

Database Configuration (Enterprise)

DocumentDB (MongoDB-compatible)

# Create DocumentDB cluster
aws docdb create-db-cluster \
  --db-cluster-identifier antmedia-cluster \
  --engine docdb \
  --master-username antmedia \
  --master-user-password YourStrongPassword \
  --vpc-security-group-ids sg-xxxxxxxx

# Create instance
aws docdb create-db-instance \
  --db-instance-identifier antmedia-instance \
  --db-instance-class db.r5.large \
  --engine docdb \
  --db-cluster-identifier antmedia-cluster

Configure Cluster Mode

Switch to cluster mode with DocumentDB:

sudo /usr/local/antmedia/change_server_mode.sh cluster "mongodb://antmedia:YourStrongPassword@antmedia-cluster.cluster-xxxxxxxx.us-east-1.docdb.amazonaws.com:27017/?replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false"

SSL/TLS Configuration

Using AWS Certificate Manager (ACM)

For load balancer SSL termination:

Request certificate in ACM
Validate domain ownership
Attach certificate to ALB listener
Configure ALB to forward to instances on port 5080

Using Let’s Encrypt on EC2

sudo /usr/local/antmedia/enable_ssl.sh -d yourdomain.com -e [email protected]

Monitoring and CloudWatch

Enable CloudWatch Logs

Install CloudWatch agent:

wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb
sudo dpkg -i amazon-cloudwatch-agent.deb

Configure log collection:

{
  "logs": {
    "logs_collected": {
      "files": {
        "collect_list": [
          {
            "file_path": "/var/log/antmedia/antmedia-error.log",
            "log_group_name": "/aws/ec2/antmedia",
            "log_stream_name": "{instance_id}/error.log"
          }
        ]
      }
    }
  }
}

CloudWatch Metrics

Monitor key metrics:

CPU Utilization
Network In/Out
Disk I/O
Memory Usage (with CloudWatch agent)
Custom metrics via API

IAM Roles and Permissions

Required IAM Permissions

Create an IAM role for EC2 instances with these policies:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:PutObject",
        "s3:GetObject",
        "s3:ListBucket"
      ],
      "Resource": [
        "arn:aws:s3:::your-antmedia-recordings/*",
        "arn:aws:s3:::your-antmedia-recordings"
      ]
    },
    {
      "Effect": "Allow",
      "Action": [
        "cloudwatch:PutMetricData",
        "logs:CreateLogGroup",
        "logs:CreateLogStream",
        "logs:PutLogEvents"
      ],
      "Resource": "*"
    }
  ]
}

Cost Optimization

Use Spot Instances

For non-critical workloads, use EC2 Spot Instances:

aws ec2 request-spot-instances \
  --spot-price "0.10" \
  --instance-count 1 \
  --type "one-time" \
  --launch-specification file://spot-spec.json

Reserved Instances

For production workloads, purchase Reserved Instances for up to 72% savings.

Right-Sizing

Monitor instance metrics and adjust instance type based on actual usage.

Backup and Disaster Recovery

Automated EBS Snapshots

aws dlm create-lifecycle-policy \
  --description "Daily AntMedia backups" \
  --state ENABLED \
  --execution-role-arn arn:aws:iam::ACCOUNT:role/DLMRole \
  --policy-details file://backup-policy.json

Multi-Region Deployment

For high availability, deploy across multiple AWS regions:

Primary region: us-east-1
Failover region: us-west-2
Use Route 53 for DNS failover

Troubleshooting

Instance Not Accessible

Check security group rules
Verify Elastic IP association
Check instance status in EC2 console
Review system logs in EC2 console

WebRTC Connection Issues

Verify UDP ports 5000-65000 are open
Check public IP configuration
Ensure server.name is set correctly
Test with STUN/TURN servers

Performance Issues

Monitor CloudWatch metrics
Check instance type is appropriate
Verify EBS volume performance
Review application logs

Get Started

Core Concepts

Deployment

Configuration

Streaming

Features

Security

Storage

SDKs

Operations

​Overview

​Deployment Methods

​AWS Marketplace (Recommended)

​Manual EC2 Installation

​CloudFormation Auto-Scaling

​EC2 Instance Requirements

​Instance Types

​Operating System

​Storage

​Quick Start: AWS Marketplace Deployment

​Manual EC2 Installation

​Security Group Configuration

​Required Inbound Rules

​Using AWS CLI

​Elastic IP Configuration

​Configure Server Name

​CloudFormation Auto-Scaling Deployment

​Quick Deploy with CloudFormation

​CloudFormation Stack Components

​Storage Configuration

​EBS Volume for Recordings

​S3 Integration

​Database Configuration (Enterprise)

​DocumentDB (MongoDB-compatible)

​Configure Cluster Mode

​SSL/TLS Configuration

​Using AWS Certificate Manager (ACM)

​Using Let’s Encrypt on EC2

​Monitoring and CloudWatch

​Enable CloudWatch Logs

​CloudWatch Metrics

​IAM Roles and Permissions

​Required IAM Permissions

​Cost Optimization

​Use Spot Instances

​Reserved Instances

​Right-Sizing

​Backup and Disaster Recovery

​Automated EBS Snapshots

​Multi-Region Deployment

​Troubleshooting

​Instance Not Accessible

​WebRTC Connection Issues

​Performance Issues

​Next Steps

Build docs developers (and LLMs) love

Overview

Deployment Methods

AWS Marketplace (Recommended)

Manual EC2 Installation

CloudFormation Auto-Scaling

EC2 Instance Requirements

Instance Types

Operating System

Storage

Quick Start: AWS Marketplace Deployment

Manual EC2 Installation

Security Group Configuration

Required Inbound Rules

Using AWS CLI

Elastic IP Configuration

Configure Server Name

CloudFormation Auto-Scaling Deployment

Quick Deploy with CloudFormation

CloudFormation Stack Components

Storage Configuration

EBS Volume for Recordings

S3 Integration

Database Configuration (Enterprise)

DocumentDB (MongoDB-compatible)

Configure Cluster Mode

SSL/TLS Configuration

Using AWS Certificate Manager (ACM)

Using Let’s Encrypt on EC2

Monitoring and CloudWatch

Enable CloudWatch Logs

CloudWatch Metrics

IAM Roles and Permissions

Required IAM Permissions

Cost Optimization

Use Spot Instances

Reserved Instances

Right-Sizing

Backup and Disaster Recovery

Automated EBS Snapshots

Multi-Region Deployment

Troubleshooting

Instance Not Accessible

WebRTC Connection Issues

Performance Issues

Next Steps