CNE AWS Ready: Bootstrapping Your Initial Environment
After completing the prerequisites, run the Cloud Native Experience (CNE) bootstrap process. This step provisions the AWS infrastructure, configures GitOps synchronization, and deploys the Liferay platform.
Initial Cloud Native Experience (CNE) provisioning can take 45–70 minutes to complete.
The bootstrap process provisions several AWS-managed services through Crossplane. The longest steps are typically:
- OpenSearch provisioning (up to ~30 minutes)
- Amazon RDS database provisioning (up to ~20 minutes)
These services run in parallel but must both complete before the LiferayInfrastructure resource reports Healthy, which allows the Liferay application to start with valid connection details.
Do not interrupt the bootstrap process during this time.
For your first Cloud Native deployment, run the bootstrap process with the default configuration before modifying any Terraform or Helm values.
This initial deployment helps you become familiar with the Cloud Native tooling, including Terraform, Argo CD, and the GitOps workflow.
After reviewing the environment and understanding the deployment process, tear down the environment and run the bootstrap again with the configuration required for your production deployment.
Authenticate Your Local Environment
Before running the script, authenticate your terminal with your AWS account.
-
Configure an AWS CLI profile if you have not already done so:
aws configure sso -
Authenticate with your AWS account:
export AWS_PROFILE=[your-profile-name] aws sso login
Prepare the Bootstrap Directory
Create a directory for the bootstrap process. In this directory, create a config.json file. Run the bootstrap commands from this location.
For example,
mkdir cne-bootstrap
cd cne-bootstrap
touch config.json
Configure the Bootstrap
The config.json file defines how the bootstrap process provisions your environment.
Open the file and add the required options and variables:
{
"options": {
"provider": "aws",
"version": "1.0.0",
"auto_approve": false
},
"variables": {
"deployment_name": "clarity",
"liferay_git_repo_url": "https://github.com/clarity/acme-gitops",
"region": "us-west-2",
"liferay_git_repo_config": {
"auth": {
"credentials_secret_name": "liferay/credentials/gitops"
},
"source_paths": {},
"target": {}
}
}
}
The GitOps repository must be accessible by Argo CD.
The liferay_git_repo_config.auth.credentials_secret_name value must match the secret created in the prerequisites. This secret stores your Git repository credentials (such as a GitHub Personal Access Token) and is required for Argo CD to authenticate with your repository.
The secret name can follow your own naming convention, but it must match the value configured in config.json.
Options
| Option | Description |
|---|---|
provider | Specifies the self-hosted provider. Valid values: aws, gcp. |
version | Defines the bootstrap version. Use a version provided by Liferay. |
auto-approve | Automatically approves infrastructure creation when set to true. |
Variables
| Variable | Description |
|---|---|
deployment_name | Identifier used to name infrastructure resources. |
liferay_git_repo_url | URL of the GitOps repository (for example, your fork of the boilerplate created during the prerequisites). |
liferay_git_repo_config | Configuration for accessing the GitOps repository, including authentication via a credentials secret. |
region | AWS region where infrastructure is created. |
liferay_git_repo_config.source_paths | Defines the source paths in the GitOps repository. Leave empty ({}) for the default configuration. |
liferay_git_repo_config.target | Defines the deployment target configuration. Leave empty ({}) for the default configuration. |
Run the Bootstrap Script
-
From the directory containing
config.json, run:bash <(curl -sL https://raw.githubusercontent.com/liferay/liferay-portal/master/cloud/scripts/bootstrap.sh)The script downloads the specified bootstrap version and runs the bootstrap process.
-
If
auto-approveis set tofalse, confirm infrastructure creation when prompted and accept the default values unless you have specific requirements.- EKS – Kubernetes cluster
- GitOps Platform – Argo CD and supporting services
- GitOps Resources – Liferay and its dependencies
Re-run the Bootstrap Process
If the bootstrap process fails (for example, due to invalid configuration values), update your config.json file and run the bootstrap command again from the same directory.
- The script may reuse existing resources when possible.
- Depending on the failure point, some AWS resources may already exist and cause conflicts on re-run.
If the bootstrap process continues to fail, clean up the environment and run the bootstrap again.
If issues persist after re-running the bootstrap process, see Troubleshooting.
Access Argo CD
When the bootstrap process completes, the script prints the Argo CD administrator password and starts a port-forward.
To access Argo CD, open http://localhost:8080 in your browser.
Log in with:
Username: admin
Password: [see terminal output]
If you close the terminal and want to access Argo CD again, run:
kubectl port-forward service/argocd-server 8080:443 \
--namespace argocd-system
To retrieve the initial administrator password again, run:
kubectl -n argocd-system get secret argocd-initial-admin-secret \
-o jsonpath="{.data.password}" | base64 --decode
Once the applications reach Healthy and Synced status in Argo CD, the Cloud Native Experience environment is fully provisioned. The AWS infrastructure, Kubernetes cluster, and Liferay platform are now running and managed through GitOps.
Continue with Configuring the Cloud Native Experience.