Skip to content
Kindo Kindo Docs

AWS Applications Deployment

This guide covers deploying the core Kindo application stack on AWS using the kindo-applications Terraform module.

Overview

The applications module deploys these Kindo services:

ServicePurpose
APINode.js backend REST/tRPC API
Next.jsServer-rendered React frontend
LiteLLMAI model routing proxy
Llama IndexerDocument indexing service
SSOReadySSO authentication services
CerbosAuthorization policy engine
Task WorkerBackground job processing
External PollerIntegration data polling
External SyncIntegration synchronization
CreditsUsage tracking service
Audit Log ExporterCompliance log export

Quick Start

  1. Set up the applications stack:

    Terminal window
    cd kindo-modules/stacks/applications
    cp terraform.tfvars.example terraform.tfvars

  2. Configure terraform.tfvars with outputs from infrastructure, secrets, and peripheries modules.

  3. Deploy:

    Terminal window
    terraform init
    terraform plan
    terraform apply

Configuration

Core Settings

project_name = "mycompany"
environment  = "production"
aws_region   = "us-west-2"


# Domain
domain_name = "kindo.mycompany.com"


# Kindo registry
kindo_registry_username = "..."
kindo_registry_password = "..."


# Application version
app_version = "2025.08.2"

From Previous Module Outputs

The applications module requires outputs from all three previous modules (infrastructure, secrets, peripheries), including:

  • EKS cluster details
  • Database endpoints and credentials
  • Redis and RabbitMQ endpoints
  • S3 bucket names
  • Unleash endpoint
  • Secret references

Post-Deployment

Verify All Services

Terminal window
for ns in api next litellm llama-indexer ssoready cerbos task-worker-ts \
  external-poller external-sync credits audit-log-exporter; do
  echo "=== $ns ==="
  kubectl get pods -n $ns
done

Configure DNS

Create DNS records pointing to the ALB endpoints:

Terminal window
# Get ALB addresses
kubectl get ingress -A -o wide

Create A/CNAME records for:

  • app.kindo.mycompany.com — Next.js ingress
  • api.kindo.mycompany.com — API ingress
  • sso.kindo.mycompany.com — SSOReady ingress

Initial Setup

  1. Create the first organization and admin user using the setup SQL (see SSO Setup)
  2. Configure AI models in Unleash (see Model Configuration)
  3. Set up integrations via Nango (see Integrations)

Test End-to-End

Terminal window
# Health check
curl https://api.kindo.mycompany.com/health


# Access the UI
open https://app.kindo.mycompany.com

Troubleshooting

Pods in CrashLoopBackOff

Terminal window
kubectl logs <pod-name> -n <namespace> --previous
kubectl describe pod <pod-name> -n <namespace>

Common causes: missing secrets, database connection failures, incorrect environment variables.

Ingress Not Working

Terminal window
# Check ALB controller logs
kubectl logs -n kube-system -l app.kubernetes.io/name=aws-load-balancer-controller


# Verify target group health
aws elbv2 describe-target-health --target-group-arn <arn>