I am trying to add AWS EFS to my EB environment. I've created and EFS file system with default settings. Then following this guide I've added the config file to my .ebextensions.
option_settings:
aws:elasticbeanstalk:application:environment:
FILE_SYSTEM_ID: 'fs-123434234234'
MOUNT_DIRECTORY: '/efs'
I've created /efs folder in my eb. But when i am trying to deploy it, I get LoadBalancer awseb-e-t-AWSEBLoa-123245 could not be found. What am I missing? Did I maybe need to set-up security group policies? Because if I would have created a file system with storage-efs-createfilesystem.config it seems like it would set-up security groups access on port 2049. I am assuming I need to do that as well for my FS. But I can't find a guide how to do that.
Related
I want to add the servers which are behind the AWS Auto Scaling Group to the Nginx configuration file , I see with Nginx plus there is an agent nginx-asg-sync which we can use directly and it will do the work .
Is there any possibility that we can use the same in Nginx open source service ? , I am using Nginx open source and I am not finding a way to come up from this issue
Thanks
in AWS you only need to know how CLI/API works.
you can build this agent using only two cli commands:
aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names {PARAMS}
where {PARAMS} you query auto scaling group name and get instances IDs from it.
the second command is:
aws ec2 describe-instances --instance-ids {PARAMS}
then all you have to do is to build all the logic around this, for example in bash script you create nginx upstream template, and everytime new instance was launched you compare ip addresses and swap upstreams and reload nginx. or you can simply add/delete ip with sed
here is more eamples how you can do this:
https://serverfault.com/questions/704806/how-to-get-autoscaling-group-instances-ip-adresses
also you can add health check before changing upstreams.
I need to build an Elastic Beanstalk Environment that is configured to use a VPC I have already defined in my AWS Console. I am using the AWS Elastic Beanstalk CLI setup to do this:
https://github.com/aws/aws-elastic-beanstalk-cli-setup
I found this github project after searching for how to define the VPC settings in the Elastic Beanstalk CLI:
https://github.com/awsdocs/elastic-beanstalk-samples/tree/master/configuration-files/aws-provided/environment-configuration
On my workstation (laptop) where Elastic Beanstalk Environment CLI is installed I have the following working directory:
example#ubuntu:~/Documents/eb_test$ ls -la
..
.ebextensions
.elasticbeanstalk
.gitignore
platform.yaml
tomcat_platform.json
example#ubuntu:~/Documents/eb_test$ cd .ebextensions
example#ubuntu:~/Documents/eb_test/.ebextensions$ ls -la
..
vpc-custom-loadbalanced.config
example#ubuntu:~/Documents/eb_test/.ebextensions$ cat vpc-custom-loadbalanced.config
option_settings:
aws:ec2:vpc:
VPCId: "vpc-00000000"
Subnets: "subnet-00000000,subnet-00000000"
ELBSubnets: "subnet-00000000,subnet-00000000"
example#ubuntu:~/Documents/eb_test/.ebextensions$ cd ..
example#ubuntu:~/Documents/eb_test$ eb platform create
Even though the VPC is spelled correctly and defined on my AWS account (other services are currently using it) The Elastic Beanstalk instance uses the default VPC configuration on my AWS account instead.
Following this answer:
Creating Elastic Beanstalk environment with specified VPC
I have also tried this command instead:
example#ubuntu:~/Documents/eb_test$ eb platform create \
--vpc.id vpc-00000000 \
--Subnets "subnet-00000000,subnet-00000001"
And gotten this as a response:
2020-03-09 20:59:58 ERROR Failed to create the Packer builder environment: Configuration validation exception: Invalid option value: 'null' (Namespace: 'aws:ec2:vpc', OptionName: 'Subnets'): Specify the subnets for the VPC..
Is there a way to run this command and successfully set a custom VPC with it?
Try creating with vpc id and subnet ids. Check out the complete eb create options here https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/eb3-create.html
eb create --vpc.id vpc-id1 --vpc.dbsubnets subnet-id1,subnet-id2 --vpc.ec2subnets subnet-id1,subnet-id2
I want to use an AWS application load balancer(ALB) to redirect all the traffics of port 80 to port 443.
I know how to configure this with AWS console:
But how can I configure this programmatically so that I don't have to set the rules every time I create a new elastic beanstalk environment?
It looks like that this http-to-https rule can be set in .ebextension or saved configuration, probably using the values mentioned here.
But I still can't figure out the way to set the rule.
Anyone knows how to do this?
The Elastic Beanstalk documentation mentions that the load balancer type can be set with a config file in the .ebextensions folder. However, when I deploy my application in a newly created environment, Elastic Beanstalk still creates a classic load balancer.
I am creating the new environment through the AWS console and my application source package has the .ebextensions folder with settings specifying an application load balancer. As seen below:
.ebextensions/application-load-balancer.config
option_settings:
aws:elasticbeanstalk:environment:
LoadBalancerType: application
Am I missing a step during the creation of the environment? Have other people ran into this issue?
I ran into this issue as well, and from testing it appears that these .ebextensions /application-load-balancer.config settings only work if you create the environment with High Availability specified. So you can't just select the platform and upload your code and have the application load balancer and High Availability setup configured from the .config settings (even though the docs make it seem like this should work). Instead you must select the desired platform (PHP, etc.), upload your initial code, and then click on More Options and select the configuration preset for "High Availability". You may also need to select your VPC at this point as well, if you are deploying into a custom VPC network. You don't need to set any other settings, as those will be applied from your application-load-balancer.config file (and other .config files). It just seems that there's a distinction between environment creation and environment config, and some of these values can only be set during the "creation" step.
I wonder why this question is so poorly documented and it is hard to find an answer or sample, even though extensions under .ebextensions folder seem be a convenient way to work with environments within CI/CD process.
The proper way how to get 'application' load balancer created in Elastic Beansltalk environment is to use AWS::ElasticLoadBalancingV2::LoadBalancer inside your .config file specifying resources.
Sample:
Resources:
AWSEBV2LoadBalancer:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
Scheme: internet-facing
AWS::ElasticLoadBalancingV2::LoadBalancer specification:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html
The specification says that it is possible to set 'network' or 'gateway' load balancers as "Type" property, in turn, the other doc (https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environments-cfg-alb.html) says that it is not possible and you should use aws:elasticbeanstalk:environment option inside the options file configuration.
Whatever is true, the sample above works perfectly fine for 'application' load balancer since 'application' is the default type for V2.
Please note, that if you use ElasticLoadBalancingV2 load balancer, then you also have to use V2 listeners, target groups etc., as well as, V2 options (e.g. aws:elbv2:loadbalancer) inside your options configuration file
Sample for V2 listeners: https://github.com/awsdocs/elastic-beanstalk-samples/blob/b5e8eaea6a0acca6b80281d4f1afe408a50e1afb/configuration-files/aws-provided/resource-configuration/alb-http-to-https-redirection-full.config
Does anyone know if it's possible to change an existing AWS Elastic Beanstalk environment to an Application Load Balancer (instead of a classic one).
As far as I know only Application ELB's can be protected with AWS WAF and DDOS "Shield" so any existing EB app can't take advantage of these features since they have classic ELB's.
It is not possible to change the load balancer type for an existing environment but I have used the following process to create a cloned environment with an application load balancer (instead of classic).
In the console, save configuration of the original env.
In terminal, eb config get [save name], you will get a file in .elasticbeanstalk\saved_configs .
Edit the file to add
OptionSettings:
aws:elasticbeanstalk:environment:
LoadBalancerType: application
and remove (if you have those):
aws:elb:loadbalancer:
CrossZone: true
aws:elb:policies:
ConnectionDrainingEnabled: true
aws:elb:listener:443:
[whatever]
You can use this opportunity to do other changes, such as upgrade PlatformArn
Save modified config as [new save name].
In terminal, eb config put [new save name] .
Update your .ebextensions to have LoadBalancerType: application and optionally add listener to elbv2. You can also create in the console manually later.
aws:elbv2:listener:443:
ListenerEnabled: true
SSLPolicy: ELBSecurityPolicy-TLS-1-2-2017-01
SSLCertificateArns: [your cert id]
DefaultProcess: default
Protocol: HTTPS
Rules: ''
Create a new env with eb create [new env name] --cfg [new save name]
Now you will have a new environment with a different load balancer type side-by-side with your old environment. You can perform testing, make further configuration changes and then if all is well, swap CNAMEs and terminate the previous environment.
Hello As Per AWS Documentation:
The Elastic Beanstalk Environment Management Console only supports
creating and managing an Elastic Beanstalk environment with a Classic
Load Balancer. For other options, see Application Load Balancer and
Network Load Balancer.
Also
Note You can only set the load balancer type during environment
creation. (Refer AWS Documetnation)
So When you deploy application to Elastic Beanstalk via AWS CLI:
Try
eb create test-env --elb-type network
or
eb create test-env --elb-type application
The easiest way I've found to change an existing application to use the application load balancer is using both the Console and CLI:
In the console, save the application configuration of the original env. Note this name down. We'll use it as <saved-config-name>.
Under the Application versions note the latest Version Label. We'll use it as <app-version>.
From the CLI run eb create <new-environment-name> --elb-type application --cfg <saved-config-name> --version <app-version>
If you had HTTPs configured in the old application, in the newly created application reconfigure it in the Console under Load Balancer-->Listeners with the proper certificate.