How to deploy a web page architecture from a GCP Cloud Deployment yaml, which includes static files in a storage and a load balancer that has a backend bucket connected to this storage?
We need the load balancer to connect it to the GCP CDN.
I think you need to create the resources based on google's API on the deployment manager YAML script.
As my understanding you need to connect a load balancing with a backend bucket,
and the latter connect it to a storage bucket. I will asume the bucket creation is not necessary.
So the resources you need are compute.beta.backendBucket and the compute.v1.urlMap. The YAML file will look -kind- of this:
resources:
- type: compute.beta.backendBucket
name: backendbucket-test
properties:
bucketName: already-created-bucket
- type: compute.v1.urlMap
name: urlmap-test
properties:
defaultService: $(ref.backendbucket-test.selfLink)
hostRules:
- hosts: ["*"]
pathMatcher: "allpaths"
pathMatchers:
- name: "allpaths"
defaultService: $(ref.backendbucket-test.selfLink)
pathRules:
- service: $(ref.backendbucket-test.selfLink)
paths: ["/*"]
Note that the names are completely up to you. Also see there are ref (from reference) to link the backendBucket created on the first step to the urlMap of the second one.
Is good to mention that you will probably need more resources for a complete solution (specifically the frontend part of the load balancer).
Hope it can help in some way,
Cheers!
You can follow this guide from Google on how to create a Load Balancer to serve static content from a bucket. Note that the bucket and its content must already exists, the content will not be created by DM.
Follow the gcloud steps, not the console steps. For each step, find the correct API call and create a separate resource in your deployment manager config for each step.
Related
am trying to create S3 bucket using serverless framework. but when I deploy, it's creating two buckets one with the name I have mentioned in the severless.yml file and another bucket.
serverless.yml
service: aws-file-upload-tos3
provider:
name: aws
runtime: nodejs12.x
stage: dev
region: us-east-2
lambdaHashingVersion: 20201221
custom:
fileUploadBucketName: ${self:service}-${self:provider.stage}-bucket
resources:
Resources:
FileBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:custom.fileUploadBucketName}
AccessControl: PublicRead
Buckets created are
why its creating two buckets like this
By default, serverless framework creates a bucket with a generated name like <service name>-serverlessdeploymentbuck-1x6jug5lzfnl7 to store your service's stack state.
Each successive version of your serverless app is bundled and uploaded by sls to the deployment bucket, and deployed from there.
I think you have some control over how sls does this if you use the serverless-deployment-bucket plugin.
By default, the Serverless Framework creates a number of things on your machine in order to deploy what you have configured in your serverles.yml. It then needs to make use of a service inside AWS called CloudFormation to actually create the resources you configured, like your S3 bucket. The best way to do this is to take the things it created on your machine and upload them to AWS to ensure that the deployment continues without interruption or issue and the best place to do that is S3.
So the Serverless Framework will always (by default) create its own S3 bucket entirely unrelated to what you configured as a location to store the files it generated on your AWS account, then point CloudFormation at it to build the things you configured to get built.
While you have some control over this deployment bucket there always needs to be one. And it is completely unrelated to the bucket you configured.
When I create a beanstalk environment using a saved configuration, it works fine but creates a new security group for no reason and attaches it to the instances. I already provide a security group to allow SSH access to the instances from VPC sources.
I followed this thread and tried to restrict this behaviour with the following config inside .ebextentions:
Resources:
AWSEBSecurityGroup: { "CmpFn::Remove" : {} }
AWSEBAutoScalingLaunchConfiguration:
Properties:
SecurityGroups:
- sg-07f419c62e8c4d4ab
Now the creation process gets stuck at:
Creating application version archive "app-210517_181530".
Uploading stage/app-210517_181530.zip to S3. This may take a while.
Upload Complete.
Environment details for: restrict-sg-poc
Application name: stage
Region: ap-south-1
Deployed Version: app-210517_181530
Environment ID: e-pcpmj9mdjb
Platform: arn:aws:elasticbeanstalk:ap-south-1::platform/Tomcat 8.5 with Corretto 11 running on 64bit Amazon Linux 2/4.1.8
Tier: WebServer-Standard-1.0
CNAME: UNKNOWN
Updated: 2021-05-17 12:45:35.701000+00:00
Printing Status:
2021-05-17 12:45:34 INFO createEnvironment is starting.
2021-05-17 12:45:35 INFO Using elasticbeanstalk-ap-south-1-############ as Amazon S3 storage bucket for environment data.
How can I do this properly so that my SG is added to the instances and no new SGs are created.
PS: I am using a shared ALB so SG created for load balancers is not a problem right now.
In Order to Whitelist my API Endpoints Served on AWS ElasticBeanstalk:
I would like to return a fixed response from an Application Load Balancer (ALB) in my Elastic Beanstalk environment when it receives unexpected requests.
I need to do this in a reproducible and automated way. Currently I configure my Elastic Beanstalk apps with CloudFormation templates and .ebextensions.
I know how to do configure the fixed response manually in the console by adding a listener rule:
I haven't been able to find a combination of option settings that support this in .ebextensions.
Also, unless I am missing something, CloudFormation appears to expose the same options as .ebextensions through OptionSettings on the environment here.
Is it possible to configure a fixed response in either .ebextensions or CloudFormation?
If not, is there another automation-friendly approach to accomplish the same? Perhaps through an AWS API?
ElasticBeanstalk lets you use CloudFormation using the Resources tag in an .ebextensions config file.
EB deploys your app using CloudFormation. The Resources tag lets you add to this CloudFormation template. It also allows you to refer to the EB template's output Resources.
AWS Documentation
To configure an application load balancer to send 404 requests for bad URLs without touching application servers, add application load balancer listener rules to:
High Priority Rule: Listen for expected request URLs and forward requests to the app servers (TargetGroupArn)
Low Priority Rule: Catch all other request URLs and send a 404 fixed response.
Here is the YAML.
Saved it in .ebextensions/X.config and run 'eb deploy'. The AWS machinery takes care of updating the environment with the new listeners.
Resources:
validAPIRequestListenerRule:
Type: AWS::ElasticLoadBalancingV2::ListenerRule
Properties:
Actions:
- Type: forward
TargetGroupArn: { "Ref" : "AWSEBV2LoadBalancerTargetGroup" }
Conditions:
- Field: path-pattern
PathPatternConfig:
Values:
- "/api/*"
ListenerArn: { "Ref" : "AWSEBV2LoadBalancerListener443" }
Priority: 10001
defaultListenerRejectingInvalidUrls:
Type: AWS::ElasticLoadBalancingV2::ListenerRule
Properties:
Actions:
- Type: fixed-response
FixedResponseConfig:
StatusCode: 404
ContentType: "application/json"
MessageBody: "Fixed"
Conditions:
- Field: path-pattern
PathPatternConfig:
Values:
- "*"
ListenerArn: { "Ref" : "AWSEBV2LoadBalancerListener443" }
Priority: 40000
Notes
Take care with priorities, they go from 1-50,000, lower numbers win. The listeners in this snippet handle all requests before the default EB listener rule (which forwards unmatched requests to your target group)
The Logical IDs available for Ref/Fn::GetAtt tags noted in the AWS documentation are incomplete. If you get an error like this, open up CloudFormation in your console, take a look at the Resources tab corresponding to your EB deployment and see what logical IDs are available.
Service:AmazonCloudFormation, Message:Template format error:
Unresolved resource dependencies [AWSEBV2LoadBalancerListener] in the
Resources block of the template
My code:-
resources:
name: snapshot-4
type: compute.v1.disk
properties:
zone: asia-south1-a
Kind: compute#snapshot
sourceDisk: https://www.googleapis.com/compute/v1/projects/project-id/zones/asia-south1-a/disks/disk1
But it is creating Disk.. i want the snapshot of the disk1..
The only two supported ways to create Persistent Disk snapshots are via the API and via REST or client libraries. At this time there is no possibility to create a PD snapshot using the YAML. However I can recommend you to create a feature request in the Google Cloud Platform issue tracker to review your request.
I am creating an AWS EMR cluster running Spark using a Cloud Formation template. I am using Cloud Formation because that's how we create reproducible environments for our applications.
When I create the cluster from the web dashboard one of the options is to add a Key Pair. This is necessary in order to access via ssh the nodes of the cluster. http://docs.aws.amazon.com/ElasticMapReduce/latest/DeveloperGuide/EMR_CreateJobFlow.html
I can't see how to do the same when using Cloud Formation templates.
The template structure (see below) doesn't have the same attribute.
Type: "AWS::EMR::Cluster"
Properties:
AdditionalInfo: JSON object
Applications:
- Applications
BootstrapActions:
- Bootstrap Actions
Configurations:
- Configurations
Instances:
JobFlowInstancesConfig
JobFlowRole: String
LogUri: String
Name: String
ReleaseLabel: String
ServiceRole: String
Tags:
- Resource Tag
VisibleToAllUsers: Boolean
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-emr-cluster.html#d0e76479
I had a loook to the attribute JobFlowRole that is a reference to an instance profile (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html). Again, no sign of the KeyName.
Did anyone solved this problem before?
Thanks,
Marco
I solved this problem. I was just confused by the lack of naming consistency in Cloud Formation templates.
What is generally referred as KeyName becomes Ec2KeyName under
the JobFlowInstancesConfig.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-emr-cluster-jobflowinstancesconfig.html#cfn-emr-cluster-jobflowinstancesconfig-ec2keyname