I created an Elastic Beanstalk environment with custom configuration. I was able to change Availability Zones and placement, and I picked them.
After I created the environment, Elastic Beanstalk complained about
- Stack named 'awseb-e-**********-stack' aborted operation. Current
state: 'CREATE_FAILED' Reason: The following resource(s) failed to
create: [AWSEBInstanceLaunchWaitCondition].
- The EC2 instances failed to communicate with AWS Elastic Beanstalk,
either because of configuration problems with the VPC or a failed EC2
instance. Check your VPC configuration and try launching the
environment again.
I wanted to check out the AZs and placements; however, they are disabled
Why is that disabled? Is there a way to enable it? If so, how?
If you use Elastic Beanstalk with Load Balancer, you need to control Auto Scaling Group under Configuration > Network.
For example, if you just want to deploy on us-east-1b, select a subnet which uses that Availability Zone.
Related
I want to create 3 AWS Elastic Beanstalk instances and assign them to VPC with internal IP addresses. As you can see I have a default VPC created and running:
When I try to create a new AWS Elastic Beanstalk instance under the same Ohio region into the menu I see just see empty list of VPC:
Do you know what configuration I need to do in order to assign AWS Elastic Beanstalk instances to VPC?
EDIT:
I use this form to create VPC:
It seems like you did not select the Application Platform in Elastic Beanstalk's application creation process.
Try picking a platform before configuring more options.
I have an AWS MSK cluster running inside a VPC with 3 subnets.
When I created my Elastic Beanstalk (Java) environment it asked for VPC and I configured the same VPC where my MSK cluster is running. I also selected all the three listed subsets in my Elastic Beanstalk Network configuration. I did not assigned a public IP as I don't require access from internet to Elastic Beanstalk instances.
I also assigned AWS MSK Full Access permissions to the IAM Instance Profile that I selected for my Elastic Beanstalk environment under Security configuration. Just for information completeness, I selected the AWSServiceRoleForElasticBeanstalk as a service role.
On a side note, when I configured my Lambda to access the MSK cluster, it asked me for VPC as well as Security Groups explicitly. But I don't see any such configuration options for Security Groups in case of Elastic Beanstalk. Am I overlooking something here? my Lambda is able to successfully access MSK cluster.
I don't understand why my Elastic Beanstalk instance is unable to access my AWS MSK cluster. Am I missing something?
With the help of AWS Support, I was able to resolve this issue.
First, you can configure Security Groups under 'Instances' configuration card.
But, it was a bit confusing for me because, the VPC and Subnets are under 'Networking' configuration card, which is stacked way after the 'Instances' configuration card. And the Security Groups listed under 'Instances' directly depends on the VPC and Subnets selected under 'Networking'. If you change your selection in 'Networking' then you should update/review your Security Groups selection under 'Instances' as well.
So, in my case, first I select my target VPC and related Subnets under 'Networking' and only then I was able to see my target Security Groups under 'Instances'.
I am creating the first betas of a project. I need a SpringBoot server connecting to MongoDBs in AWS.
MongoDB is already deployed as a replicaset in different EC2 instances. I was exploring AWS Beanstalk as environment to deploy the SpringBoot. However I am not yet ready to deploy a Load Balancer, because is costly.
I am looking for the way to deploy a Single-Instance Environment (https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features-managing-env-types.html?ref_=pe_395030_31184250_9#single-instance-environ) in a VPC (which would be shared with MongoDB).
Does AWS Beanstalk allows you to configure a EC2 instance within an VPC but without Load Balancer?
If not, I am planning to deploy an EC2 instance in the VPC myself without Beanstalk.
Other temporary solution would be accessing MongoDB over the internet, with the right security group rules, but i do not think is a good practice at all, so I am not considering it.
All Elastic Beanstalk environments are in a VPC, unless you have a really old AWS account that still supports EC2 classic. What you are looking for is the EB Single-Instance Environment type.
In my AWS environment there are some load balanced / autoscaled Elastic Beanstalk applications.
I would like to have a load balancer in front of them, so any request to http://loadbalancer.com/app1 is routed to the first Elastic Beanstalk app, http://loadbalancer.com/app2 to the second and so on.
I tried to set up an application load balancer with different listeners routing to different target groups.
Unfortunately my solution is not ideal, because the target groups are bound to a fixed set of EC2 instances, while I want them to be associated to an environment where instances are created or destroyed on demand
I haven't still found a way of binding an application load balancer's listener to an auto scaling group.
Is there a way of achieving what I want?
I just managed to do it, following the instructions in this article
https://aws.amazon.com/blogs/devops/introducing-application-load-balancer-unlocking-and-optimizing-architectures/
the steps:
1) create a new target group
aws elbv2 create-target-group --name <target_group_name> --protocol HTTP --port 80 --vpc-id <vpc_id>
2) bind your target group to the autoscaling group associated to the app
aws autoscaling attach-load-balancer-target-groups --auto-scaling-group-name <id_of_the_autoscaling_group> --target-group-arns "<new_target_group_arns>"
3) create a new rule in the main application load balancer, that routes the desired path to the right application (this can be done through the UI).
The way I achieved this in the console for Application load balancer and elastic beanstalk is the following
Create new target group (TG-App1)
Attach TG-App1 to your beanstalk environments auto scale group. Now you will have both the beanstalk created target group and TG-App1 attached and both will now update with the instances.
Create new application load balancer (ALB-App)
Create ALB-App rules forwarding to TG-App1 (ex: PATH: /app1/* -> FORWARD: TG-App1)
Update the beanstalk environment instance security group to allow traffic from ALB-App's security group on port 80. (you will have 2 port 80 rules now, 1 for ALB-App and 1 for the default beanstalk load balancer security group)
This allows you to setup dns on ALB-App ("loadbalancer.com") and forward traffic based on rules to different target groups that have instances managed by different beanstalks. Just follow the steps to create a target group for each beanstalk environment and add it to the rules on ALB-App
the result:
"loadbalancer.com/app1" -> ALB-App -> TG-App1 -> Beanstalk Environment 1 instances
"loadbalancer.com/app2" -> ALB-App -> TG-App2 -> Beanstalk Environment 2 instances
Amazon Elastic Beanstalk now support for shared load balancers
11 - Sept-2020
https://aws.amazon.com/blogs/containers/amazon-elastic-beanstalk-introduces-support-shared-load-balancers/
The error message is:
Stack named 'awseb-e-r3uhxvhyz7-stack' aborted operation. Current state: 'CREATE_FAILED' Reason: The following resource(s) failed to create: [AWSEBInstanceLaunchWaitCondition].
I am trying to use Multi-Container Docker in AWS Elastic Beanstalk.
Can someone help me to get rid of this error.Is it necessary to use more than one EC2 instance for using Multi-Container Docker in AWS Elastic Beanstalk?
This sound kinda what your issue is:
If you use Amazon VPC with Elastic Beanstalk, Amazon EC2 instances deployed in a private subnet cannot communicate directly with the Internet. Amazon EC2 instances must have Internet connectivity to communicate to Elastic Beanstalk that they were successfully launched. To provide EC2 instances in a private subnet with Internet connectivity, you must add a load balancer and NAT to the public subnet. You must create the appropriate routing rules for inbound and outbound traffic through the load balancer and NAT. You must also configure the default Amazon VPC security group to allow traffic from the Amazon EC2 instances to the NAT instance.
Source: Amazon EC2 Instances Fail to Launch within the Wait Period
I've fixed this. It looks the like IAM role created by default for the single docker EB deployment didn't contain the necessary ECS Policy (unconfirmed).
I followed the instructions to create a policy to add the role and everyhing worked.