I'm using clamscan to check content on my elastic beanstalk instance, however, I'm having an issue where AWS either moves the instance to another IP and then clam scan is suddenly uninstalled. Is there a good way to prevent this from happening?
Thanks.
Alex
If AWS is "moving the instance to a new IP" what is actually happening is that Elastic Beanstalk is deleting your instance and spinning up an entirely new instance. I assume you manually configured ClamAV on your EB EC2 instance via SSH, which is the wrong way to configure EB instances. You even get a warning on the screen when you SSH into the instance telling you not to make any changes to the server because they won't be persisted across EB instances.
You have to use the appropriate methods provided by Elastic Beanstalk to configure your instances so that Elastic Beanstalk knows how to configure new instances when it automatically creates them for you. The method for doing this is documented here.
Related
So, I'm running an AWS Elastic Beanstalk environment with a single instance.
This particular app is a background job app, and in order to deploy changes to my database, I need to pause the app during the deployment process. I'm running into a couple of problems with this: -
I can stop the EC2 instance for that EBS env, however this eventually terminates that instance, and it will spin up a new instance that immediately tries to run (don't want this, I want to control when the EBS env starts again).
When the new instance starts up, the Elastic IP I've associated to the previous instance gets un-allocated, and is not automatically allocated to the new EC2 instance (this is a problem because my database has an IP firewall, so I need it to keep the same IP, before and after pausing).
I read that associating my EBS to an VPC might solve the IP issue, but I can't figure out how to do that. In my configuration it says "This environment is not part of a VPC.", but there isn't an option to make the environment part of a VPC?
Ideally, I'd love to just "pause" the instance, so that it stops and can be re-started without me losing that instance or the IP configuration of that instance.
Can anyone help me to solve these problems, or provide some other method of configuring this setup?
I'm not so experienced with Beanstalk, but you can use .ebsextension to get a script run at instance start, right? Then use that script to call aws api to get available Elastic IP and assign that to the instance itself.
I have received an email from AWS that states
We have important news about your account (AWS Account ID: XXXXX). EC2
has detected degradation of the underlying hardware hosting your
Amazon EC2 instance (instance-ID: i-XXXX) in the eu-west-1 region. Due
to this degradation, your instance could already be unreachable. After
2017-05-25 10:00 UTC your instance, which has an EBS volume as the
root device, will be stopped.
I'm actually using Elastic Beanstalk with a load balancer with an elastic IP address on what is currently the only instance running (manually associated). In addition I have a reverse DNS for email purposes.
The email continues to say the following...
You may still be able to access the instance. We recommend that you
replace the instance by creating an AMI of your instance and launch a
new instance from the AMI. For more information please see Amazon
Machine Images
(http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html) in the
EC2 User Guide. In case of difficulties stopping your EBS-backed
instance, please see the Instance FAQ
(http://aws.amazon.com/instance-help/#ebs-stuck-stopping).
So how do I get Elastic Beanstalk to re-provision to new hardware?
Some options seem to be...
rebuild environment
save configuration -> terminate -> load configuration
clone environment -> manually change DNS -> Terminate old environment
'Terminate'environment -> 'Restore terminated environment'?
I'm not sure which variant would restore the environment, in particular it would be ideal if I don't loose the hostname / reverse DNS stuff that was done for email (SNS?) configuration.
It would be nice if I kept all of this (I don't care about the EC2 instance or data - the data is held in MongoDb external to all of this) ...
EC2 configuration (i.e. hardware box size, VM parameters etc)
Security Groups
Load balancer
Elastic IP associated to EC2 (easy enough to do manually after)
Hostname (whatever is required for the reverse DNS)
Thoughts would be appreciated! - It's a shame their email / documentation only discusses EC2 and not beanstalk configurations.
Just terminate the instance and let Elastic Beanstalk automatically spin up a new one. Any changes you are making to your EC2 instances in your beanstalk environment should be done through .ebextensions configuration files (you aren't making changes directly over ssh, right?) so you don't need to worry about "saving" your EC2 setup via creating an AMI.
As for all the items you listed that you need to save, those are all part of the EB environment configuration, not part of the EC2 instance that is being retired.
A load balanced Elastic Beanstalk environment is configured to terminate and create new EC2 instances as needed. There's no need to completely rebuild/replace your entire EB environment just because you need to replace one of the EC2 instances.
I created an Elastic Beanstalk environment with a VPC. Sometimes the environment will lock up on a code version deploy and have to be rebuilt. When this happens I lose my Elastic IP.
I tried disassociating the EIP before the rebuild, but it is still replaced. What can I do to make the EIP permanent!? (Yes, I need an EIP and a CNAME is not sufficient for my purposes)
Replace Root Volume
You can use the "Replace root volume" feature (available since Apr/2021).
From the CLI:
aws ec2 create-replace-root-volume-task --instance-id INSTANCEID
From the Console:
EC2 > Right click on instance > Monitor and troubleshoot > Replace root volume
Leave the snapshot ID blank.
If you spin up a elastic beanstalk environment in an VPC's subnet with an NAT gateway which already exists. I believe if Elastic beanstalk did not configure your EIP it should not automatically release it. Just saying that I have never experienced this issue you are raising here; My deployments never result in random crashes. You should check out why this happens and resolve that aswell.
I think this is maybe the difference between you and my setup: I configured elastic beanstalk in an already created VPC. I used this guide to create my VPC and subnets; maybe this is helpful for you too:
https://spinupwp.com/scaling-laravel-using-aws-elastic-beanstalk-part-2-setting-up-vpc-rds-elasticache/
What you can also do is a Green/Blue deployment on major software releases. You create a new EB environment you can copy the configuration of your current environment or with help of .ebextensions and hooks predeploy/postdeploy configure your environment for you. This will help you test/wait until the new deployment is stable and switch the DNS of your EB environments:
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.CNAMESwap.html
I am new to AWS and the question may seem very basic. However I need to see if I can find a solution to this.
I have created and launched an EC2 instance first and then created an Elastic Beanstalk instance with a sample application deployed on it. By default, the Elastic Beanstalk attaches "Default Environment" to this instance and I find no way to change this to my EC2 instance. How can I attach my EC2 instance (that I created earlier) to this Elastic Beanstalk instance? I am using Amazon Free Tier to learn.
Thanks a lot for your time and patience.
You cannot add an existing instance into an Elastic Beanstalk configuration.
Under the hood Elastic beanstalk uses Containers and a ton of configuration hooks, files, etc.
An instance is not the same and cannot even be guaranteed to be of matching types (perhaps the instance is CentOS and the Container runs on an ubuntu host).
It's simply not possible.
I have a running Amazon Elastic Beanstalk environment.
Sometimes it runs into problems and the load balancer kills my ec2 instance and starts a new one. I don't know how to create an "AMI" or template so the load balancer starts a new ec2 instance which is exactly like the one that I have configured.
Also, I attached some EBS blocks and I want to be able to create a new instance with a EBS block attached.
How can I do that?
I read the documentation but I cannot find what I need, and I think this is a common scenario.
Thanks
You should use .ebextensions to configure your Elastic Beanstalk instances. http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers.html
These configurations and dependencies are handled on instance start-up.