If i use the eb-cli eb config save to save the configuration of my current environment it works to start a new one using eb create.
But if i want to create the same environment with a different AWS account obviously lines like the following make no sence:
aws:ec2:vpc:
Subnets: subnet-2d9a3c56
VPCId: vpc-1dff4c74
So how can i build the same elastic beanstalk environment within multiple accounts? Is there any way to tell AWS? Maybe an "Account Agnostic" config-save?
It would not be possible to build the exact same ElasticBeanstalk environment across accounts. The environment is going to have resource IDs such as VPCs and Subnets that will be different.
A good way to build effectively the same ElasticBeanstalk application across multiple accounts would be to use CloudFormation to configure the environments. This requires a different approach to creating environments, but also means that the configuration can be more easily version controlled.
With cloudformation you can specify the parameters to be selected to feed into the template when the stack is being created.
You can use the {"Ref" : ""} method to create drop down lists of Subnets in the VPC etc
This would be the way I would do it.
Related
I have two ec2 servers named Ec2-Webserver-1 and EC2-WebServer-2 inside same VPC under two different subnets served by Application Load Balancer.
When I made small changes to the first servers, Then I have to manually change the another server too. Otherwise I have to create an AMI and create a new server from the AMI.
I think, creating AMI each time when I made little changes is not the appropriate one.
Is there any other tools in AWS or third-party tools that can auto replicate the changes made on Server 1 to Server 2? I am currently using CentOS AMI.
I would suggest look into cloudformation. You can define your ec2, what IAM roles you want it to have and a whole lot of other stuff. Once that is done you can just run the cloudformation script and AWS will provision the EC2 with your defined settings automatically. CloudFormation link
You should be looking into Code Deploy https://aws.amazon.com/codedeploy/getting-started/?nc=sn&loc=4 Possibly combine it with Code Pipeline. Here is a starting point for deciding whether you need one or both. https://forums.aws.amazon.com/thread.jspa?threadID=172485
Good afternoon, all:
I have a CloudFormation template that creates an EBS Web Environment with an internal NLB. My plan for this is to then create a VPC Link and API Gateway to proxy to the web worker, essentially keeping the VPC private. I can accomplish this through the Console, and the POC for that works great. But what I would really love to do is take the ARN of the NLB created for the EBS Web Environment, and use that as the output for the CloudFormation template, which I can then use as the input for the CF template that will create the VPC Link. The questions I have are, is this possible, and if so, how do I go about getting the ARN for the NLB in this scenario? I can accomplish the feat in a two-step process; passing the ARN manually as a parameter to the second template. But I'd really like to do it programmatically if possible.
Any links, examples or advice that you can provide on this use case would be very much appreciated.
I want to do something similar but the problem is that the first CF stack that contains the EBS resources actually spins off second CF stack that contains the Web application resources. The NLB is in the second stack.
The second stack template is generated by EBS and you don't have control over it, which means you can't define outputs.
You can use the AWS Cli to list the second stack's resources and look for the NLB resource based on resource type, then grab the ARN. The problem with this is that you don't know the name of the second stack, so would again require the two stage deployment that you describe in your question.
Not much of an answer but I'll keep digging.
Update
This is similar How To Extract Load Balancer Name from Elastic Beanstalk Environment in CloudFormation
You could also create a Customization using the .ebextensions mechanism.
Recently I had to attach a WAF to an ElasticBeanstalk Application Load Balancer. If you create a .config file and place it in .ebextensions configure your environment and customize the AWS resources that it contains. If you haven't given a custom name to any of your resources you can reference it using the standard Resource names found here
(https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers-format-resources-eb.html)
NLBs, like ALBs use the same default resource name, so AWSEBV2LoadBalancer is what the doctor ordered.
My config looked like
Resources:
PublicWAF:
Type: AWS::WAFRegional::WebACLAssociation
Properties:
ResourceArn: {"Ref" : "AWSEBV2LoadBalancer" }
WebACLId:
Fn::GetOptionSetting:
OptionName: waf_id
Where Ref returns the Amazon Resource Name (ARN) of the load balancer.
I imagine you could place your Cloudformation for the VPC Link in a .config file for your Elastic Beanstalk App. Fair warning I used YAML for my config, but had to use the JSON format on the Reference function to get it work in my Environment.
ResourceArn: {"Ref" : "AWSEBV2LoadBalancer" }
Hi I already have one VPC in my aws for production. Now I want to create same vpc for test environment also. Is there any way to create a mirror image of VPC . Like creating one more VPC with identical of old VPC.
There's no API for this, but you can set up a script pretty easily.
Alternatively, instead of creating the first one manually, you can create it with CloudFormation so you can make multiple identical copies (even in different Regions) whenever you want.
Terraform from hashicorp is the best way to do that in my opinion. You can also use the terraforming from dtan4 at this link to export the existing resources and adjust them to create another environment. For example you may want to go for another IP range, name it different etc.
You should use Cloudfomer to "reverse-engineer" your VPC setup, and there is a nice layout as well. Nevertheless, you need special IAM roles to do this.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-using-cloudformer.html
Because it is "reverse-engineer", all the VPC setting will be similar(same VPC IP/CIDR , subnets) ) , AWS will assign new ID for individual component. To avoid maintenance nightmare, You should assign different tag name for your production and test environment.
I'm using AWS Elastic Beanstalk to deploy a system. That all works fine. If I want a UAT and PROD environment I can just setup 2 different elastic beanstalk apps, this also works fine. Now my question: Say my app uses dynamoDB or S3 buckets (something outside of the EB deployment) how do I have different versions of these for UAT and PROD?
Taking dynamo: you have A dynamo DB instance, not one per EB deployment. My code would write to a 'users' table but how do you stop UAT and PROD using the same user table given there is only one dynamoDB?
Same with S3 buckets? What you ideally want is a prod.mybucket.xxx and uat.my bucket.xxx
I'm clearly missing something, can you tell me what? :)
You can use Elastic Beanstalk environment variables (this example is for java, but it's similar in other languages). Use one to track the environment type (e.g. PARAM1=dev or PARAM1=uat) then name your other resources (buckets / dynamo tables) with that the prefix
s3 bucket -> prod-myapp-bucket / uat-myapp-bucket
In your code, just grab param1 in bootstrap and bring up your aws resources that way. This is how beanstalk lets your application know which database to connect to (In Java it's JDBC_CONNECTION_STRING).
OR
You could use AWS api to query the actual Elastic Beanstalk environment name to do something similar (depending on what language you're using, it's something like 'Describe Environment').
How do I change the configured RDS endpoint of an AWS Elastic Beanstalk environment?
E.g. after the RDS database was deleted or should be replaced with a new RDS database.
Update
The topic remains complex and the AWS Elastic Beanstalk (EB) documentation could still do a better job to clarify available options. The question has been about how to change an RDS endpoint, which seems to be read in two different ways:
One could interpret it about how to attach an existing externally managed RDS endpoint to an existing (not new!) EB environment - this is indeed not possible, rather one would need to resort to handling this scenario from within the app itself as e.g. outlined in section Using an Existing Amazon RDS DB Instance with Python within Using Amazon RDS with Python.
Rather, the OP asked about how to do that after the RDS database was deleted or should be replaced with a new RDS database, i.e. the RDS endpoint change is implied in the process of creating a new RDS database for an existing EB environment that already had one - this is indeed possible by means of the DBSnapshotIdentifier Option Value, which denotes The identifier for the DB snapshot to restore from. Once again the EB docs aren't exactly conclusive what this means, however, EB is using AWS CloudFormation under the hood, and the resp. entry for AWS::RDS::DBInstance - DBSnapshotIdentifier provides more details:
By specifying this property, you can create a DB instance from the
specified DB snapshot. If the DBSnapshotIdentifier property is an
empty string or the AWS::RDS::DBInstance declaration has no
DBSnapshotIdentifier property, the database is created as a new
database. If the property contains a value (other than empty string),
AWS CloudFormation creates a database from the specified snapshot. If
a snapshot with the specified name does not exist, the database
creation fails and the stack rolls back.
In other words, the typical result of updating any of the General Option Values from namespace aws:rds:dbinstance for an existing EB environment is the creation of a respectively adjusted RDS instance managed by EB, and thus a new RDS endpoint.
A specific sub scenario is the use of DBSnapshotIdentifier, which yields a new RDS instance managed by EB based on the referenced snapshot and can therefore be used to migrate (rather than attach) an existing externally managed RDS instance, albeit with considerable downtime based on the snapshot size.
Initial Answer
While unfortunately not specifically addressed within Configuring Databases with AWS Elastic Beanstalk, the AWS Elastic Beanstalk settings for an optional Amazon RDS database are handled via Option Values, see namespace aws:rds:dbinstance within General Options.
While the AWS Management Console hides many of those option values behind its UI, you can specify them explicitly when using the API via other means, both when creating an environment as well as when updating one (which is how you would change any settings of an RDS database instance) - see e.g. parameter --option-settings for update-environment from the the AWS Command Line Interface:
If specified, AWS Elastic Beanstalk updates the configuration set associated with the running environment and sets the specified configuration options to the requested value.
I created a config file under .ebextensions folder that had the following content:
option_settings:
- namespace: aws:rds:dbinstance
option_name: DBSnapshotIdentifier
value: <name-of-snapshot>
Upload and deploy and it will create a new RDS db using this snapshot.
Hot-swapping out the data tier within an environment is discouraged because it breaks down the integrity of the environment. What you want to do is clone the environment, with a restored snapshot of the RDS instance. This means you'll have an identical environment with a different url 'host', and if everything went without a hitch, then you can swap environment urls in order to initiate a DNS swap.
After the swap happens and everything is good to go, you can proceed to deflate the old environment
Follow the steps in the resolution to:
Use an Elastic Beanstalk blue (environment A)/green (environment B) deployment to decouple an RDS DB instance from environment A.
Create a new Elastic Beanstalk environment (environment B) with the necessary information to connect to the RDS DB instance.
check out the official answer below for more detailed solution
https://aws.amazon.com/premiumsupport/knowledge-center/decouple-rds-from-beanstalk/?nc1=h_ls