How to use conditional in .ebextensions config (AWS Elastic Beanstalk) - amazon-web-services

I wish I could use conditional for .ebextensions configuration, but I don't know how to use it, my current case are :
One of .ebextensions configuration content are create a folder, actually the folder that must be created it's only once, because if I'm deploying app for second times or more I've got error, and the error said "the folder already exist".
So I need to give conditional, if the folder already exist it's not necessary to run again the command for create a folder.
If anyone has any insight or direction on how this can be achieved, I would greatly appreciate it. Thank you!

The .ebextensions config files allow conditional command execution by using the test: directive on a command. Then the command only runs if the test is true (returns 0).
Example .ebextensions/create_dir.config file:
commands:
01_create_dir:
test: test ! -d "${DIR}"
command: mkdir "${DIR}"
Another example (actually tested on EB) to conditionally run a script if a directory is not there:
commands:
01_intall_foo:
test: test ! -d /home/ec2-user/foo
command: "/home/ec2-user/install-foo.sh"
cwd: "/home/ec2-user/"
The sparse documentation from AWS is here:
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers-ec2.html#customize-containers-format-commands
PS.
If you just need to conditionally create the directory, you can do it without conditionals, using the -p option for mkdir to conditionally create the directory like so:
commands:
01_create_dir:
command: mkdir -p "${DIR}"

I think that the only way to do it is with shell conditions:
commands:
make-directory:
command: |
if [ ! -f "${DIR}" ]; then
mkdir "${DIR}"
fi
See bigger example in jcabi-beanstalk-maven-plugin.

Related

"Permission denied" on file when running a docker container

I have a file that I can't edit but needs to run on in a docker container. Because the file doesn't have an extension, I have to use chmod for setting the file executable. But after I build the docker image from the docker file I always get a "permission denied" error
My docker file:
FROM alpine
COPY . /home/guestuser/bin/gateway
RUN apk add libressl-dev
RUN apk add libffi-dev
RUN pwd
WORKDIR /home/guestuser/bin/.
RUN ["chmod", "+x", "gateway"]
RUN pwd
CMD ["/home/guestuser/bin/gateway"]
EXPOSE 11878
I alwas get this error:
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"/home/guestuser/bin/gateway\": permission denied": unknown.
As I already mentioned, I am not able to edit the file I want to execute. What am I doing wrong?
You may try this simple one.
FROM alpine
COPY . /home/guestuser/bin/gateway
RUN apk add libressl-dev
RUN apk add libffi-dev
WORKDIR /home/guestuser/bin/
RUN chmod -R 755 /home/guestuser
CMD ["/bin/bash", "/home/guestuser/bin/gateway"]
Otherwise, run sleep command login to container and see your commands works manually
It looks like you are using the exec form of CMD, as shown here
There are two ways to use CMD. The first is the way you are already doing it, in exec form:
CMD ["/home/guestuser/bin/gateway"]
Or you could use shell form:
CMD /home/guestuser/bin/gateway
If you need a shell you could also explicitly call one in exec form, which is what Ganesh was trying to suggest.
CMD ["sh", "/home/guestuser/bin/gateway"]
But if that syntax is correct, why didn't it work?
Well, because this is assuming that gateway is a file. The issue is... it probably isn't.
When you run this command:
COPY . /home/guestuser/bin/gateway
From the reference:
Multiple resources may be specified but the paths of files and directories will be interpreted as relative to the source of the context of the build.
You are copying the entire contents of the build context into the directory /home/guestuser/bin/gateway. If you want to copy a specific file, you should name it explicitly rather than using . The COPY command's syntax is source first, then destination, as shown here.
So when you are trying to execute gateway, you are probably "executing" a directory named gateway. So long as there is more than one file in the build context, gateway will be a directory. That can include the Dockerfile itself, so even if the build context is a folder with just the Dockerfile and the script you want to run, you'll still pull in both files, which turns gateway itself into a directory.
Tests you can try
As proof that your Dockerfile CMD syntax is correct, try changing that CMD to something like this:
CMD ["top"]
Similarly, you can remove the CMD and just run the container in interactive mode. It will drop you in your WORKDIR, which is empty except for the gateway directory, complete with the contents of whatever directory structure was pulled in during the build process.
So, to make this work, change your COPY line to name the script you want:
COPY somescript /home/guestuser/bin/gateway
Other notes:
your default user here is root, so you don't need to chmod gateway
RUN pwd will only show the first time you build the container

EB not able to access file in .ebextensions

I have the following container_command in my django.config that points to a script at path .ebextensions/supervise.sh:
container_commands:
01-supervise:
command: .ebextensions/supervise.sh
However when I deploy I get a permission error. Command failed on instance. Return code: 126 Output: /bin/sh: .ebextensions/supervise.sh:
Permission denied.
I'm wondering what is required to set permissions correctly? What is causing this error? As far as I can tell the issue isn't well documented. Thanks!
If you are using Windows, it looks like scripts lose their executable bit when packing/unpacking them.
Try resetting the executable bit before running them:
container_commands:
01-set-exec-bit:
command: chmod +x .ebextensions/deployschema.sh
test: "[ -f .ebextensions/deployschema.sh ]"
02-create-table:
command: ".ebextensions/deployschema.sh"
leader_only: true
From: https://forums.aws.amazon.com/thread.jspa?threadID=262121
First of all do not put you .sh files in .ebextensions folder. Create a separate folder in your app root and put it there. And update the .config file with following:
container_commands:
01-supervise:
command: "sh scripts/supervise.sh"
I know i am late in answering this but hopefully this will help someone struggling with this.

Add custom directives to wsgi.conf on AWS Beanstalk

I need to add ProxyPass directive to default wsgi.conf. I tried running sed command in container_commands script, but it seems to be called before wsgi.conf is created by deploy scripts. I found that i can drop custom hooks in /opt/elasticbeanstalk/hooks/appdeploy/post directory, but this method is not officially supported.
I wish I could find something more official, but it seems people are putting a wsgi.conf into their project, and using a container_commands script to move it to the appropriate location (which is not /etc/httpd/conf.d/wsgi.conf, though it does end up replacing /etc/httpd/conf.d/wsgi.conf in the end!):
container_commands:
04_wsgireplace:
command: "cp wsgi.conf ../wsgi.conf"
or
container_commands:
04_wsgireplace:
command: "cp .ebextensions/wsgi.conf ../wsgi.conf"
Depends on where in your project you've stored wsgi.conf, I assume. Looks like the script is being run from the app directory. I'm about to try it myself (for a flask project), and I'll report back!
There's a very related question here.
(References: 1,2,3)
Update: I tried it out (with wsgi.conf in .ebextensions), and it worked (for me).
I'm looking at another solution that builds on issue where default wsgi.conf needs to be extended. The concept comes from this blog post deploy
commands:
create_post_dir:
command: mkdir /opt/elasticbeanstalk/hooks/appdeploy/post
ignoreErrors: true
mv_post_appddeploy_script:
command: mv /tmp/99_wsgi_conf.sh /opt/elasticbeanstalk/hooks/appdeploy/post
files:
"/tmp/99_wsgi_conf.sh":
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
service httpd stop
echo "WSGIApplicationGroup %{GLOBAL}" >> /etc/httpd/conf.d/wsgi.conf
service httpd start
I think this is a more elegant solution - extend default rather than ignore. Can be made more sophisticated when required.

Amazon Elastic Beanstalk - Change Timezone

I´m running an EC2 instance through AWS Elastic Beanstalk. Unfortunately it has the incorrect timezone - it´s 2 hours earlier than it should be, because timezone is set to UTC. What I need is GMT+1.
Is there a way to set up the .ebextensions configuration, in order to force the EC2 instance to use the right timezone?
Yes, you can.
Just create a file /.ebextensions/00-set-timezone.config with following content
commands:
set_time_zone:
command: ln -f -s /usr/share/zoneinfo/Australia/Sydney /etc/localtime
This is assuming your are using default Amazon Linux AMI image. If you use some other Linux distribution, just change the command to whatever it requires to set timezone in that Linux.
This is a response from the aws Support Business and this works!
---- Original message ----
How can I change the timezone of an enviroment or rather to the instances of the enviroment in Elastic Beasntalk to UTC/GMT -3 hours (Buenos Aires, Argentina)?
I´m currently using Amazon Linux 2016.03. Thanks in advance for your help.
Regards.
---------- Response ----------
Hello,Thank you for contacting AWS support regarding modifying your Elastic Beanstalk instances time zone to use UTC/GMT -3 hours (Buenos Aires, Argentina), please see below on steps on how to perform this modification.
The below example shows how to modify timezone for Elastic Beanstalk environment using .ebextensions for Amazon Linux OS:
Create .ebextensions folder in the root of your application
Create a .config file for example 00-set-timezone.config file and add the below content in yaml formatting.
container_commands:
01changePHP:
command: sed -i '/PHP_DATE_TIMEZONE/ s/UTC/America\/Argentina\/Buenos_Aires/' /etc/php.d/environment.ini
01achangePHP:
command: sed -i '/aws.php_date_timezone/ s/UTC/America\/Argentina\/Buenos_Aires/' /etc/php.d/environment.ini
02change_AWS_PHP:
command: sed -i '/PHP_DATE_TIMEZONE/ s/UTC/America\/Argentina\/Buenos_Aires/' /etc/httpd/conf.d/aws_env.conf
03php_ini_set:
command: sed -i '/date.timezone/ s/UTC/America\/Argentina\/Buenos_Aires/' /etc/php.ini
commands:
01remove_local:
command: "rm -rf /etc/localtime"
02link_Buenos_Aires:
command: "ln -s /usr/share/zoneinfo/America/Argentina/Buenos_Aires /etc/localtime"
03restart_http:
command: sudo service httpd restart
Deploy application to Elastic Beanstalk including the .ebextensions and the timezone will change as per the above.
I hope that helps
Regards!
If you are running windows in your eb environment...
.
create a folder named .ebextensions in the root of your project..
inside that folder create a file named timezone.config
in that file add the following :
commands:
set_time_zone:
command: tzutil /s "Central Standard Time"
set the time zone as needed
screenshot
I'm using custom .ini file in php.d folder along with regular recommendations from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/set-time.html#change_time_zone:
The sed command inserts (rewrites) only the first line of /etc/sysconfig/clock, since the second line (UTC=true) should be left alone, per the above AWS documentation.
# .ebextensions/02-timezone.config
files:
/etc/php.d/webapp.ini:
mode: "000644"
owner: root
group: root
content: |
date.timezone="Europe/Amsterdam"
commands:
01_set_ams_timezone:
command:
- sed -i '1 s/UTC/Europe\/Amsterdam/g' /etc/sysconfig/clock
- ln -sf /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime
Changing the time zone of EC2 with Elastic Beanstalk is simple:
Create a .ebextensions folder in the root
Add a file with filename end with .config (timezone.config)
Inside the file
container_commands:
time_zone:
command: ln -f -s /usr/share/zoneinfo/America/Argentina/Buenos_Aires /etc/localtime
Then you have done.
Note that the container_commands is different from commands, from the document it states:
commands run before the application and web server are set up and
the application version file is extracted.
That's the reason of your time zone command doesn't work because the server hasn't started yet.
container_commands run after the application and web server have been
set up and the application version file has been extracted, but before
the application version is deployed.
If you are runing a java/Tomcat container, just put the JVM Option on the configuration.
-Duser.timezone=America/Sao_Paulo
Possibles values: timezones
Moving to AWS Linux 2 was challenging. It took me a while to work out how to do this easily in .ebextensions.
I wrote the simple solution in another stackoverflow question .. but for anyone needing instant gratification .. add the following commands into the file .ebextensions/xxyyzz.config:
container_commands:
01_set_bne:
command: "sudo timedatectl set-timezone Australia/Brisbane"
command: "sudo systemctl restart crond.service"
These workarounds only fixes the timezone for applications. But when you have any system services like a cron run it looks at the /etc/sysconfig/clock and that is always UTC. If you tail the cron logs or aws-sqsd logs would will notice timestamps are still 2hrs behind - in my case. And a change to the clock setting would need a reboot into order to take effect - which is not an option to consider should you have autoscaling in place or should you want to use ebextensions to change the system clock's config.
Amazon is aware of this issue and I dont think they have resolved it yet.
If your EB application is using the Java/Tomcat container, you can add the JVM timezone Option to the Procfile configuration. Example:
web: java -Duser.timezone=Europe/Berlin -jar application.jar
Make sure to add all configuration options before the -jar option, otherwise they are ignored.
in the .ebextensions added below for PHP
container_commands:
00_changePHP:
command: sed -i '/;date.timezone =/c\date.timezone = \"Australia/Sydney\"' /etc/php.ini
01_changePHP:
command: sed -i '/date.timezone = UTC/c\date.timezone = \"Australia/Sydney\"' /etc/php.d/aws.ini
02_set_tz_AEST:
command: "sudo timedatectl set-timezone Australia/Sydney"
command: "sudo systemctl restart crond.service"
commands:
01remove_local:
command: "rm -rf /etc/localtime"
02change_clock:
command: sed -i 's/\"UTC\"/\"Australia\/Sydney\"/g' /etc/sysconfig/clock
03link_Australia_Sydney:
command: "ln -f -s /usr/share/zoneinfo/Australia/Sydney /etc/localtime"
cwd: /etc
Connect AMI(amazon linux instance) via putty or ssh and execute the commands below;
sudo rm /etc/localtime
sudo ln -sf /usr/share/zoneinfo/Europe/Istanbul /etc/localtime
sudo reboot
Explanation of the procedure above is simply;
remove localtime,
update the timezone,
reboot
Please notify that I've changed my timezone to Turkey's localtime, you can find your timezone by listing zoneinfo directory with the command below;
ls /usr/share/zoneinfo
or just check timezone abbrevetaions via wikipedia;
http://en.wikipedia.org/wiki/Category:Tz_database
You can also check out the related Amazon AWS documentation;
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/set-time.html
Note: I'm not sure that if this is the best practice or not (probably not), however I've applied the procedure I've written above and it's working for me.

Elastic Beanstalk .ebextensions config file not getting deployed with git aws.push

I've linked a git branch to my Elastic Beanstalk environment and using git aws.push it deploys correctly.
I've now added a .extensions directory which contains a config script which should be creating a couple of directories. However, nothing appears to be happening.
I understand that the .extensions directory should be copied across to the ec2 instance as well but I'm not seeing it.
I've checked eb-tools.log and it's not mentioned in the upload.
Is there something additional that's required?
The script contains:
commands:
cache:
command: mkdir /tmp/cache
items:
command: mkdir /tmp/cache/items
chmod:
command: chmod -R 644 /tmp
You can find the run logs for this at /var/log/cfn-init.log.
In here I could see that the mkdir commands had worked initially but subsequently failed as the directory already existed.
Turns out that eb extensions run commands in alphabetical order so I had to change the commands to:
01command1:
02command2:
etc.
From this point on it worked fine.
Something else that was confusing me is that the .ebextensions directory in my local git repo was not appearing on the target instance directory. this is because once it's been run it will delete the directory.
Double check that your local script file has a .config extension. I was having a similar problem because my local file was called .ebextensions/01_stuff.yaml and it was fixed once I renamed it to .ebextensions/01_stuff.config.