web-development/strapi-elb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updating docs

Browse Source
This commit is contained in:
dtomlinson
2020-04-30 19:05:17 +01:00
parent 150b709e0b
commit 3e88adf792
1 changed files with 16 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
todo.md
View File

@@ -87,29 +87,25 @@ Outputs:
Defines a VPC. We can then pass in the stackname to another CF template and it can reference this VPC. The VPC names are static between projects (they don't have to be but here they are).
Check if the security group of the CF RDS matches that of ELB RDS. They should specify the same (one postgres inbound on 5432 and all traffic all/all inbound)
They don't - the traffic all/all isnt there on ELB RDS SG.
This is because we are editing the default security group. We should create a new security group then change the inbound rules on there.
Do we need a seperate security group for the database? - The answer should be that there is a seperate security group for RDS, and one for EC2. EC2 one should be created by ELB automatically. - This is true. The RDS one is created in CF.
Do we need a seperate security group for the database? - The answer should be that there is a seperate security group for RDS, and one for EC2. EC2 one should be created by ELB automatically.
Does the db and the ec2 instances share the same VPC?
Does the db and the ec2 instances share the same VPC? - Yes. They have different security groups.
To Do
Change stacknames
New stack names
--stack-name temp-vpc: strapi-vpc-seperate
--stack-name new-temp-vpc: strapi-vpc-elb
--stack-name temp: strapi-elb
To have a replica database you should create a new DB instance with same AllocatedStorage size and DBInstanceClass. You should set the SourceDBInstanceIdentifier to be a `!Ref` of your primary DB. You should also set the SourceRegion.
- Create the VPC CF template twice (one for ELB, other to compare)
- In RDS CF template:
- Create a https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html
- Change SecurityGroupIngress to this SG
- Deploy strapi-prod with VPC + subnets of one of the VPCs
- Compare the db SG ingress with ELB, should be the same now.
CF RDS ELB template:
https://github.com/garystafford/aws-rds-postgres/blob/master/cfn-templates/rds.template
- Destroy all above
- Redeploy but only do one VPC, put this in strapi-prod and deploy ELB app with DB
- Redeploy strapi-elb but change the RDS env vars to point to standalone RDS.
Read replica CF docs:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-sourcedbinstanceidentifier
Doc the CF changes for both
Combine them into a single CF stack
Deploy
Deploy strapi with LB + scaling
Enable HTTPS
Codebuild