updating docs
This commit is contained in:
36
todo.md
36
todo.md
@@ -87,29 +87,25 @@ Outputs:
|
|||||||
|
|
||||||
Defines a VPC. We can then pass in the stackname to another CF template and it can reference this VPC. The VPC names are static between projects (they don't have to be but here they are).
|
Defines a VPC. We can then pass in the stackname to another CF template and it can reference this VPC. The VPC names are static between projects (they don't have to be but here they are).
|
||||||
|
|
||||||
Check if the security group of the CF RDS matches that of ELB RDS. They should specify the same (one postgres inbound on 5432 and all traffic all/all inbound)
|
Do we need a seperate security group for the database? - The answer should be that there is a seperate security group for RDS, and one for EC2. EC2 one should be created by ELB automatically. - This is true. The RDS one is created in CF.
|
||||||
They don't - the traffic all/all isnt there on ELB RDS SG.
|
|
||||||
This is because we are editing the default security group. We should create a new security group then change the inbound rules on there.
|
|
||||||
|
|
||||||
Do we need a seperate security group for the database? - The answer should be that there is a seperate security group for RDS, and one for EC2. EC2 one should be created by ELB automatically.
|
Does the db and the ec2 instances share the same VPC? - Yes. They have different security groups.
|
||||||
|
|
||||||
Does the db and the ec2 instances share the same VPC?
|
|
||||||
|
|
||||||
To Do
|
To Do
|
||||||
|
|
||||||
Change stacknames
|
To have a replica database you should create a new DB instance with same AllocatedStorage size and DBInstanceClass. You should set the SourceDBInstanceIdentifier to be a `!Ref` of your primary DB. You should also set the SourceRegion.
|
||||||
New stack names
|
|
||||||
--stack-name temp-vpc: strapi-vpc-seperate
|
|
||||||
--stack-name new-temp-vpc: strapi-vpc-elb
|
|
||||||
--stack-name temp: strapi-elb
|
|
||||||
|
|
||||||
- Create the VPC CF template twice (one for ELB, other to compare)
|
CF RDS ELB template:
|
||||||
- In RDS CF template:
|
https://github.com/garystafford/aws-rds-postgres/blob/master/cfn-templates/rds.template
|
||||||
- Create a https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html
|
|
||||||
- Change SecurityGroupIngress to this SG
|
|
||||||
- Deploy strapi-prod with VPC + subnets of one of the VPCs
|
|
||||||
- Compare the db SG ingress with ELB, should be the same now.
|
|
||||||
|
|
||||||
- Destroy all above
|
Read replica CF docs:
|
||||||
- Redeploy but only do one VPC, put this in strapi-prod and deploy ELB app with DB
|
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-sourcedbinstanceidentifier
|
||||||
- Redeploy strapi-elb but change the RDS env vars to point to standalone RDS.
|
|
||||||
|
Doc the CF changes for both
|
||||||
|
Combine them into a single CF stack
|
||||||
|
Deploy
|
||||||
|
|
||||||
|
Deploy strapi with LB + scaling
|
||||||
|
Enable HTTPS
|
||||||
|
|
||||||
|
Codebuild
|
||||||
|
|||||||
Reference in New Issue
Block a user