web-development/strapi-elb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updating notes

Browse Source
This commit is contained in:
dtomlinson
2020-04-30 03:18:56 +01:00
parent 7bda4fe4ea
commit 4a497599fa
3 changed files with 315 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
todo.md
View File

@@ -57,31 +57,39 @@ Recreate env with database, check the DB subnets - are they the same as the EC2
Can we use cloudformation functions (imports) in .config files under option_settings? (reference a VPC that already exists?) (https://www.reddit.com/r/aws/comments/a2uoae/is_there_a_way_to_reference_an_elastic_beanstalk/) Yes?
Yes but only certain functions: <https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/ebextensions-functions.html#ebextensions-functions-getatt>. You cannot use FN::ImportValue to reference a resource in another Cloudformation stack.
Append the stackname to the outputs for the VPC and Subnets
{ "Fn::ImportValue": "awseb-e-abcdefghijklmno-AutoScalingGroup" }
Use join for subnets Name: !Join [ ":", [ !Ref "AWS::StackName", AccountVPC ] ]
Updating 07 config to accept a parameter
For DB
Append the stackname to the outputs for the VPC and Subnets
Follow <https://github.com/garystafford/aws-rds-postgres/blob/master/cfn-templates/rds.template>
!Sub "${AWS::StackName}-VPCID"
Create a subnet group (add each subnet to this group)
Create a security Group for DB
Create a SecurityGroupIngress
Use existing public VPC and subnet
Name: !Sub "${AWS::StackName}-ELBStrapiPublicVPC"
Name: !Sub "${AWS::StackName}-ELBStrapiSubnet0"
Name: !Sub "${AWS::StackName}-ELBStrapiSubnet1"
Name: !Sub "${AWS::StackName}-ELBStrapiSubnet2"
What is the RDS hostname inside the container?
temp-vpc-ELBStrapiPublicVPC
temp-vpc-ELBStrapiSubnet0
temp-vpc-ELBStrapiSubnet1
temp-vpc-ELBStrapiSubnet2
Follow a naming convention for likewise cloudformation templates
{ "Fn::ImportValue": "awseb-e-abcdefghijklmno-AutoScalingGroup" }
E.g.
Use join for subnets Name: !Join [ ":", [ !Ref "AWS::StackName", AccountVPC ] ]
```yaml
Outputs:
PublicVPCID:
Description: The VPC ID.
Value: !Ref PublicVPC
Export:
Name: !Sub "${AWS::StackName}-ELBStrapiPublicVPC"
```
Updating 07 config to accept a parameter
Defines a VPC. We can then pass in the stackname to another CF template and it can reference this VPC. The VPC names are static between projects (they don't have to be but here they are).
Check if the security group of the CF RDS matches that of ELB RDS. They should specify the same (one postgres inbound on 5432 and all traffic all/all inbound)
Do we need a seperate security group for the database? - The answer should be that there is a seperate security group for RDS, and one for EC2. EC2 one should be created by ELB automatically.
Does the db and the ec2 instances share the same VPC?