From 88d0cd075500878313d367e75e97218644c28dac Mon Sep 17 00:00:00 2001
From: Daniel Tomlinson <dtomlinson@panaetius.co.uk>
Date: Tue, 28 Jul 2020 23:01:36 +0100
Subject: [PATCH] Moving documentation

---
 jq.md => documentation/jq.md                  |  0
 documentation/running_notes.md                | 42 +++++++++++++++++++
 .../runningnotes.md                           |  0
 documentation/steps.todo                      |  2 +
 tempnotes.md => documentation/tempnotes.md    |  0
 todo.md => documentation/todo.md              |  0
 documentation/updated.md                      | 28 +++++++++++++
 7 files changed, 72 insertions(+)
 rename jq.md => documentation/jq.md (100%)
 create mode 100644 documentation/running_notes.md
 rename runningnotes.md => documentation/runningnotes.md (100%)
 create mode 100644 documentation/steps.todo
 rename tempnotes.md => documentation/tempnotes.md (100%)
 rename todo.md => documentation/todo.md (100%)
 create mode 100644 documentation/updated.md

diff --git a/jq.md b/documentation/jq.md
similarity index 100%
rename from jq.md
rename to documentation/jq.md
diff --git a/documentation/running_notes.md b/documentation/running_notes.md
new file mode 100644
index 0000000..ae087e6
--- /dev/null
+++ b/documentation/running_notes.md
@@ -0,0 +1,42 @@
+# Notes
+
+## HTTPS
+
+### With load balancer
+
+HTTPS can terminate at the load balancer
+Load balancer to EC2 can be HTTP
+From the front end all is well as the connection is secure.
+
+When terminating at the load balancer 08-loadbalancer.config shows the option setting
+<https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https-elb.html>
+
+## Database
+
+Connecting an external DB: <https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/AWSHowTo.RDS.html>
+
+Configure the auto scaling group to use an additional scaling group that allows ingress to the RDS instance.
+
+You can configure the RDS credentials either with environment variables in the ELB config file, or use S3: <https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/rds-external-credentials.html>.
+
+To create your own RDS instance you will need to create:
+
+- A VPC - for the RDS
+- Subnets - for the RDS
+- A subnet group
+- A security group
+
+Use `aws ec2 describe-availability-zones --region eu-west-1 --profile admin` to get a list of availability zones for the region.
+
+VPC terraform will create
+
+- A IGW
+- A route table
+- A security group
+
+## AWS Networking
+
+- A VPC is a network that you give a CIDR block to.
+- You create subnets for a VPC. These subnets will be split evenly across availability zones (for redundancy) and private/local (whether they have internet access or not).
+- Behind the scenes (if using TF), internet gateway, routing tables, attachments will all be created for you. If using CF you will need to create these yourself.
+- A security group is a firewall that is _attached to an EC2 instance_. A security group belongs to a VPC. You can permit instances to talk to each other by setting the source and destination to be the security group itself. You can control ports/ips exactly on an instance basis using security groups.
diff --git a/runningnotes.md b/documentation/runningnotes.md
similarity index 100%
rename from runningnotes.md
rename to documentation/runningnotes.md
diff --git a/documentation/steps.todo b/documentation/steps.todo
new file mode 100644
index 0000000..632ce7a
--- /dev/null
+++ b/documentation/steps.todo
@@ -0,0 +1,2 @@
+Connecting external DB:
+    ☐ Create RDS using TF @important @today
diff --git a/tempnotes.md b/documentation/tempnotes.md
similarity index 100%
rename from tempnotes.md
rename to documentation/tempnotes.md
diff --git a/todo.md b/documentation/todo.md
similarity index 100%
rename from todo.md
rename to documentation/todo.md
diff --git a/documentation/updated.md b/documentation/updated.md
new file mode 100644
index 0000000..9ff0bd1
--- /dev/null
+++ b/documentation/updated.md
@@ -0,0 +1,28 @@
+Follow this tutorial to do python with asgi
+Try with native python deployment + docker
+<https://towardsdatascience.com/building-web-app-for-computer-vision-model-deploying-to-production-in-10-minutes-a-detailed-ec6ac52ec7e4>
+
+
+Try with single instance - does it use the DB settings in .ebextensions?
+Have documented options for
+- Single instance
+- Single instance with DB
+- Load balanced instance
+
+
+Create an RDS instance, ensure the default SG is allowed on ingress to the DB.
+Use this SG to define an ebextensions file
+<https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/rds-external-defaultvpc.html>
+<https://github.com/awsdocs/elastic-beanstalk-samples/blob/master/configuration-files/aws-provided/security-configuration/securitygroup-addexisting.config>
+
+
+Using a custom VPC created yourself (how it's done now): <https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/vpc.html>
+Allows complete control over the security settings.
+
+Q? If we use `--single` it will only create:
+Instance subnets – One of the public subnets
+Instance security groups – Add the default security group
+
+Will it ignore the loadbalancer + autoscaling settings even if we define them in 07.config?
+
+