updating documentation
This commit is contained in:
22
todo.md
22
todo.md
@@ -87,9 +87,29 @@ Outputs:
|
||||
|
||||
Defines a VPC. We can then pass in the stackname to another CF template and it can reference this VPC. The VPC names are static between projects (they don't have to be but here they are).
|
||||
|
||||
|
||||
Check if the security group of the CF RDS matches that of ELB RDS. They should specify the same (one postgres inbound on 5432 and all traffic all/all inbound)
|
||||
They don't - the traffic all/all isnt there on ELB RDS SG.
|
||||
This is because we are editing the default security group. We should create a new security group then change the inbound rules on there.
|
||||
|
||||
Do we need a seperate security group for the database? - The answer should be that there is a seperate security group for RDS, and one for EC2. EC2 one should be created by ELB automatically.
|
||||
|
||||
Does the db and the ec2 instances share the same VPC?
|
||||
|
||||
To Do
|
||||
|
||||
Change stacknames
|
||||
New stack names
|
||||
--stack-name temp-vpc: strapi-vpc-seperate
|
||||
--stack-name new-temp-vpc: strapi-vpc-elb
|
||||
--stack-name temp: strapi-elb
|
||||
|
||||
- Create the VPC CF template twice (one for ELB, other to compare)
|
||||
- In RDS CF template:
|
||||
- Create a https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html
|
||||
- Change SecurityGroupIngress to this SG
|
||||
- Deploy strapi-prod with VPC + subnets of one of the VPCs
|
||||
- Compare the db SG ingress with ELB, should be the same now.
|
||||
|
||||
- Destroy all above
|
||||
- Redeploy but only do one VPC, put this in strapi-prod and deploy ELB app with DB
|
||||
- Redeploy strapi-elb but change the RDS env vars to point to standalone RDS.
|
||||
|
||||
Reference in New Issue
Block a user