web-development/strapi-elb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Files
3fc49078ab2ab94efe47de285267a074e22f88dc
strapi-elb/todo.md
dtomlinson c1e515d28b updating notes
2020-04-30 23:55:29 +01:00

120 lines
4.8 KiB
Markdown
Raw Blame History

# To Do
~~Finish S3 config for env vars~~
~~Deploy to AWS and ensure vars are working~~
~~Use cloudformation to deploy bucket instead of tieing it to the RDS instance.~~
Use <https://strapi.io/documentation/3.0.0-beta.x/deployment/amazon-aws.html#_2-create-the-bucket> for bucket options for the template.
~~Strapi documentation - build and host~~
## RDS Cloudformation
Use <http://blog.blackninjadojo.com/aws/elastic-beanstalk/2019/01/28/adding-a-database-to-your-rails-application-on-elastic-beanstalk-using-rds.html> to create an RDS for ELB.
- RDS cloudformation template
- Use the GUI to go through options and create cloudformation template
- Create an RDS db before deployment
- Configure Strapi to use this RDS db
- VPC + Security Group needs creating in template
Compare the `--database option` to without and make sure you create everything in the Cloudformation template.
Look at how to have multiple environments in the same elb app
Deploy strapi as load balanced rather than single instance
Deploy strapi with a custom domain with HTTPS as a single instance + load balanced.
Combine ELB Documentations (strapi, ELB etc)
Use codebuild to update strapi
Use circle CI instead
Finish the backgrounds for the demo website
Cloudformation template to deploy an S3 bucket
## Links
Decouple an exisitng RDS instance from ELB to RDS: <https://aws.amazon.com/premiumsupport/knowledge-center/decouple-rds-from-beanstalk/>
Deploy the ELB environment referencing the VPC + Subnets created with Cloudformation. Use https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/vpc-rds.html as a reference.
This works! Create all the VPC + Subnet resources using Cloudformation and specify them in option settings:
```yaml
option_settings:
aws:ec2:vpc:
VPCId: "vpc-003597eb63a0a3efe"
Subnets: "subnet-02cd8f7981ddfe345,subnet-02d9e1338e8d92d09,subnet-0e07d4d35394db524"
DBSubnets: "subnet-02cd8f7981ddfe345,subnet-02d9e1338e8d92d09,subnet-0e07d4d35394db524"
```
Recreate env with database, check the DB subnets - are they the same as the EC2 subnets? If so we can reference them in https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-ec2vpc with ELBSubnets
Can we use cloudformation functions (imports) in .config files under option_settings? (reference a VPC that already exists?) (https://www.reddit.com/r/aws/comments/a2uoae/is_there_a_way_to_reference_an_elastic_beanstalk/) Yes?
Yes but only certain functions: <https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/ebextensions-functions.html#ebextensions-functions-getatt>. You cannot use FN::ImportValue to reference a resource in another Cloudformation stack.
Use join for subnets Name: !Join [ ":", [ !Ref "AWS::StackName", AccountVPC ] ]
Updating 07 config to accept a parameter
For DB
Follow <https://github.com/garystafford/aws-rds-postgres/blob/master/cfn-templates/rds.template>
Create a subnet group (add each subnet to this group)
Create a security Group for DB
Create a SecurityGroupIngress
Use existing public VPC and subnet
What is the RDS hostname inside the container?
Follow a naming convention for likewise cloudformation templates
E.g.
```yaml
Outputs:
PublicVPCID:
Description: The VPC ID.
Value: !Ref PublicVPC
Export:
Name: !Sub "${AWS::StackName}-ELBStrapiPublicVPC"
```
Defines a VPC. We can then pass in the stackname to another CF template and it can reference this VPC. The VPC names are static between projects (they don't have to be but here they are).
Do we need a seperate security group for the database? - The answer should be that there is a seperate security group for RDS, and one for EC2. EC2 one should be created by ELB automatically. - This is true. The RDS one is created in CF.
Does the db and the ec2 instances share the same VPC? - Yes. They have different security groups.
To Do
To have a replica database you should create a new DB instance with same AllocatedStorage size and DBInstanceClass. You should set the SourceDBInstanceIdentifier to be a `!Ref` of your primary DB. You should also set the SourceRegion.
CF RDS ELB template:
https://github.com/garystafford/aws-rds-postgres/blob/master/cfn-templates/rds.template
Read replica CF docs:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-sourcedbinstanceidentifier
Doc the CF changes for both
Combine them into a single CF stack
Deploy
Deploy strapi with LB + scaling
Enable HTTPS
Codebuild
Create the security group for the EC2 instances
Add this security group to Outputs
Reference it in RDS security group
Check ssh? - Can ssh if you apply it to the EC2 SG you create.
Multiple security groups get squashed to determine what is and isn't allowed: <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html>.
Reference in New Issue View Git Blame Copy Permalink