Created
April 16, 2019 21:52
-
-
Save jdwolk/84900c974962fee7c40ac938a27e0bb4 to your computer and use it in GitHub Desktop.
AWS EB Ops
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## EB cli | |
| ### Init | |
| (Shouldn't be necessary now that things are set up, but good to know:) | |
| `$ aws configure` | |
| then | |
| `$ eb init` | |
| NOTE: MAKE SURE you're targeting the correct region! Otherwise you won't be able | |
| to find the correct EB applications | |
| ### Set Default env | |
| `$ eb use <env>`, i.e. `eb use api-staging` | |
| ## ssh | |
| ### Setup | |
| `$ eb ssh --setup` | |
| This will set up a new keypair or (I think?) allow you to choose one if it exists. The public key will be uploaded to EB so you can ssh. | |
| ### ssh | |
| `$ eb ssh <env>` or `$ eb ssh` if env is already set with `$ eb use <env>` | |
| ### NGINX config dir | |
| EB puts an NGINX proxy in front of your server. You might need to go here to, i.e., check if config overrides from `.ebextensions` work | |
| `$ cd /etc/nginx/conf.d` | |
| ### app dir | |
| `$ cd /var/app/current` | |
| ### check logs | |
| `$ tail -f /var/app/current/log/production.log | |
| ### rails console | |
| (cd into app dir) | |
| `$ sudo su` | |
| `$ RAILS_ENV=<rails env> bin/rails c`, i.e. `RAILS_ENV=staging bin/rails c` | |
| ### rails migrations | |
| (cd into app dir) | |
| `sudo su` | |
| `$ RAILS_ENV=<rails env> bin/rails db:migrate`, i.e. `RAILS_ENV=staging bin/rails db:migrate` | |
| ## NGNIX config gotchas | |
| Make sure server_name doesn't have a protocol (i.e. no http://) | |
| (for websockets; see `.ebextensions/nginx_proxy.config`) | |
| location /cable/ { | |
| proxy_pass http://other_thing; | |
| proxy_http_version 1.1; | |
| proxy_set_header Upgrade "websocket"; | |
| proxy_set_header Connection "Upgrade"; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| } | |
| ## AWS config gotchas | |
| ### EB | |
| Env vars: Configuration -> Software | |
| Security Groups: Configuration -> EC2 Security Groups | |
| (For websockets) | |
| Configuration -> Load Balancer -> change port to 80 / TCP / 80 / TCP and CLICK BOTH SAVE AND APPLY | |
| ### EC2 | |
| If you want you can make changes to security groups through the EC2 interface, but you should probably do it through the VPC interface | |
| ### VPC | |
| #### Security groups | |
| For the security group all your stuff is in, you need to open the following ports via "Inbound Rules": | |
| HTTP (80) | |
| TCP (6) | |
| 80 | |
| 0.0.0.0/0 | |
| websockets mebe | |
| HTTP (80) | |
| TCP (6) | |
| 80 | |
| ::/0 | |
| websockets mebe | |
| HTTP (80) | |
| TCP (6) | |
| 80 | |
| sg-55307d24 | |
| PostgreSQL (5432) | |
| TCP (6) | |
| 5432 | |
| 0.0.0.0/0 | |
| postgres | |
| SSH (22) | |
| TCP (6) | |
| 22 | |
| 0.0.0.0/0 | |
| Custom TCP Rule | |
| TCP (6) | |
| 6379 | |
| 0.0.0.0/0 | |
| redis | |
| Custom TCP Rule | |
| TCP (6) | |
| 6379 | |
| ::/0 | |
| redis | |
| ### RDS | |
| *MAKE SURE YOU CREATE A DB THROUGH RDS!* | |
| If you create it through beanstalk, whenever you "rebuild" the environment it will wipe the DB! | |
| Instead, create through RDS and associate via env vars in config/database.yml / env vars | |
| You need to make sure the DB is in the same security groups / VPC | |
| ### Elasticache | |
| This is so the app can have a redis instance. You need to make sure the instance is in the same security groups / VPC as the rest of the app. | |
| ## MiscResources | |
| * https://hackernoon.com/how-to-setup-and-deploy-a-rails-5-app-on-aws-beanstalk-with-postgresql-redis-and-more-88a38355f1ea | |
| * https://unboxed.co/blog/actioncable-on-aws/ | |
| * https://www.cmgresearch.com/2017/05/11/step-7-action-cable-on-elastic-beanstalk.html |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment