Tagelasticbeanstalk

AWS Elastic Beanstalk the security group having id does not exist problem

Facebooktwittergoogle_pluslinkedinmailby feather

AWS Elastic Beanstalk

During playing with AWS EB, i noticed that somehow the Security Group from the previous environment was inherited by the new environment. This creates problem, when you want to terminate the old environment, as the security group already exist on another environment. That’s why i deleted the security group from the new environment. Since, i deleted it from the new environment, i cannot make deployment on the new environment because it gives the following error:

Failed Environment update activity. Reason: Configuration validation exception: Invalid option value: ‘sg-8712f4e3’ (Namespace: ‘aws:autoscaling:launchconfiguration’, OptionName: ‘SecurityGroups’): The security group having id ‘sg-8712f4e3’ does not exist

In order to overcome this, you need to change the EB Security Group from AWS CLI, you cannot do it from AWS Web Console.

Considering you have already AWS CLI installed (http://docs.aws.amazon.com/cli/latest/userguide/installing.html) , you need to the following command in order to change the Security Group:,

aws elasticbeanstalk update-environment –environment-name –option-settings Namespace=aws:autoscaling:launchconfiguration,OptionName=SecurityGroups,Value=””

AWS Elastic Beanstalk how to access to the RDS environment variables under ebextensions and postdeploy hooks

Facebooktwittergoogle_pluslinkedinmailby feather

As a beginning, just to let you know, it is now my 54th deployment (which means around a week) using ebextensions in order to reverse engineering how it works in terms of environment variables!

The RDS environment variables are:

– RDS_USERNAME

– RDS_PASSWORD

– RDS_HOSTNAME

– RDS_DB_ NAME

The weird part is, accessing to those environment variables under the following 3 scenarios are different:

1. Directly under ebextensions : This is not possible !

2. Under the scripts triggered by ebextensions : This is possible, you can use them like $RDS_HOSTNAME …

3. Under the hooks  : This was not possible but here is the workaround that i found and worked for my case:

– Store them under a file using a script trigged by ebextensions:

echo RDS_HOSTNAME=$RDS_HOSTNAME >> /etc/environment
echo RDS_USERNAME=$RDS_USERNAME >> /etc/environment
echo RDS_PASSWORD=$RDS_PASSWORD >> /etc/environment

– Parse them from the hook:

RDS_HOSTNAME="$(awk -F= '/RDS_HOSTNAME/{print $2}' /etc/environment)"
RDS_USERNAME="$(awk -F= '/RDS_USERNAME/{print $2}' /etc/environment)"
RDS_PASSWORD="$(awk -F= '/RDS_PASSWORD/{print $2}' /etc/environment)"

What a nasty solution but works!

 

AWS Elastic Beanstalk ebextensions Security Group firewall rules

Facebooktwittergoogle_pluslinkedinmailby feather

In order to define the firewall rules of the Security Group that the instance will belong to, you need to define the “Resources” like as the following:

Resources:

  AWSEBSecurityGroup:

    Type: “AWS::EC2::SecurityGroup”

    Properties:

      GroupDescription: “Security group to allow HTTP, HTTPS,SSH”

      SecurityGroupIngress:

        – {CidrIp: “0.0.0.0/0”, IpProtocol: “tcp“, FromPort: “8080”, ToPort: “8080”}

        – {CidrIp: “0.0.0.0/0”, IpProtocol: “tcp“, FromPort: “8443”, ToPort: “8443”}

        – {CidrIp: “0.0.0.0/0”, IpProtocol: “tcp“, FromPort: “443”, ToPort: “443”}

        – {CidrIp: “0.0.0.0/0”, IpProtocol: “tcp“, FromPort: “80”, ToPort: “80”}

        – {CidrIp: “0.0.0.0/0”, IpProtocol: “tcp“, FromPort: “22”, ToPort: “22”}

Save the “resources.config” under “.ebextensions” folder and deploy!

      

AWS Elasticbeanstalk hooking after app deploy

Facebooktwittergoogle_pluslinkedinmailby feather

I need to run a specific command after the app is deployed but there is no relevant key under ebextensions for that purpose. The key “container_commands” is not giving this functionality, runs your command before the deploy, but there is a workaround:

1. Create your own script and place it under .ebextensions directory

2. Under container_commands, add the following lines (preferably in a separate config file):

container_commands:

         01-command:

         command: cp .ebextensions/001_pre_tomcat_start.sh /opt/elasticbeanstalk/hooks/appdeploy/post

      02-command:

         command: chmod 775 /opt/elasticbeanstalk/hooks/appdeploy/post/001_pre_tomcat_start.sh

That’s it!


visited 41 states (18.2%)

Follow me on Strava