If I have a specific private IP address in mind for an ec2 instance, how can I specify it in a salt cloud profile
ec2_private_win_app1:
provider: company-nonpod-us-east-1
image: ami-xxxxxxxx
size: c4.large
network_interfaces:
- DeviceIndex: 0
SubnetId: subnet-xxxxxxxx
SecurityGroupId: sg-xxxxxxxx
PrivateIpAddresses:
- Primary: True
#auto assign public ip (not EIP)
AssociatePublicIpAddress: False
tag: {'Engagement': 'xxxxxxxxxxxxx', 'Owner': 'Tim', 'Name': 'production'}
Hope you are well.
Your current config is very close.
To specify a private IP in a profile, you'll want to simply add:
PrivateIpAddress: 192.168.133.105
Or w/e address you wish it to be assigned. Note that you'll need this AS WELL AS
PrivateIpAddresses:
- primary: True
Related
I would like to configure Wordpress via AWS Fargate in the container variant (i.e. without EC2 instances) using AWS CDK.
I have already implemented a working configuration for this purpose. However, it is currently not possible to install themes or upload files in this form, since Wordpress is located in one or more docker containers.
Here is my current cdk implementation:
AWS-CDK
export class WordpressWebsiteStack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
// GENERAL
const vpc = new ec2.Vpc(this, 'Vpc', {
// 2 is minimum requirement for cluster
maxAzs: 2,
// only create Public Subnets in order to prevent aws to create
// a NAT-Gateway which causes additional costs.
// This will create 1 public subnet in each AZ.
subnetConfiguration: [
{
name: 'Public',
subnetType: ec2.SubnetType.PUBLIC,
},
]
});
// DATABASE CONFIGURATION
// Security Group used for Database
const wordpressSg = new ec2.SecurityGroup(this, 'WordpressSG', {
vpc: vpc,
description: 'Wordpress SG',
});
// Database Cluster for wordpress database
const dbCluster = new rds.DatabaseCluster(this, 'DBluster', {
clusterIdentifier: 'wordpress-db-cluster',
instances: 1,
defaultDatabaseName: DB_NAME,
engine: rds.DatabaseClusterEngine.AURORA, // TODO: AURORA_MYSQL?
port: DB_PORT,
masterUser: {
username: DB_USER,
password: cdk.SecretValue.plainText(DB_PASSWORD)
},
instanceProps: {
instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL),
vpc,
securityGroup: wordpressSg,
}
});
// FARGATE CONFIGURATION
// ECS Cluster which will be used to host the Fargate services
const ecsCluster = new ecs.Cluster(this, 'ECSCluster', {
vpc: vpc,
});
// FARGATE CONTAINER SERVICE
const fargateService = new ecs_patterns.ApplicationLoadBalancedFargateService(this, 'WordpressFargateService', {
cluster: ecsCluster, // Required
desiredCount: 1, // Default is 1
cpu: 512, // Default is 256
memoryLimitMiB: 1024, // Default is 512
// because we are running tasks using the Fargate launch type in a public subnet, we must choose ENABLED
// for Auto-assign public IP when we launch the tasks.
// This allows the tasks to have outbound network access to pull an image.
// #see https://aws.amazon.com/premiumsupport/knowledge-center/ecs-pull-container-api-error-ecr/
assignPublicIp: true,
taskImageOptions: {
image: ecs.ContainerImage.fromRegistry(wordpressRegistryName),
environment: {
WORDPRESS_DB_HOST: dbCluster.clusterEndpoint.socketAddress,
WORDPRESS_DB_USER: DB_USER,
WORDPRESS_DB_PASSWORD: DB_PASSWORD,
WORDPRESS_DB_NAME: DB_NAME,
},
},
});
fargateService.service.connections.addSecurityGroup(wordpressSg);
fargateService.service.connections.allowTo(wordpressSg, ec2.Port.tcp(DB_PORT));
}
}
Perhaps someone knows how I can set up Fargate via CDK so that the individual Wordpress containers have a common volume on which the data is then located? Or maybe there is another elegant solution for this :)
Many thanks in advance :)
Found a solution 🤗
Thanks to the comments in the open GitHub-Issue and the provided Gist, I was finally able to configure a working solution.
I provided my current solution in this Gist. So feel free and just have a look at it, leave some comments and adapt it if it suites to your problem.
I am part of the AWS container service team and I would like to give you a bit of background re where we stand. We have recently (5/11/2020) announced the integration of Amazon ECS / AWS Fargate with Amazon EFS (Elastic File System). This is the plumbing that will allow you to achieve what you want to achieve. You can read more about the theory here and here for a practical example.
The example I linked above uses the AWS CLI simply because CloudFormation support for this feature has not been released yet (stay tuned). Once CFN support is released CDK will pick it up and, at that point, it will be able to adjust your CDK code to achieve what you want.
I can't find a great configuration for old sound rabbitmq bundle to deal with topics and wildcard.
All I want is a unique exchange that post to multiple queue using wildcard.
Let says for example, i have my exchange name user.update, and i want to post the same message on user.update.address, user.update.profile for a microservice strategy.
do you know how to configure in the configuration file ?
Thx for reading.
Just because you are looking for
... great configuration for old sound rabbitmq bundle ...
visit http://www.inanzzz.com/ and search for "rabbitmq" which will give you what you wish for.
To address your question, you can use config below (I haven't tested it but it should be fine). However, you still need to write whole functionality/classes/consumers/producers etc. so follow this example: RabbitMQ topic example with symfony including 1 Producer & 1 Exchange & 2 Queue & N Worker & 2 Consumer
old_sound_rabbit_mq:
connections:
default:
host: %rabbitmq.host%
port: %rabbitmq.port%
user: %rabbitmq.user%
password: %rabbitmq.pswd%
vhost: /
lazy: true
producers:
user_update_producer:
connection: default
exchange_options: { name: user.update, type: topic }
consumers:
user_update_consumer:
connection: default
exchange_options: { name: user.update, type: topic }
queue_options:
name: user_update_queue
routing_keys:
- 'user.update.address'
- 'user.update.profile'
callback: your_application.consumer.user_update_consumer
It's flow: user.update (P) -> user.update (E) -> [user.update.address & user.update.profile] -> user_update_queue (Q)
I have the next problem with Sonata Media:
I'm trying to use the Rackspace CDN for uploading images:
My config file looks like this based on current documentation:
cdn:
server:
path: %cdn_url%
filesystem:
local:
directory: %kernel.root_dir%/../web/uploads/media
create: false
rackspace:
url: %rackspace.opencloud.host%
secret:
username: %rackspace.opencloud.username%
apiKey: %rackspace.opencloud.api_key%
region: LON
containerName: projectName
create_container: false
replicate:
master: sonata.media.adapter.filesystem.opencloud
slave: sonata.media.adapter.filesystem.local
And on providers config:
providers:
image:
filesystem: sonata.media.filesystem.replicate
cdn: sonata.media.cdn.server
resizer: sonata.media.resizer.square
allowed_extensions: ['jpg', 'png', 'gif', 'jpeg']
allowed_mime_types: ['image/pjpeg','image/jpeg','image/png','image/x-png', 'image/gif']
The problem is(how I discovered this bug)if Rackspace is down or incorrect username/password are provided on every page of the app I'm getting this answer:
Client error response [status code] 401 [reason phrase] Unauthorized [url] https://lon.auth.api.rackspacecloud.com/v2.0/tokens
This is because Gaufrette Opencloud tries to create a connection on Kernel load.
The quickest solution as a temporary fix was to create a compiler pass and check if the authenticate method returns false then replace argument 0 for replicate definition with the local filesystem adaptor.
My questions are:
How can I avoid creating the Rackspace connection on Kernel Load?
In case Rackspace is down how can I swap between Rackspace or other adapter(local or other ftp server)
Thank you in advance and please in case there are not sufficient information provided please leave a comment.
Apparently there is a solution for lazy loading implemented in Gaufrette: https://github.com/KnpLabs/KnpGaufretteBundle/issues/72
All I had to do is:
sonata.media.adapter.open_stack:
class: OpenCloud\Rackspace
arguments: [ %rackspace.opencloud.host%, { username: %rackspace.opencloud.username%, apiKey: %rackspace.opencloud.api_key% }]
sonata.media.adapter.object_store_factory:
class: Gaufrette\Adapter\OpenStackCloudFiles\ObjectStoreFactory
arguments: [ #sonata.media.adapter.open_stack, "LON", ""]
sonata.media.adapter.filesystem.lazyopencloud:
class: Gaufrette\Adapter\LazyOpenCloud
arguments: [ #sonata.media.adapter.object_store_factory, %rackspace.opencloud.container_name%]
And change replicate master to sonata.media.adapter.filesystem.lazyopencloud
Hope it helps :)
I have created a heat stack which autoscales depending on CPU use. Each time a new instance is created, it is given a random name.
Is there a way to set a specific name with a counter added to the end of it so that each time a new instance is created it increases by 1?
E.g. Myinstance1, Myinstance2, Myinstance3 ... MyinstanceX
Thanks in advance!
In Openstack HEAT, stack resource names are manipulated with stack_name and suffixed with a short_id. That's why on every autoscaled up instance you could see the instance name as such. This is how the implementation done in overall HEAT project and it is not possible to define instance name suffixed with incremental number.
if i understood you correctly, and if you are Object Oriented Programing:
you are looking for a design pattern called Factory, or more simply, create a static member that will increase in the constructor, and will be added to the name member of the instance created.
You can set the custom names by going to your Auto Scaling Groups and Tags tab, and then adding a tag with the key of "Name" and the value of "MyInstance". Numbering does not make that much sense since your instances are going to be launched and terminated constantly.
Update at 21/09/2020 :
Seems that creating an incremental number is impossible so far, but I found a workaround to achieve my goal, so post here hoping that could give you some ideas.
Mindset:
I tried to find something (which is number) that is created dynamically with the instance for scaling up, to me that is OS::Neutron::Port, so I append one part of IP address after a string to get a distinctive name for each instance.
Solution:
1.Create a port OS::Neutron::Port.
2.Get IP address using get_attr.
3.Split it with dot as delimiter using str_split.
4.Append one part of the address to the string using str_replace.
Sample Code:
lb_server.yaml
resources:
corey_port:
type: OS::Neutron::Port
properties:
network: { get_param: network }
fixed_ips:
- subnet: { get_param: subnet }
number:
type: OS::Heat::Value
properties:
value:
# 192.168.xxx.yyy => [192,168,xxx,yyy]
str_split: ['.', { get_attr: [corey_port, fixed_ips, 0, ip_address] }]
server:
type: OS::Nova::Server
properties:
name:
str_replace:
template: Corey-%last%
params:
# 0 1 2 3
#[192,168,xxx,yyy]
"last%": { get_attr: [number, value, 3] }
flavor: { get_param: flavor }
......
The outcome shoud be Corey-168, Corey-50, Corey-254, etc.
I have a custom user table for managing users.
User:
connection: doctrine
tableName: user
columns:
user_login:
type: string(50)
notnull: true
primary: true
user_pass:
type: string(100)
notnull: true
after user click login with login form, username and password is checked against the database. If it is matched the user is set as authenticated with below line of code..
$this->getUser()->setAuthenticated(true);
Now how would I set the credential of the user using the following function? and is it necessary?
$this->getUser()->addCredential($WHAT ARE_THE_VALUES_THIS_ARRAY_SHOULD_CONTAINS);
what are the values should be in argument of the above method? Please explain more about this.
It's up to you whether to use credentials or not. Credentials just unique strings cached in the session.
$this->getUser()->addCredentials(array('admin', 'user', 'chief', 'asd'));
// or
$this->getUser()->addCredentials('admin', 'user', 'chief', 'asd');
For mode examples look at the tests and/or the sfDoctrineGuardUser plugin.
You can use credentials to secure actions, but it's in the docs.