elastic_beans 0.11.0.alpha2 → 0.11.0.alpha3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -56
- data/lib/elastic_beans/aws/cloudformation_stack.rb +3 -0
- data/lib/elastic_beans/cli.rb +0 -4
- data/lib/elastic_beans/command/configure.rb +0 -16
- data/lib/elastic_beans/command/exec.rb +1 -0
- data/lib/elastic_beans/configuration_template/base.rb +3 -19
- data/lib/elastic_beans/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 447c3a015ec047c6869fb9cb7f0aed2f705f8478
|
4
|
+
data.tar.gz: 6bb14f4d01a75b033ce771359bb2749b9826f15c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 90923ac6059ab4623182556cb7b07917edc075ff71e7fe213df7826d7c4e61362f4bdab240dc57c58939e53554daa4794b6e7d2216c47207e248e6cbed448d3c
|
7
|
+
data.tar.gz: 37d5e729599034467b376668822b5ee45494650da65d58b282225686116612332f29b045b586a27f72b6f8d72039269b0000b83ebab3d1e0b7bb874bb069fcf8
|
data/README.md
CHANGED
@@ -24,9 +24,11 @@ As the SDK documentation suggests, using environment variables is recommended.
|
|
24
24
|
|
25
25
|
# Pre-configure the application before creating environments
|
26
26
|
beans configure -n myapp-networking -a myapp \
|
27
|
-
-b SECRET_KEY_BASE -d DATABASE_URL -k KEYPAIR \
|
28
27
|
-p INTERNAL_PUBLIC_KEY -s SSL_CERTIFICATE_ARN \
|
29
|
-
[-i IMAGE_ID] [-t INSTANCE_TYPE]
|
28
|
+
-k KEYPAIR [-i IMAGE_ID] [-t INSTANCE_TYPE]
|
29
|
+
beans setenv -a myapp \
|
30
|
+
DATABASE_URL=mysql2://db.example.com:3306/myapp \
|
31
|
+
SECRET_KEY_BASE=abc123
|
30
32
|
|
31
33
|
# Create a webserver environment with a pretty DNS name at myapp.TLD (managed by Route53)
|
32
34
|
beans create -a myapp [-d myapp.TLD] [--tags=Environment:production Team:Unicorn] webserver
|
@@ -63,9 +65,8 @@ As the SDK documentation suggests, using environment variables is recommended.
|
|
63
65
|
|
64
66
|
# Update all existing environments and configuration
|
65
67
|
beans configure -n myapp-networking -a myapp \
|
66
|
-
[-b SECRET_KEY_BASE] [-d DATABASE_URL] [-k KEYPAIR] \
|
67
68
|
[-p INTERNAL_PUBLIC_KEY] [-s SSL_CERTIFICATE_ARN] \
|
68
|
-
[-i IMAGE_ID] [-t INSTANCE_TYPE]
|
69
|
+
[-k KEYPAIR] [-i IMAGE_ID] [-t INSTANCE_TYPE]
|
69
70
|
|
70
71
|
### API
|
71
72
|
|
@@ -230,58 +231,8 @@ Elastic Beans will set the `DISABLE_SQS_CONSUMER` environment variable appropria
|
|
230
231
|
|
231
232
|
### Known issues and limitations of the pre-release
|
232
233
|
|
233
|
-
Elastic Beans still has some rough edges that need to be worked out.
|
234
|
-
|
235
|
-
#### Authentication with AWS uses environment variables
|
236
|
-
|
237
|
-
Use the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables to authenticate with the AWS SDK.
|
238
|
-
|
239
|
-
#### Creating multiple environments simultaneously causes sample application to be deployed
|
240
|
-
|
241
|
-
Due to a bug in the version-finding code, creating multiple environments simultaneously can cause a sample application to be deployed to one of them (an empty version label).
|
242
|
-
|
243
|
-
#### End-to-end encryption requires some custom setup
|
244
|
-
|
245
|
-
Currently (pre-1.0), you must set up HTTPS yourself in nginx using an ebextension.
|
246
|
-
Use whatever certificate you like to do so, even a self-signed certificate is fine.
|
247
|
-
Use the public key from this certificate as the `--public-key` option to `beans configure`.
|
248
|
-
|
249
|
-
#### Environment variables are not access-controlled
|
250
|
-
|
251
|
-
Environment variables are stored in plain-text in S3.
|
252
|
-
Anyone with access to the Elastic Beanstalk bucket (for instance, the Elastic Beanstalk instance profile) can read the environment variables.
|
253
|
-
|
254
|
-
#### Rate limiting
|
255
|
-
|
256
|
-
Running several beans tasks concurrently can cause Elastic Beanstalk rate-limiting on the AWS account.
|
257
|
-
|
258
|
-
#### SIGINT causes a stack trace
|
259
|
-
|
260
|
-
Sorry `¯\_(ツ)_/¯`
|
261
|
-
|
262
|
-
#### Solution stack is hard-coded
|
263
|
-
|
264
|
-
If you do not use a custom image, the solution stack will start as a hard-coded value.
|
265
|
-
It will also be up to you to update it.
|
266
|
-
|
267
|
-
#### Uses default Elastic Beanstalk IAM settings and S3 bucket
|
268
|
-
|
269
|
-
Elastic Beans looks for [the default Elastic Beanstalk IAM instance profile and service role][iam].
|
270
|
-
As the linked document explains, the easiest way to create them is to create a sample application in the AWS console.
|
271
|
-
|
272
|
-
Creating the sample application should also create the default Elastic Beanstalk S3 bucket, which has a name of the form `elasticbeanstalk-REGION-ACCOUNT_ID`.
|
273
|
-
Elastic Beans will use this bucket to store application versions and environment variables.
|
274
|
-
|
275
|
-
[iam]: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts-roles.html
|
276
|
-
|
277
|
-
#### Worker environment health check requires some custom setup
|
278
|
-
|
279
|
-
Elastic Beanstalk worker environments (aws-sqsd) must use a non-SSL health check.
|
280
|
-
Your Rails application must implement this as a middleware (or lower in the stack) before Rails enforces SSL.
|
281
|
-
|
282
|
-
#### Worker environment visibility timeout is hard-coded
|
283
|
-
|
284
|
-
1800 seconds is the longest it can be.
|
234
|
+
Elastic Beans is in pre-release and still has some rough edges that need to be worked out.
|
235
|
+
See [the wiki page](https://github.com/onemedical/elastic_beans/wiki/Known-Issues).
|
285
236
|
|
286
237
|
## Installation
|
287
238
|
|
@@ -42,6 +42,9 @@ module ElasticBeans
|
|
42
42
|
raise MissingStackError.new(stack_name: stack_name)
|
43
43
|
rescue ::Aws::CloudFormation::Errors::AccessDenied
|
44
44
|
raise AccessDeniedCloudFormationError.new(stack_name: stack_name)
|
45
|
+
rescue ::Aws::CloudFormation::Errors::Throttling
|
46
|
+
sleep 5
|
47
|
+
retry
|
45
48
|
end
|
46
49
|
|
47
50
|
class MissingStackError < ElasticBeans::Error
|
data/lib/elastic_beans/cli.rb
CHANGED
@@ -16,24 +16,20 @@ class ElasticBeans::CLI < Thor
|
|
16
16
|
long_desc ElasticBeans::Command::Configure::LONG_DESC
|
17
17
|
option :application, aliases: %w(-a), required: true, desc: APPLICATION_DESC
|
18
18
|
option :network, aliases: %w(-n), required: true, desc: "The name of the CloudFormation stack that contains networking settings"
|
19
|
-
option :database_url, aliases: %w(-d), desc: "The DATABASE_URL for the Rails application"
|
20
19
|
option :image_id, aliases: %w(-i), desc: "A custom AMI to use instead of the default Ruby Elastic Beanstalk AMI"
|
21
20
|
option :instance_type, aliases: %w(-t), desc: "A default instance type to use for all environments instead of c4.large"
|
22
21
|
option :internal, type: :boolean, desc: "Configure the webserver to only be available for internal VPC access"
|
23
22
|
option :keypair, aliases: %w(-k), desc: "Required on first run. The EC2 keypair to use for Elastic Beanstalk instances"
|
24
23
|
option :public_key, aliases: %w(-p), desc: "For end-to-end encryption. The public key of the SSL certificate the ELB will verify to communicate with your Rails app"
|
25
|
-
option :secret_key_base, aliases: %w(-b), desc: "The SECRET_KEY_BASE for the Rails application"
|
26
24
|
option :ssl_certificate_arn, aliases: %w(-s), desc: "The ARN of the SSL server certificate stored in IAM to attach to the ELB"
|
27
25
|
def configure
|
28
26
|
@verbose = options[:verbose]
|
29
27
|
ElasticBeans::Command::Configure.new(
|
30
|
-
database_url: options[:database_url],
|
31
28
|
image_id: options[:image_id],
|
32
29
|
instance_type: options[:instance_type],
|
33
30
|
internal: options[:internal],
|
34
31
|
keypair: options[:keypair],
|
35
32
|
public_key: options[:public_key],
|
36
|
-
secret_key_base: options[:secret_key_base],
|
37
33
|
ssl_certificate_arn: options[:ssl_certificate_arn],
|
38
34
|
application: application(name: options[:application]),
|
39
35
|
network: network(stack_name: options[:network]),
|
@@ -16,13 +16,11 @@ Requires AWS credentials to be set in the environment, i.e. AWS_ACCESS_KEY_ID an
|
|
16
16
|
LONG_DESC
|
17
17
|
|
18
18
|
def initialize(
|
19
|
-
database_url:,
|
20
19
|
image_id:,
|
21
20
|
instance_type:,
|
22
21
|
internal:,
|
23
22
|
keypair:,
|
24
23
|
public_key:,
|
25
|
-
secret_key_base:,
|
26
24
|
ssl_certificate_arn:,
|
27
25
|
application:,
|
28
26
|
network:,
|
@@ -30,13 +28,11 @@ Requires AWS credentials to be set in the environment, i.e. AWS_ACCESS_KEY_ID an
|
|
30
28
|
iam:,
|
31
29
|
ui:
|
32
30
|
)
|
33
|
-
@database_url = database_url
|
34
31
|
@image_id = image_id
|
35
32
|
@instance_type = instance_type
|
36
33
|
@internal = internal
|
37
34
|
@keypair = keypair
|
38
35
|
@public_key = public_key
|
39
|
-
@secret_key_base = secret_key_base
|
40
36
|
@ssl_certificate_arn = ssl_certificate_arn
|
41
37
|
@application = application
|
42
38
|
@network = network
|
@@ -64,8 +60,6 @@ Requires AWS credentials to be set in the environment, i.e. AWS_ACCESS_KEY_ID an
|
|
64
60
|
)
|
65
61
|
base_config.upsert(
|
66
62
|
network: network,
|
67
|
-
database_url: database_url,
|
68
|
-
secret_key_base: secret_key_base,
|
69
63
|
image_id: image_id,
|
70
64
|
instance_type: instance_type,
|
71
65
|
keypair: keypair,
|
@@ -80,8 +74,6 @@ Requires AWS credentials to be set in the environment, i.e. AWS_ACCESS_KEY_ID an
|
|
80
74
|
)
|
81
75
|
webserver_config.upsert(
|
82
76
|
network: network,
|
83
|
-
database_url: database_url,
|
84
|
-
secret_key_base: secret_key_base,
|
85
77
|
image_id: image_id,
|
86
78
|
instance_type: instance_type,
|
87
79
|
internal: internal,
|
@@ -106,8 +98,6 @@ Requires AWS credentials to be set in the environment, i.e. AWS_ACCESS_KEY_ID an
|
|
106
98
|
)
|
107
99
|
exec_config.upsert(
|
108
100
|
network: network,
|
109
|
-
database_url: database_url,
|
110
|
-
secret_key_base: secret_key_base,
|
111
101
|
image_id: image_id,
|
112
102
|
instance_type: instance_type,
|
113
103
|
keypair: keypair,
|
@@ -129,8 +119,6 @@ Requires AWS credentials to be set in the environment, i.e. AWS_ACCESS_KEY_ID an
|
|
129
119
|
)
|
130
120
|
scheduler_config.upsert(
|
131
121
|
network: network,
|
132
|
-
database_url: database_url,
|
133
|
-
secret_key_base: secret_key_base,
|
134
122
|
image_id: image_id,
|
135
123
|
instance_type: instance_type,
|
136
124
|
keypair: keypair,
|
@@ -154,8 +142,6 @@ Requires AWS credentials to be set in the environment, i.e. AWS_ACCESS_KEY_ID an
|
|
154
142
|
)
|
155
143
|
worker_config.upsert(
|
156
144
|
network: network,
|
157
|
-
database_url: database_url,
|
158
|
-
secret_key_base: secret_key_base,
|
159
145
|
image_id: image_id,
|
160
146
|
instance_type: instance_type,
|
161
147
|
keypair: keypair,
|
@@ -178,14 +164,12 @@ Requires AWS credentials to be set in the environment, i.e. AWS_ACCESS_KEY_ID an
|
|
178
164
|
|
179
165
|
attr_reader(
|
180
166
|
:application,
|
181
|
-
:database_url,
|
182
167
|
:image_id,
|
183
168
|
:instance_type,
|
184
169
|
:internal,
|
185
170
|
:keypair,
|
186
171
|
:network,
|
187
172
|
:public_key,
|
188
|
-
:secret_key_base,
|
189
173
|
:ssl_certificate_arn,
|
190
174
|
:elastic_beanstalk,
|
191
175
|
:iam,
|
@@ -109,6 +109,7 @@ Requires AWS credentials to be set in the environment, i.e. AWS_ACCESS_KEY_ID an
|
|
109
109
|
rescue ElasticBeans::SSH::BastionAuthenticationError => e
|
110
110
|
raise BastionAuthenticationError.new(cause: e)
|
111
111
|
ensure
|
112
|
+
ui.info("\nCleaning up, please do not interrupt!")
|
112
113
|
application.kill_command(freeze_command)
|
113
114
|
application.deregister_command(command)
|
114
115
|
end
|
@@ -13,11 +13,9 @@ module ElasticBeans
|
|
13
13
|
protected
|
14
14
|
|
15
15
|
# Constructs the common configuration for all environments.
|
16
|
-
# +network+, +
|
16
|
+
# +network+, +keypair+, and +iam+ are all required on first run.
|
17
17
|
def build_option_settings(
|
18
18
|
network: nil,
|
19
|
-
database_url: nil,
|
20
|
-
secret_key_base: nil,
|
21
19
|
keypair: nil,
|
22
20
|
iam: nil,
|
23
21
|
image_id: nil,
|
@@ -34,12 +32,8 @@ module ElasticBeans
|
|
34
32
|
end
|
35
33
|
|
36
34
|
keypair_setting = template_option_setting(template: template, namespace: "aws:autoscaling:launchconfiguration", option_name: "EC2KeyName", override: keypair)
|
37
|
-
|
38
|
-
secret_key_base_setting = template_option_setting(template: template, namespace: "aws:elasticbeanstalk:application:environment", option_name: "SECRET_KEY_BASE", override: secret_key_base)
|
39
|
-
if database_url_setting[:value].nil? || secret_key_base_setting[:value].nil? || keypair_setting[:value].nil?
|
35
|
+
if keypair_setting[:value].nil?
|
40
36
|
raise MissingOptionsError.new(
|
41
|
-
database_url: database_url_setting[:value],
|
42
|
-
secret_key_base: secret_key_base_setting[:value],
|
43
37
|
keypair: keypair_setting[:value],
|
44
38
|
)
|
45
39
|
end
|
@@ -66,8 +60,6 @@ module ElasticBeans
|
|
66
60
|
template_option_setting(template: template, namespace: "aws:ec2:vpc", option_name: "VPCId", override: vpc_id(network)),
|
67
61
|
instance_profile_setting,
|
68
62
|
keypair_setting,
|
69
|
-
database_url_setting,
|
70
|
-
secret_key_base_setting,
|
71
63
|
]
|
72
64
|
if image_id
|
73
65
|
settings << template_option_setting(template: template, namespace: "aws:autoscaling:launchconfiguration", option_name: "ImageId", override: image_id)
|
@@ -127,9 +119,7 @@ module ElasticBeans
|
|
127
119
|
# :nodoc: all
|
128
120
|
# @!visibility private
|
129
121
|
class MissingOptionsError < ElasticBeans::Error
|
130
|
-
def initialize(
|
131
|
-
@database_url = database_url
|
132
|
-
@secret_key_base = secret_key_base
|
122
|
+
def initialize(keypair:)
|
133
123
|
@keypair = keypair
|
134
124
|
end
|
135
125
|
|
@@ -137,15 +127,9 @@ module ElasticBeans
|
|
137
127
|
require "elastic_beans/cli"
|
138
128
|
require "elastic_beans/cli/string_shell"
|
139
129
|
msg = "Some required options are missing and must be set when configuring an application:\n\n"
|
140
|
-
if @database_url.nil?
|
141
|
-
msg << "--database-url DATABASE_URL must point to a valid database, and is required for running a Rails application\n"
|
142
|
-
end
|
143
130
|
if @keypair.nil?
|
144
131
|
msg << "--keypair KEYPAIR must be a valid EC2 key pair, and will be used on Elastic Beanstalk instances\n"
|
145
132
|
end
|
146
|
-
if @secret_key_base.nil?
|
147
|
-
msg << "--secret-key-base SECRET_KEY_BASE can be any value, and is required for running a Rails application\n"
|
148
|
-
end
|
149
133
|
msg << <<-MESSAGE
|
150
134
|
|
151
135
|
Please re-run `#{command_as_string "configure"}` with these options.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: elastic_beans
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.11.0.
|
4
|
+
version: 0.11.0.alpha3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Adam Stegman
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-07-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk
|