ufo 4.0.0 → 4.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -1
- data/README.md +1 -1
- data/docs/_docs/security-groups.md +2 -2
- data/docs/_docs/settings-network.md +1 -1
- data/docs/_docs/ssl-support.md +5 -6
- data/docs/_docs/tutorial-ufo-tasks-build.md +6 -6
- data/docs/_docs/upgrade4.md +0 -3
- data/docs/_includes/cfn-customize.md +1 -1
- data/docs/_includes/example.html +39 -56
- data/docs/_reference/ufo-ship.md +3 -12
- data/docs/_reference/ufo-stop.md +1 -1
- data/docs/docs.md +0 -2
- data/docs/quick-start.md +1 -1
- data/lib/cfn/stack.yml +16 -0
- data/lib/template/.ufo/settings.yml.tt +2 -2
- data/lib/template/.ufo/settings/cfn/default.yml.tt +31 -16
- data/lib/ufo/default/settings.yml +2 -1
- data/lib/ufo/help/ship.md +3 -12
- data/lib/ufo/help/stop.md +1 -1
- data/lib/ufo/init.rb +1 -1
- data/lib/ufo/ps.rb +1 -1
- data/lib/ufo/stack.rb +2 -2
- data/lib/ufo/stack/context.rb +7 -3
- data/lib/ufo/upgrade/upgrade4.rb +0 -10
- data/lib/ufo/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a06ce94ad72a7dd44f9e6a5d9fae01812e4891ee989a9d3fe23cb5c91e7c5886
|
4
|
+
data.tar.gz: 37f7541753447ba7e117cb15cb000291b43e9c5f7020dff9236e0b767123ac78
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bc1237132c6697f392edb681259981591735a6b425e8b66a873662af909cebb67a1c76e61ca62f76c1d8199e9c61e5248c40115c1430fd58b7e91eb2b9d70e93
|
7
|
+
data.tar.gz: d29cdf5810ee4ff7f80157401b890e4c46ba1cbade864fa5b0d23095f6caeaa6c44351c0a2b739ac5bbf6c37835b7beb2eaffb71c9b5557cdab437eb85f507d9
|
data/CHANGELOG.md
CHANGED
@@ -3,7 +3,12 @@
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
4
4
|
This project *tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
|
5
5
|
|
6
|
-
## [4.0.
|
6
|
+
## [4.0.1]
|
7
|
+
- Merge pull request #44 from tongueroo/ssl
|
8
|
+
- add listener_ssl resource for better ssl support
|
9
|
+
- update docs
|
10
|
+
|
11
|
+
## [4.0.0]
|
7
12
|
- Major architecture changes
|
8
13
|
- Fuller CLI Toolkit Commands
|
9
14
|
- Load Balancer Support
|
data/README.md
CHANGED
@@ -20,7 +20,7 @@ See [ufoships.com](http://ufoships.com) for full documentation.
|
|
20
20
|
|
21
21
|
## Important
|
22
22
|
|
23
|
-
If you are on version 3, you can run `ufo upgrade v3to4` within your project to upgrade it to version 4. Refer to the [CHANGELOG](CHANGELOG.md).
|
23
|
+
If you are on version 3, you can run `ufo upgrade v3to4` within your project to upgrade it to version 4. Refer to the [CHANGELOG](CHANGELOG.md) and the [Upgrade 4 Docs](http://ufoships.com/docs/upgrade4/).
|
24
24
|
|
25
25
|
## Installation
|
26
26
|
|
@@ -11,7 +11,7 @@ Some consideration for these security groups:
|
|
11
11
|
|
12
12
|
## EC2 Instance Security Group Help
|
13
13
|
|
14
|
-
If you are seeing that the Targets in the ELB Target Group are reporting unhealthy, it is usually a security group issue. You might see this
|
14
|
+
If you are seeing that the Targets in the ELB Target Group are reporting unhealthy, it is usually a security group issue. You might see this output with `ufo ps`:
|
15
15
|
|
16
16
|
$ ufo ps --no-summary
|
17
17
|
+----------+------+--------------+----------------+---------+-------------------------+
|
@@ -21,7 +21,7 @@ If you are seeing that the Targets in the ELB Target Group are reporting unhealt
|
|
21
21
|
| d02728ba | web | demo-web:169 | 3 minutes ago | STOPPED | Failed ELB health check |
|
22
22
|
| 8dcf81ae | web | demo-web:169 | 13 seconds ago | RUNNING | |
|
23
23
|
+----------+------+--------------+----------------+---------+-------------------------+
|
24
|
-
There are targets the target group reporting unhealthy. This can cause containers to cycle. Here's the error:
|
24
|
+
There are targets in the target group reporting unhealthy. This can cause containers to cycle. Here's the error:
|
25
25
|
(service development-demo-web-Ecs-13D2BFA4ULNC9) (instance i-0812a3bcd94babf12) (port 32779) is unhealthy in (target-group arn:aws:elasticloadbalancing:us-east-1:111111111111:targetgroup/devel-Targe-1MJR8V6VOWBGI/3f44f85710fe0297) due to (reason Request timed out)
|
26
26
|
Check out the ECS console events tab for more info.
|
27
27
|
$
|
@@ -25,7 +25,7 @@ Option | Description
|
|
25
25
|
--- | ---
|
26
26
|
vpc | Used to create ecs and elb security groups, target group in the CloudFormation template.
|
27
27
|
ecs_subnets | Used to assign a subnet mapping to the ECS service created in CloudFormation when the network mode is awsvpc. Also used to in .ufo/params.yml as part of the run_task api call that is made by `ufo task`.
|
28
|
-
elb_subnets | Used to create elb load balancer.
|
28
|
+
elb_subnets | Used to create elb load balancer. Defaults to same subnets as ecs_subnets when not set.
|
29
29
|
ecs_security_groups | Additional security groups to associate with the ECS tasks.
|
30
30
|
elb_security_groups | Additional security groups to associate with the ELB.
|
31
31
|
|
data/docs/_docs/ssl-support.md
CHANGED
@@ -4,14 +4,13 @@ title: SSL Support
|
|
4
4
|
|
5
5
|
## Application Load Balancers
|
6
6
|
|
7
|
-
If you are using an Application Load Balancer you can configure SSL support by adjusting the
|
7
|
+
If you are using an Application Load Balancer you can configure SSL support by adjusting the `listener_ssl` in `.ufo/settings/cfn/default.yml`. Here's an example:
|
8
8
|
|
9
9
|
```
|
10
|
-
|
10
|
+
listener_ssl:
|
11
11
|
port: 443
|
12
|
-
protocol: HTTPS
|
13
12
|
certificates:
|
14
|
-
-
|
13
|
+
- certificate_arn: arn:aws:acm:us-east-1:111111111111:certificate/11111111-2222-3333-4444-555555555555
|
15
14
|
```
|
16
15
|
|
17
16
|
For the certificate arn, you will need to create a certificate with AWS ACM. To do so, you can follow these instructions: [Request a Public Certificate
|
@@ -23,12 +22,12 @@ Once this is configured, you deploy the app again:
|
|
23
22
|
|
24
23
|
## Network Load Balancers
|
25
24
|
|
26
|
-
Network Load Balancers work at layer 4, so they do not support SSL termination because SSL happens higher up in the OSI model layers. With Network Load Balancers you handle SSL termination within your app with the
|
25
|
+
Network Load Balancers work at layer 4, so they do not support SSL termination because SSL happens higher up in the OSI model layers. With Network Load Balancers you handle SSL termination within your app with the server you are using. For example, it could be apache, nginx or tomcat.
|
27
26
|
|
28
27
|
You also will need to also configure the target group to check the port that your app server is listening to and configure the health_check_protocol to HTTPS. Here's an example:
|
29
28
|
|
30
29
|
```
|
31
|
-
|
30
|
+
listener_ssl:
|
32
31
|
port: 443
|
33
32
|
target_group:
|
34
33
|
port: 443
|
@@ -4,14 +4,14 @@ title: Task Definitions
|
|
4
4
|
|
5
5
|
## Build the ECS Task Definitions
|
6
6
|
|
7
|
-
Now that we have a
|
7
|
+
Now that we have a Docker image pushed to a registry we can use that image for ECS. Ufo takes that image and adds it to an ECS task definition. This is where ufo is powerful. Ufo gives you the power to build and control your ECS task definition directly.
|
8
8
|
|
9
|
-
Let's take a look at the
|
9
|
+
Let's take a look at the files that are used by ufo to build the ECS task definition. These files were generated by the `ufo init` command at the beginning.
|
10
10
|
|
11
11
|
1. `.ufo/templates/main.json.erb`
|
12
12
|
2. `.ufo/task_definitions.rb`
|
13
13
|
|
14
|
-
Ufo task definitions are written as an ERB template that makes it directly accessible. You can configure to your requirements. Here is an example of an ERB template `.ufo/templates/main.json.erb`
|
14
|
+
Ufo task definitions are written as an ERB template that makes it directly accessible. You can configure it to your requirements. Here is an example of an ERB template `.ufo/templates/main.json.erb` and shows how to modify the task definition:
|
15
15
|
|
16
16
|
**.ufo/templates/main.json.erb**:
|
17
17
|
|
@@ -61,14 +61,14 @@ end
|
|
61
61
|
|
62
62
|
## Shared Variables
|
63
63
|
|
64
|
-
Ufo has a concept of shared variables, covered in [Shared Variables]({% link _docs/variables.md %}). The shared variables are set in the `variables` folder and
|
64
|
+
Ufo has a concept of shared variables, covered in [Shared Variables]({% link _docs/variables.md %}). The shared variables are set in the `variables` folder and allow you to use a set of shared variables common to your templates:
|
65
65
|
|
66
66
|
**.ufo/variables/base.rb**:
|
67
67
|
|
68
68
|
```ruby
|
69
69
|
@image = helper.full_image_name # includes the git sha tongueroo/demo-ufo:ufo-[sha].
|
70
|
-
@cpu =
|
71
|
-
@memory_reservation =
|
70
|
+
@cpu = 256
|
71
|
+
@memory_reservation = 512
|
72
72
|
@environment = helper.env_file(".env")
|
73
73
|
```
|
74
74
|
|
data/docs/_docs/upgrade4.md
CHANGED
@@ -27,8 +27,6 @@ It is recommended that you run the `ufo upgrade v3to4` command with the network
|
|
27
27
|
append .dockerignore
|
28
28
|
append .gitignore
|
29
29
|
force .ufo/params.yml
|
30
|
-
conflict .ufo/settings.yml
|
31
|
-
force .ufo/settings.yml
|
32
30
|
create .ufo/settings/cfn/default.yml
|
33
31
|
create .ufo/settings/network/default.yml
|
34
32
|
Upgrade complete.
|
@@ -40,7 +38,6 @@ If you run the upgrade command without specified options, then ufo will detect a
|
|
40
38
|
File | Changes
|
41
39
|
--- | ---
|
42
40
|
.ufo/params.yml | The create_service and update_service sections have been removed. The options handed by CloudFormation and can be customized with `.ufo/settings/cfn/default.yml`. If you have used these options for Fargate support, you no longer need to worry about them. The generated CloudFormation template detects if the task definition uses Fargate and handles it for you.
|
43
|
-
.ufo/settings.yml | A network_profile and cfn_profile option have been added with default settings.
|
44
41
|
.ufo/settings/cfn/default.yml | Starter cfn settings file.
|
45
42
|
.ufo/settings/network/default.yml | This generated file will have the vpc and subnets that you specified above. You can change them directly in this file to control what network settings ufo uses.
|
46
43
|
|
@@ -24,7 +24,7 @@ TargetGroup:
|
|
24
24
|
...
|
25
25
|
```
|
26
26
|
|
27
|
-
In this way, you can customize and override any
|
27
|
+
In this way, you can customize and override any properties associated with resources created by the ufo CloudFormation stack.
|
28
28
|
|
29
29
|
Here's a list of the resources in the [cfn/stack.yml](https://github.com/tongueroo/ufo/blob/master/lib/cfn/stack.yml) that you can customize:
|
30
30
|
|
data/docs/_includes/example.html
CHANGED
@@ -9,69 +9,52 @@
|
|
9
9
|
<div class='row'>
|
10
10
|
<div class='col-md-offset-1 col-md-10'>
|
11
11
|
{% highlight sh %}
|
12
|
-
$ ufo ship
|
12
|
+
$ ufo ship
|
13
13
|
Building docker image with:
|
14
|
-
docker build -t tongueroo/demo-ufo:ufo-
|
15
|
-
Sending build context to Docker daemon
|
16
|
-
Step 1 : FROM ruby:2.
|
17
|
-
--->
|
18
|
-
|
14
|
+
docker build -t tongueroo/demo-ufo:ufo-2018-07-03T20-42-48-9cb7bf9 -f Dockerfile .
|
15
|
+
Sending build context to Docker daemon 295.4kB
|
16
|
+
Step 1/10 : FROM ruby:2.5.1
|
17
|
+
---> 857bc7ff918f
|
18
|
+
...
|
19
|
+
Step 10/10 : CMD bin/web
|
19
20
|
---> Using cache
|
20
|
-
--->
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
---> f1e152250b3e
|
27
|
-
Step 5 : ADD Gemfile.lock /app/Gemfile.lock
|
28
|
-
---> Using cache
|
29
|
-
---> 779ebef7e4e2
|
30
|
-
Step 6 : RUN bundle install --system
|
31
|
-
---> Using cache
|
32
|
-
---> 82fa66ab7513
|
33
|
-
Step 7 : ADD . /app
|
34
|
-
---> 7c19cea5f89b
|
35
|
-
Removing intermediate container 54f2f54b6d8a
|
36
|
-
Step 8 : RUN bundle install --system
|
37
|
-
---> Running in 1deb79965099
|
38
|
-
Bundle complete! 12 Gemfile dependencies, 56 gems now installed.
|
39
|
-
Bundled gems are installed into /usr/local/bundle.
|
40
|
-
---> 43a24c8073cb
|
41
|
-
Removing intermediate container 1deb79965099
|
42
|
-
Step 9 : RUN chmod a+x bin/*
|
43
|
-
---> Running in 1c4be40ec03c
|
44
|
-
---> 167ed122d8ae
|
45
|
-
Removing intermediate container 1c4be40ec03c
|
46
|
-
Step 10 : EXPOSE 3000
|
47
|
-
---> Running in 38b7a02a584e
|
48
|
-
---> 12e511582f93
|
49
|
-
Removing intermediate container 38b7a02a584e
|
50
|
-
Step 11 : CMD bin/web
|
51
|
-
---> Running in f56d659a2c9e
|
52
|
-
---> 1689ba53ca03
|
53
|
-
Removing intermediate container f56d659a2c9e
|
54
|
-
Successfully built 1689ba53ca03
|
55
|
-
Docker image tongueroo/demo-ufo:ufo-2017-06-11T19-43-19-bc80e84 built. Took 34s.
|
21
|
+
---> c02b8f7eb183
|
22
|
+
Successfully built c02b8f7eb183
|
23
|
+
Successfully tagged tongueroo/demo-ufo:ufo-2018-07-03T20-42-48-9cb7bf9
|
24
|
+
Docker image tongueroo/demo-ufo:ufo-2018-07-03T20-42-48-9cb7bf9 built.
|
25
|
+
Docker build took 0s.
|
26
|
+
=> docker push tongueroo/demo-ufo:ufo-2018-07-03T20-42-48-9cb7bf9
|
56
27
|
The push refers to a repository [docker.io/tongueroo/demo-ufo]
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
ufo-
|
62
|
-
Pushed tongueroo/demo-ufo:ufo-
|
28
|
+
f8172fcf60ff: Layer already exists
|
29
|
+
a51c4b90e727: Layer already exists
|
30
|
+
...
|
31
|
+
0f3a12fef684: Layer already exists
|
32
|
+
ufo-2018-07-03T20-42-48-9cb7bf9: digest: sha256:00eade753ff8721f7f96a505ea3bec6b1fd334c930dcecc20a2043ae9300496d size: 3458
|
33
|
+
Pushed tongueroo/demo-ufo:ufo-2018-07-03T20-42-48-9cb7bf9 docker image.
|
34
|
+
Docker push took 4s.
|
63
35
|
Building Task Definitions...
|
64
36
|
Generating Task Definitions:
|
65
|
-
ufo/output/demo-web.json
|
66
|
-
ufo/output/demo-worker.json
|
67
|
-
ufo/output/demo-clock.json
|
68
|
-
Task Definitions built in ufo/output
|
37
|
+
.ufo/output/demo-web.json
|
38
|
+
.ufo/output/demo-worker.json
|
39
|
+
.ufo/output/demo-clock.json
|
40
|
+
Task Definitions built in .ufo/output
|
41
|
+
Equivalent aws cli command:
|
42
|
+
aws ecs register-task-definition --cli-input-json file://.ufo/output/demo-web.json
|
69
43
|
demo-web task definition registered.
|
70
|
-
|
71
|
-
|
44
|
+
Deploying demo-web...
|
45
|
+
Ensuring log group for demo-web task definition exists
|
46
|
+
Log group name: ecs/demo-web
|
47
|
+
Updating stack development-demo-web...
|
48
|
+
Generated template saved at: /tmp/ufo/development-demo-web/stack.yml
|
49
|
+
Generated parameters saved at: /tmp/ufo/development-demo-web/parameters.yml
|
50
|
+
08:43:07PM UPDATE_IN_PROGRESS AWS::CloudFormation::Stack development-demo-web User Initiated
|
51
|
+
08:43:11PM UPDATE_IN_PROGRESS AWS::ECS::Service Ecs
|
52
|
+
08:45:12PM UPDATE_COMPLETE AWS::ECS::Service Ecs
|
53
|
+
08:45:14PM UPDATE_COMPLETE_CLEANUP_IN_PROGRESS AWS::CloudFormation::Stack development-demo-web
|
54
|
+
08:45:15PM UPDATE_COMPLETE AWS::CloudFormation::Stack development-demo-web
|
55
|
+
Stack success status: UPDATE_COMPLETE
|
56
|
+
Time took for stack deployment: 2m 13s.
|
72
57
|
Software shipped!
|
73
|
-
Cleaning up docker images...
|
74
|
-
Running: docker rmi tongueroo/demo-ufo:ufo-2017-06-11T11-37-00-bc80e84
|
75
58
|
$
|
76
59
|
{% endhighlight %}
|
77
60
|
</div>
|
data/docs/_reference/ufo-ship.md
CHANGED
@@ -67,20 +67,11 @@ More info available at the [load balancer docs](http://ufoships.com/docs/load-ba
|
|
67
67
|
|
68
68
|
Let's you want skip the docker build phase and only want use ufo to deploy a task definition. You can do this with the `ufo deploy` command. Refer to [ufo deploy](http://ufoships.com/reference/ufo-deploy/) for more info.
|
69
69
|
|
70
|
-
### Waiting for Deployments to Complete
|
70
|
+
### Not Waiting for Deployments to Complete
|
71
71
|
|
72
|
-
By default when ufo updates the ECS service with the new task definition it does so
|
72
|
+
By default when ufo updates the ECS service with the new task definition it does so synchronuously. It'll wait until the CloudFormation stack finishes. You can make it asynchronuously with the `--no-wait` option:
|
73
73
|
|
74
|
-
ufo ship demo-web --wait
|
75
|
-
|
76
|
-
You should see output similar to this:
|
77
|
-
|
78
|
-
Shipping demo-web...
|
79
|
-
demo-web service updated on cluster with task demo-web
|
80
|
-
Waiting for deployment of task definition demo-web:8 to complete
|
81
|
-
......
|
82
|
-
Time waiting for ECS deployment: 31s.
|
83
|
-
Software shipped!
|
74
|
+
ufo ship demo-web --no-wait
|
84
75
|
|
85
76
|
### Route 53 DNS Support
|
86
77
|
|
data/docs/_reference/ufo-stop.md
CHANGED
@@ -11,7 +11,7 @@ reference: true
|
|
11
11
|
|
12
12
|
Stop tasks from old deployments. Can speed up deployments with network load balancer.
|
13
13
|
|
14
|
-
ECS deployments can sometimes take a while. One reason could be because the old ECS tasks can take some time to drain and removed. The recommended way to speed this draining process up is configuring the `deregistration_delay.timeout_seconds` to a low value. You can configured this in `.ufo/settings/cfn/default.yml`. For more info refer to http://
|
14
|
+
ECS deployments can sometimes take a while. One reason could be because the old ECS tasks can take some time to drain and removed. The recommended way to speed this draining process up is configuring the `deregistration_delay.timeout_seconds` to a low value. You can configured this in `.ufo/settings/cfn/default.yml`. For more info refer to http://ufoships.com/docs/settings-cfn/ This setting works well for Application Load Balancers.
|
15
15
|
|
16
16
|
However, for Network Load Balancers, it seems like the deregistration_delay is not currently being respected. In this case, it take an annoying load time and this command can help speed up the process.
|
17
17
|
|
data/docs/docs.md
CHANGED
@@ -12,8 +12,6 @@ Ufo is a tool that makes deploying to AWS ECS easy. Ufo provides a `ufo ship` co
|
|
12
12
|
|
13
13
|
Ufo was built directly from real life production use cases after seeing the same patterns repeated over and over. Ufo enables you to write the AWS task definition json format file in ERB, an easy templating language. This allows you to reuse the ufo tool with multiple applications and only put the truly application specific business logic in each app code base.
|
14
14
|
|
15
|
-
Next we'll cover different ways to install ufo.
|
16
|
-
|
17
15
|
<a id="prev" class="btn btn-basic" href="{% link _docs/tutorial-ufo-ships.md %}">Back</a>
|
18
16
|
<a id="next" class="btn btn-primary" href="{% link _docs/structure.md %}">Next Step</a>
|
19
17
|
<p class="keyboard-tip">Pro tip: Use the <- and -> arrow keys to move back and forward.</p>
|
data/docs/quick-start.md
CHANGED
data/lib/cfn/stack.yml
CHANGED
@@ -125,6 +125,18 @@ Resources:
|
|
125
125
|
Protocol: <%= @default_listener_protocol %>
|
126
126
|
<%= custom_properties(:Listener) %>
|
127
127
|
|
128
|
+
ListenerSsl:
|
129
|
+
Type: AWS::ElasticLoadBalancingV2::Listener
|
130
|
+
Condition: CreateElbIsTrue
|
131
|
+
Properties:
|
132
|
+
DefaultActions:
|
133
|
+
- Type: forward
|
134
|
+
TargetGroupArn:
|
135
|
+
!If [ElbTargetGroupIsBlank, !Ref TargetGroup, !Ref ElbTargetGroup]
|
136
|
+
LoadBalancerArn: !Ref Elb
|
137
|
+
Protocol: <%= @default_listener_ssl_protocol %>
|
138
|
+
<%= custom_properties(:ListenerSsl) %>
|
139
|
+
|
128
140
|
<% if @elb_type == "application" -%>
|
129
141
|
ElbSecurityGroup:
|
130
142
|
Type: AWS::EC2::SecurityGroup
|
@@ -137,6 +149,10 @@ Resources:
|
|
137
149
|
FromPort: '<%= cfn[:listener][:port] %>'
|
138
150
|
ToPort: '<%= cfn[:listener][:port] %>'
|
139
151
|
CidrIp: 0.0.0.0/0
|
152
|
+
- IpProtocol: tcp
|
153
|
+
FromPort: '<%= cfn[:listener_ssl][:port] %>'
|
154
|
+
ToPort: '<%= cfn[:listener_ssl][:port] %>'
|
155
|
+
CidrIp: 0.0.0.0/0
|
140
156
|
SecurityGroupEgress:
|
141
157
|
- IpProtocol: tcp
|
142
158
|
FromPort: '0'
|
@@ -6,8 +6,8 @@ base:
|
|
6
6
|
image: <%= @image %>
|
7
7
|
# clean_keep: 30
|
8
8
|
# ecr_keep: 30
|
9
|
-
network_profile: default # .ufo/settings/network/default.yml file
|
10
|
-
cfn_profile: default # .ufo/settings/cfn/default.yml file
|
9
|
+
# network_profile: default # .ufo/settings/network/default.yml file
|
10
|
+
# cfn_profile: default # .ufo/settings/cfn/default.yml file
|
11
11
|
# If you want to have prettier name set for the ECS service name
|
12
12
|
# There are some cavaets with this. Updating properties on resources that require
|
13
13
|
# replacment might not work. For example, adding and removing a load balancer.
|
@@ -17,33 +17,48 @@ target_group:
|
|
17
17
|
# application elb: HTTP
|
18
18
|
# network elb: TCP
|
19
19
|
# so we can keep this commented out, unless we need HTTPS at the app level
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
# network elb support health_check_interval_seconds of 10 or 30
|
24
|
-
# health_check_interval_seconds: 30
|
25
|
-
|
26
|
-
# health check settings are supported by application load balancer only:
|
20
|
+
# Health check settings are supported by application load balancer only:
|
21
|
+
# health_check_path: /upcheck
|
22
|
+
# health_check_interval_seconds: 30 # 10 or 30 for network ELB
|
27
23
|
# health_check_protocol: HTTP # HTTP or HTTPS
|
28
|
-
# health_check_path: /
|
29
24
|
# health_check_port: traffic-port
|
30
25
|
# unhealthy_threshold_count: 10
|
26
|
+
target_group_attributes:
|
27
|
+
- key: deregistration_delay.timeout_seconds
|
28
|
+
value: 1
|
31
29
|
|
32
30
|
# https://docs.aws.amazon.com/fr_fr/elasticloadbalancing/latest/APIReference/API_CreateListener.html
|
33
31
|
#
|
34
|
-
#
|
35
|
-
# support SSL termination. Network load balancers do not.
|
32
|
+
# This is the default listener and normally should listen to port 80.
|
36
33
|
listener:
|
37
|
-
port: 80
|
34
|
+
port: 80
|
38
35
|
# For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocol is TCP.
|
39
36
|
# protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP
|
40
|
-
# ufo sets defaults
|
41
|
-
# application elb: HTTP
|
37
|
+
# ufo sets these defaults:
|
38
|
+
# application elb: HTTP # unless port is 443
|
39
|
+
# application elb: HTTPS # if port is 443
|
42
40
|
# network elb: TCP
|
43
|
-
#
|
44
|
-
|
41
|
+
# Can keep protocol commented out,
|
42
|
+
# unless need to override the defaults.
|
43
|
+
|
44
|
+
# If HTTPS and SSL is required then the listener_ssl config is what you need.
|
45
|
+
# Application ELBs support SSL termination.
|
46
|
+
# Network load balancers do not.
|
47
|
+
#
|
48
|
+
# ufo current creates both a normal listener and an ssl listener, even if you
|
49
|
+
# are not using it. Both listeners point to the same target group.
|
50
|
+
listener_ssl:
|
51
|
+
port: 443
|
52
|
+
# protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP
|
53
|
+
# ufo handles setting the defaults:
|
54
|
+
# application elb: HTTP # unless port is 443
|
55
|
+
# application elb: HTTPS # if port is 443
|
56
|
+
# network elb: TCP
|
57
|
+
# Certificates are supported by application load balancers only.
|
58
|
+
# Network load balancers do not support SSL termination.
|
45
59
|
# certificates:
|
46
|
-
# -
|
60
|
+
# - certificate_arn: arn:aws:acm:us-east-1:111111111111:certificate/11111111-2222-3333-4444-555555555555
|
61
|
+
|
47
62
|
|
48
63
|
# Configure dns to automatically be associated with the ELB dns name.
|
49
64
|
# Note, the route53 record set for the domain name must already exist.
|
@@ -6,7 +6,8 @@ base:
|
|
6
6
|
# image:
|
7
7
|
# clean_keep: 30
|
8
8
|
# ecr_keep: 30
|
9
|
-
|
9
|
+
network_profile: default # .ufo/settings/network/default.yml file
|
10
|
+
cfn_profile: default # .ufo/settings/cfn/default.yml file
|
10
11
|
|
11
12
|
development:
|
12
13
|
# cluster: dev
|
data/lib/ufo/help/ship.md
CHANGED
@@ -54,20 +54,11 @@ More info available at the [load balancer docs](http://ufoships.com/docs/load-ba
|
|
54
54
|
|
55
55
|
Let's you want skip the docker build phase and only want use ufo to deploy a task definition. You can do this with the `ufo deploy` command. Refer to [ufo deploy](http://ufoships.com/reference/ufo-deploy/) for more info.
|
56
56
|
|
57
|
-
### Waiting for Deployments to Complete
|
57
|
+
### Not Waiting for Deployments to Complete
|
58
58
|
|
59
|
-
By default when ufo updates the ECS service with the new task definition it does so
|
59
|
+
By default when ufo updates the ECS service with the new task definition it does so synchronuously. It'll wait until the CloudFormation stack finishes. You can make it asynchronuously with the `--no-wait` option:
|
60
60
|
|
61
|
-
ufo ship demo-web --wait
|
62
|
-
|
63
|
-
You should see output similar to this:
|
64
|
-
|
65
|
-
Shipping demo-web...
|
66
|
-
demo-web service updated on cluster with task demo-web
|
67
|
-
Waiting for deployment of task definition demo-web:8 to complete
|
68
|
-
......
|
69
|
-
Time waiting for ECS deployment: 31s.
|
70
|
-
Software shipped!
|
61
|
+
ufo ship demo-web --no-wait
|
71
62
|
|
72
63
|
### Route 53 DNS Support
|
73
64
|
|
data/lib/ufo/help/stop.md
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
ECS deployments can sometimes take a while. One reason could be because the old ECS tasks can take some time to drain and removed. The recommended way to speed this draining process up is configuring the `deregistration_delay.timeout_seconds` to a low value. You can configured this in `.ufo/settings/cfn/default.yml`. For more info refer to http://
|
1
|
+
ECS deployments can sometimes take a while. One reason could be because the old ECS tasks can take some time to drain and removed. The recommended way to speed this draining process up is configuring the `deregistration_delay.timeout_seconds` to a low value. You can configured this in `.ufo/settings/cfn/default.yml`. For more info refer to http://ufoships.com/docs/settings-cfn/ This setting works well for Application Load Balancers.
|
2
2
|
|
3
3
|
However, for Network Load Balancers, it seems like the deregistration_delay is not currently being respected. In this case, it take an annoying load time and this command can help speed up the process.
|
4
4
|
|
data/lib/ufo/init.rb
CHANGED
@@ -102,7 +102,7 @@ Some additional starter example roles for your apps were set up in in .ufo/task_
|
|
102
102
|
|
103
103
|
## Settings files
|
104
104
|
|
105
|
-
Additionally, ufo generated starter settings files
|
105
|
+
Additionally, ufo generated starter settings files that allow you to customize more settings.
|
106
106
|
|
107
107
|
* .ufo/settings.yml: general settings.
|
108
108
|
* .ufo/settings/cfn/default.yml: properties of CloudFormation resources that ufo creates.
|
data/lib/ufo/ps.rb
CHANGED
@@ -56,7 +56,7 @@ module Ufo
|
|
56
56
|
end
|
57
57
|
return unless error_event
|
58
58
|
|
59
|
-
puts "There are targets the target group reporting unhealthy. This can cause containers to cycle. Here's the error:"
|
59
|
+
puts "There are targets in the target group reporting unhealthy. This can cause containers to cycle. Here's the error:"
|
60
60
|
puts error_event.message.colorize(:red)
|
61
61
|
puts "Check out the ECS console events tab for more info."
|
62
62
|
end
|
data/lib/ufo/stack.rb
CHANGED
@@ -42,8 +42,8 @@ module Ufo
|
|
42
42
|
if @stack && rollback_complete?(@stack)
|
43
43
|
puts "Existing stack in ROLLBACK_COMPLETE state. Deleting stack before continuing."
|
44
44
|
cloudformation.delete_stack(stack_name: @stack_name)
|
45
|
-
|
46
|
-
|
45
|
+
status.wait
|
46
|
+
status.reset
|
47
47
|
@stack = nil # at this point stack has been deleted
|
48
48
|
end
|
49
49
|
|
data/lib/ufo/stack/context.rb
CHANGED
@@ -31,6 +31,7 @@ class Ufo::Stack
|
|
31
31
|
create_route53: create_elb? && cfn[:dns] && cfn[:dns][:name],
|
32
32
|
default_target_group_protocol: default_target_group_protocol,
|
33
33
|
default_listener_protocol: default_listener_protocol,
|
34
|
+
default_listener_ssl_protocol: default_listener_ssl_protocol,
|
34
35
|
}
|
35
36
|
# puts "vars:".colorize(:cyan)
|
36
37
|
# pp vars
|
@@ -42,13 +43,16 @@ class Ufo::Stack
|
|
42
43
|
def default_target_group_protocol
|
43
44
|
return 'TCP' if elb_type == 'network'
|
44
45
|
'HTTP'
|
45
|
-
# cfn[:target_group][:port] == 443 ? 'HTTPS' : 'HTTP'
|
46
46
|
end
|
47
47
|
|
48
48
|
def default_listener_protocol
|
49
49
|
return 'TCP' if elb_type == 'network'
|
50
|
-
'HTTP'
|
51
|
-
|
50
|
+
cfn[:listener][:port] == 443 ? 'HTTPS' : 'HTTP'
|
51
|
+
end
|
52
|
+
|
53
|
+
def default_listener_ssl_protocol
|
54
|
+
return 'TCP' if elb_type == 'network'
|
55
|
+
cfn[:listener_ssl][:port] == 443 ? 'HTTPS' : 'HTTP'
|
52
56
|
end
|
53
57
|
|
54
58
|
def container
|
data/lib/ufo/upgrade/upgrade4.rb
CHANGED
@@ -24,7 +24,6 @@ class Ufo::Upgrade
|
|
24
24
|
upsert_dockerignore
|
25
25
|
upsert_gitignore
|
26
26
|
update_params_yaml
|
27
|
-
update_settings
|
28
27
|
update_task_definitions
|
29
28
|
new_files
|
30
29
|
end
|
@@ -49,15 +48,6 @@ EOL
|
|
49
48
|
template(".ufo/settings/cfn/default.yml")
|
50
49
|
end
|
51
50
|
|
52
|
-
# add network_profile: default line
|
53
|
-
def update_settings
|
54
|
-
text = <<-EOL
|
55
|
-
network_profile: default # .ufo/settings/network/default.yml file
|
56
|
-
cfn_profile: default # .ufo/settings/cfn/default.yml file
|
57
|
-
EOL
|
58
|
-
insert_into_file ".ufo/settings.yml", text, :after => "base:\n"
|
59
|
-
end
|
60
|
-
|
61
51
|
# remove the create_service and update_service sections
|
62
52
|
def update_params_yaml
|
63
53
|
if File.exist?("#{Ufo.root}/.ufo/params.yml")
|
data/lib/ufo/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ufo
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.0.
|
4
|
+
version: 4.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tung Nguyen
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-07-
|
11
|
+
date: 2018-07-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-cloudformation
|