CloudFormation Tutorial (Word press)
YOu may have this error after AWS CloudFormation tutorial.
Your server is running PHP version 5.4.16 but WordPress 5.2 requires at least 5.6.20
ssh -i ./keypair/Amazon_linux2_ami_keypair.pem ec2-user@the url shown in the output
Install below to resolve issue.
https://acloud.guru/forums/aws-csa-2019/discussion/-LeK7R4pgAYrlyM71CZU/yourserverisrunningphp_ver
The given url shows
http://ec2-18-138-227-120.ap-southeast-1.compute.amazonaws.com/wordpress/
>> Not found
http://ec2-18-138-227-120.ap-southeast-1.compute.amazonaws.com/index.php
>> Installation page
>> go on
admin:
http://ec2-18-138-227-120.ap-southeast-1.compute.amazonaws.com/wp-admin/
home:
http://ec2-18-138-227-120.ap-southeast-1.compute.amazonaws.com/
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html
At one stage, deploy by cloud formation didn't work. I had to create a manual pipeline using the same resource to test whether the problem is from resource itself or from cloudformation. It was from resouce itself. Then the two pipeline conflcted each other and made below error.
You can get sample pipleline yaml file from above or here.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html
4 users
2 groups
18 roles
xx customer managed policies
Created role by cloud formation given from here:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html
19 roles
It shows the new role created but never used.
AWS Terms
1Kings 18:44 The seventh time the servant reported, “A cloud as small as a man’s hand is rising from the sea.”
role - defines what you can do / cannot do. may have policy
service role - same as role. when role is doing something, you call it service role
policy - a set of permissions
CloudFormation tutorial for Beanstalk+Pipeline
https://www.valuebound.com/resources/blog/build-your-cicd-pipeline-aws-elasticbeanstack-codepipeline-and-cloudformation
https://stackoverflow.com/questions/33038941/elastic-beanstalk-iam-developer-permissions
Access specific beanstalks only by adding:
Further reading
https://aws.amazon.com/blogs/devops/use-aws-cloudformation-to-automate-the-creation-of-an-s3-bucket-with-cross-region-replication-enabled/
https://github.com/symphoniacloud/multi-region-codepipeline
https://www.valuebound.com/resources/blog/build-your-cicd-pipeline-aws-elasticbeanstack-codepipeline-and-cloudformation
https://github.com/symphoniacloud/multi-region-codepipeline/tree/master/deployment-pipeline
https://acloud.guru/forums/aws-csa-2019/discussion/-LeK7R4pgAYrlyM71CZU/yourserverisrunningphp_ver
The given url shows
http://ec2-18-138-227-120.ap-southeast-1.compute.amazonaws.com/wordpress/
>> Not found
http://ec2-18-138-227-120.ap-southeast-1.compute.amazonaws.com/index.php
>> Installation page
>> go on
admin:
http://ec2-18-138-227-120.ap-southeast-1.compute.amazonaws.com/wp-admin/
home:
http://ec2-18-138-227-120.ap-southeast-1.compute.amazonaws.com/
Pipeline by ClouldFormation
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html
The overall deployment failed because too many individual instances failed deployment, too few healthy instances are available for deployment, or some instances in your deployment group are experiencing problems.
The deployment failed because a specified file already exists at this location: /var/www/html/index.html
At one stage, deploy by cloud formation didn't work. I had to create a manual pipeline using the same resource to test whether the problem is from resource itself or from cloudformation. It was from resouce itself. Then the two pipeline conflcted each other and made below error.
Pipeline by ClouldFormation (tutorial)
https://docs.aws.amazon.com/codepipeline/latest/userguide/tutorials-cloudformation.htmlYou can get sample pipleline yaml file from above or here.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html
Codepipeline + Beanstalk + Cloudformation
https://www.valuebound.com/resources/blog/build-your-cicd-pipeline-aws-elasticbeanstack-codepipeline-and-cloudformationCreate role by ClouldFormation
4 users
2 groups
18 roles
xx customer managed policies
Created role by cloud formation given from here:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html
19 roles
It shows the new role created but never used.
AWS Terms
1Kings 18:44 The seventh time the servant reported, “A cloud as small as a man’s hand is rising from the sea.”
role - defines what you can do / cannot do. may have policy
An IAM role is an IAM identity that you can create in your account that has specific permissions
service role - same as role. when role is doing something, you call it service role
A service role is a role that an AWS service assumes to perform actions on your behalf
policy - a set of permissions
A policy is an entity that, when attached to an identity or resource, defines their permissions.
CloudFormation tutorial for Beanstalk+Pipeline
https://www.valuebound.com/resources/blog/build-your-cicd-pipeline-aws-elasticbeanstack-codepipeline-and-cloudformation
- How did the author do this?
Our template will create a required IAM role for the code pipeline project.
- stage1
Here, we have configured the pipeline to pull the specified repository name and branch.
- stage2
The project manager can approve the changes to be deployed in the environment or deny the changes. We use SNS for sending a notification to the subscribers to approve the changes.
- stage3
During the deploy stage, the code is deployed in all the application environments.
CloudFormation >> pipeline >> beanstalk
https://stackoverflow.com/questions/33038941/elastic-beanstalk-iam-developer-permissions
CloudFormation further restrictions.
Read from specific s3 buckets only by adding:- firstline: source bucket
- 2nd line: pipeline artifact store bucket
- 3rd line: elasticbeanstalk bucket holding deployed application
- Action:
- 's3:Get*'
Effect: Allow
Resource: [ 'arn:aws:s3:::sample-abc-bucket', 'arn:aws:s3:::sample-abc-bucket/*',
'arn:aws:s3:::abc-ap-southeast-1', 'arn:aws:s3:::abc-ap-southeast-1/*',
'arn:aws:s3:::elasticbeanstalk-*', 'arn:aws:s3:::elasticbeanstalk-*/*',
]
Access specific beanstalks only by adding:
- Action:
- 'elasticbeanstalk:*'
Effect: Allow
Resource: '*'
Condition:
StringEquals:
'elasticbeanstalk:InApplication': [ !Sub 'arn:aws:elasticbeanstalk:ap-southeast-1:${AWS::AccountId}:application/YOur Application Name' ]
Further reading
- Create SNS by CF
- https://stelligent.com/2016/07/11/automate-codepipeline-manual-approvals-in-cloudformation/
- Multi region
- Pipeline + github tutorial
https://aws.amazon.com/blogs/devops/use-aws-cloudformation-to-automate-the-creation-of-an-s3-bucket-with-cross-region-replication-enabled/
https://github.com/symphoniacloud/multi-region-codepipeline
https://www.valuebound.com/resources/blog/build-your-cicd-pipeline-aws-elasticbeanstack-codepipeline-and-cloudformation
CloudFormation + shell script
https://github.com/symphoniacloud/multi-region-codepipeline/tree/master/deployment-pipeline
No comments:
Post a Comment