Differences

This shows you the differences between two versions of the page.

--- marfeel:test [2020/03/16 12:21] – dodger
+++ marfeel:test [2020/03/17 07:58] – [Things I forgot] dodger
@@ Line 16: / Line 16: @@
 ===== Ami and UserData =====
 I did some mistakes, so I create some versions of it:
-  * name : ''dodger_marfeel_test_003''
-  * id : ''ami-0bc1be25784321fc1''
+| **name** | ''dodger_marfeel_test_003'' |
+| **id** | ''ami-0bc1be25784321fc1'' |
+\\
+==== nginx ====
+I've configured nginx with a bare minimal setup:
+<file config /etc/nginx/nginx.conf>
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+events {
+        worker_connections 768;
+}
+http {
+        server_tokens off;
+        sendfile on;
+        tcp_nopush on;
+        tcp_nodelay on;
+        ## Start: Timeouts ##
+        client_body_timeout   10;
+        client_header_timeout 10;
+        keepalive_timeout     5 5;
+        send_timeout          10;
+        ## End: Timeouts ##
+        types_hash_max_size 2048;
+        include /etc/nginx/mime.types;
+        default_type application/octet-stream;
+        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+        ssl_prefer_server_ciphers on;
+        access_log /var/log/nginx/access.log;
+        error_log /var/log/nginx/error.log;
+        # compress everything
+        gzip on;
+        # disabled by marfeel request:
+        #       Enable gzip for all the requests (proxied request included)
+        #       you have chosen it :-)
+        #gzip_disable "msie6";
+        #include /etc/nginx/conf.d/*.conf;
+        include /etc/nginx/conf.d/proxy_cache.conf;
+        include /etc/nginx/sites-enabled/*;
+}
+</file>
+Nginx proxy cache setup:
+<file config  /etc/nginx/conf.d/proxy_cache.conf>
+proxy_cache_path /dev/shm levels=1:2 keys_zone=marfeel:1m;
+proxy_cache                     marfeel;
+#proxy_cache_background_update  on;
+proxy_cache_key $scheme$proxy_host$request_uri;
+proxy_cache_revalidate          on;
+</file>
+Default site:
+<file config /etc/nginx/sites-available/default.conf>
+server {
+        listen 80 default_server;
+        listen [::]:80 default_server;
+        #root /opt/test/www;
+        root /opt/test/Marfeel-appserverpythontestapp-2937d4f8673c;
+        index index.html index.htm ;
+        server_name _;
+        # compress all proxy requests
+        include conf.d/proxy_compression.conf;
+        include conf.d/static_files.conf;
+        location ^~ /cgi-bin {
+                proxy_pass http://localhost:8080;
+                proxy_set_header Host $http_host;
+                proxy_cache_valid any      1m;
+                expires 10m;
+        }
+}
+</file>
+Proxy compression config:
+<file config /etc/nginx/conf.d/proxy_compression.conf>
+# Enable gzip but do not remove ETag headers
+gzip on;
+gzip_vary on;
+gzip_comp_level 4;
+gzip_min_length 256;
+gzip_proxied any;
+#gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
+gzip_types *;
+</file>
+Static files ''expires'':
+<file config /etc/nginx/conf.d/static_files.conf>
+# serve static files directly
+# The ?: prefix is a 'non-capturing' mark, meaning we do not require
+# the pattern to be captured into $1 which should help improve performance
+location ~* ^.+\.(?:jpg|jpeg|gif|css|png|js|ico|txt)$ {
+    #access_log        off;
+    expires           1h;
+}
+</file>
+==== Python http server ====
+I've setup a ''.service'' for systemd named ''marfeel_test'' which is inside the AMI:
+<file yaml /etc/systemd/system/marfeel_test.service>
+[Unit]
+Description=marfeel test service
+After=auditd.service systemd-user-sessions.service time-sync.target
+[Service]
+User=marfeel
+TimeoutStartSec=0
+Type=simple
+KillMode=control-group
+WorkingDirectory=/opt/test/Marfeel-appserverpythontestapp-2937d4f8673c
+ExecStart=/usr/bin/python3 -m http.server --cgi 8080
+Restart=no
+[Install]
+WantedBy=multi-user.target
+</file>
 ===== Which code have you added to the user-data on launching the instance? =====
 <code yaml>
@@ Line 32: / Line 152: @@
 ===== Security group =====
-I create the 001 group with https, then I remove it in the 2nd version:
+I create a security group (ending with 001) with https, then I remove it in the 2nd version:
-  * name: ''dodger_launch_002''
+| **name** | ''dodger_launch_002'' |
 ===== auto-scaling Group =====
-    * name: ''marfeel_scalinggroup_001''
+| **name** | ''marfeel_scalinggroup_001'' |
@@ Line 48: / Line 168: @@
   * ''aws-cli''
   * ''jq''
+<WRAP center round info 60%>
+''aws-cli'' must be configured!!!
+</WRAP>
 \\
@@ Line 53: / Line 178: @@
 Code:
-<file bash make_it_cool.sh>
+<file bash /root/marfeel_auto_updater/make_it_cool.sh>
 #!/bin/bash
@@ Line 234: / Line 359: @@
 \\
 Config file:
-<file config make_it_cool.config>
+<file config /root/marfeel_auto_updater/make_it_cool.config>
 # Our template for re-generate the config
@@ Line 253: / Line 378: @@
 DEBUG=0
 </file>
+\\
+Setup crontab with desired frequency for refresh, for example:
+<code crontab>
+*/3 *   * * *   root    /root/marfeel_auto_updater/make_it_cool.sh
+</code>
+====== Things I forgot ======
+  * Purge log files from ''make_it_cool.sh'' in HA proxy node
+  * A lot of additional checks for the script...