I added a SNS topic notification for my autoscaling group
Basically this just posts to SNS Topic and a lambda function uses a webhook to post to a Slack channel. All works fine.
However since adding this notification (almost a week ago)
My ElasticBeanstalk instance health has been showing as 'Degraded':
and the 'Causes' just shows
Auto Scaling group (awseb-e-rf8zhmbjwm-stack-XXXXXXXXX) notifications have been deleted or modified.
My ec2 instances seem healthy, and my app is working fine afaik.
Why does it keep this 'Degraded' state? How can I fix it?
I had wrestled with the same issue for a few days, this is how I fixed it:
Beanstalk does not like it when you change any piece of your environment outside of the Beanstalk configuration (i.e. adding an SNS notification to your autoscaling group) after the environment was created.
What you can do is make all changes to your infrastructure that you want in place - including the SNS notification. Your Beanstalk environment will show as "Degraded" as you know. Then, clone your environment into a new one under your application and then delete the old Degraded environment. Beanstalk will see the cloned environment as unchanged, and will then set the Health status to "OK".
Related
I have a load balanced EB environment, running a PHP application on an Apache server.
We have successfully deployed the identical software to a test environment in this AWS account, as a pre-production test. This went as expected, and updated the sortware with each CLI deployment.
I cloned this environment in order to deploy the production instance. Generally, deploying the application via EB CLI results in a healthy instance. I say generally because occasionally this shows as degraded - to fix this, I select the latest application version and deploy it to the instance via the admin interface. This feels like a workaround because the console already shows the correct version as the one deployed.
The problem I am having now is in changing the environment variables, to point to the production database. When I change this via the configuration>software section, no changes are stored. When I hit 'apply' the environment starts to transition. When this is complete, the instance health has degraded and the changes made to the configuration are not persisted.
I don't really see a pattern here, and it's behaving in a way that differs from the way the test instance did - I had no problems there.
Any suggestions on how to get past this?
We'd like our PHP based environment to auto scale up and down based on load.
Our users send emails that get queued in postfix queues on the machine, and we also have other short running tasks in the background (e.g. creating PDFs).
Is there any way we can tell the scaling thing to wait until the mail spool is empty and any currently running jobs have finished?
I'd rather stay away from worker environments for now to make migrating to AWS easier/more similar to our existing setup.
Thanks in advance.
One of AWS's published message handling patterns suggests using a message ReceiptHandle in order to extend it's visibility timeout, but I've discovered that when consuming messages in an Elastic Beanstalk worker (via aws-sqsd), the ReceiptHandle is not passed as one of the header parameters.
Does anyone have any suggestions on how I can get the ReceiptHandle for a message?
Thanks.
Sadly you can't do this. EB worker does not provide that for you by default. The retrieval and deletion of msgs from SQS is managed by EB sqs daemon, not your application.
This simplifies deployments as you don't have to worry about interacting with SQS, but then limits what you can do.
Problem
I've been working with several small Elastic Beanstalk environments, both within and outside of VPCs. Every time I deploy, even if I specify security groups, Elastic Beanstalk creates new security groups for the instance(s) and ELB. These groups are open to 0.0.0.0/0. My organization's security rules catch these rules every time and remove them, and the security team follows up with me to ask if everything's alright.
Question
Can I configure Elastic Beanstalk to not open up the security groups to HTTP from anywhere on the internet prior to deploying?
Let's say for argument's sake that I have a vm instance, which is configured with an endpoint config_id in it's meta-data that is set to an existing working cloud endpoint.
Can someone please explain to me what happens to the incoming requests if the cloud endpoint is redeployed? Obviously, I will get an new config_id, but if haven't yet applied this config_id to the vm instance, does the traffic just get discarded?
If this is the case, what are some viable solutions to prevent service interruption for my users.
Thanks!
The traffic keeps going to the old configuration until you change the endpoints-service-config-id with the new config_id:
And then ssh into the VM instance with gcloud compute ssh [INSTANCE-NAME] and run sudo /etc/init.d/nginx restart.
In conclusion, traffic won't be discarded. It just keeps using the old config deployment. See redeploying