Using a EC2/ECS/BeanStalk – based solution is like having a dinner in a single restaurant. You eat the appetiser, the main dish and then leave = You build your web app and deploy it in a friendly container. But if you use a lambda-based solution, Dining Cloud behaviour Appetiser in a restaurant A Put AWS …
You need to do 2 things: Copy your code to S3 bucket. Don’t need a new object key in the bucket. Just use the existing one Invoke aws-cli’s “aws lambda update-function-code”, by putting s3 bucket /s3 key in the command line Then the function will be updated. You have to do 2nd step because “s3 …
Update s3-hosted lambda function code without cloudformation Read More »
To call such a module,
This is a typical deploy.sh : (Mostly copied from https://stuff-things.net/2016/07/20/invalidate-cloudfront-and-wait/ )
Feature -> Release Action Branches and their versions (before) CLI commands Branches and their versions (after) More details Start a feature develop: 1.0.0-SNAPSHOT.0master: 1.0.0-SNAPSHOT.0 git flow feature start xxxgit flow feature publish xxx feature/xxx: 1.0.0-SNAPSHOT.0develop: 1.0.0-SNAPSHOT.0master: 1.0.0-SNAPSHOT.0 Or just branch from develop Finish a feature feature/xxx: 1.0.0-SNAPSHOT.0develop: 1.0.0-SNAPSHOT.0master: 1.0.0-SNAPSHOT.0 git flow feature finish xxx develop: …
Problem/Solution Snapshot-based backup Multi-AZ Read Replica in the same region Read Replica in multi region Wrong/deleted data casued by wrong code YesWill lose at leas one day or a few hours of data NoThe wrong data has been copied to the standby instance NoThe wrong data has been copied to the standby instance NoThe wrong …
Without “.dockerignore” the whole directory where Dockerfile is in will be sent to docker daemon, which may be huge And always create a “.git” entry in the file, because this directory can be very big. P.S. Failling to do this may lead to the hanging of “docker-compose up”. It will show the following message: You …
Always have a “.dockerignore” and always have “.git” in it Read More »
1. Exchange a Certificate Signing Request for certificate files openssl req -new -newkey rsa:2048 -nodes -keyout private.key -out my.csr Then submit my.csr file to your CA. You will then get certificate files from it. * The private.key will be used for decryption during SSL/TLS session establishment between a server and a client. 2. Combine …
Enable https for your nginx-hosted website with a CA-signed certificate Read More »
Generate a self-signed https certificate Java’s KeyTool is kind of heavy due to its “keystore” concept. I prefer openssl: openssl req -x509 -nodes -newkey rsa:2048 -keyout cjx_private.key -out cjx_cert.pem -days 36500 #”-nodes” means no password to access the certificate file # You will be prompted set up your information. This one is important: Common Name …
Enable https for your apache-httpd-hosted website with a self-signed certificate Read More »
在aws ec2中搭建apache httpd或tomcat后,发现使用ec2 instance的public ip在浏览器里访问相关服务时失败。 这是因为防火墙未设置。对ec2来说,security group就相当于防火墙。 设置办法: 进入instance列表,在security group列中找到对应的group, 点击它,然后Actions => Edit Inbound Rules, 加入http, 即可允许80端口访问。 如果要打开8080的http端口,新增一个custom tcp rule.