appmeshworkshop's People
Forkers
emcfins bemer samdengler alisade nbrandaleone-forks ffeijoo snovgorodsky argos83 aoggz lefthand goatherder jconstance-amplify andymcintosh mcauduro describeme newtondigital fmedery miki79 gmridula felipemsantos otterley dharmsonariya hmanikkothu jlbutler m3tspotify pedroduartecosta jeeslo jcristan ricardo-aspira jasonarewhy jalawala andskli herbertgoto ilove2git amber-lamp kappyhappy bluecrayon52 tiagoreichert pedro-rates-aws banavalikar rivasdam adamjkeller toricls ospre rajayashappmeshworkshop's Issues
Crystal add_time_ms.patch - "patch does not apply" error
Applying add_time_ms.patch as appears in https://www.appmeshworkshop.com/deployment/updatecrystal/
Results in the "patch does not apply" error
workshop:~/environment $ git apply --stat ecsdemo-crystal/add_time_ms.patch
code_hash.txt | 2 +-
src/server.cr | 4 +++-
2 files changed, 4 insertions(+), 2 deletions(-)
workshop:~/environment $ git -C ~/environment/ecsdemo-crystal apply add_time_ms.patch
error: patch failed: src/server.cr:24
error: src/server.cr: patch does not apply
improve the flow for adding environment/config to the ruby apps
create automation to deploy crystal to ecs
this may be done already
create xray content
ensure there is a cleanup process for every chapter
create steps/automation to shift traffic to nodejs v2 based on percentage traffic
Update Helm instructions for v3
Need to upgrade Helm instructions for v3 - it's mature now and tiller isn't needed anymore, making for a much simpler experience.
Baseline Infrastructure
Create the baseline infrastructure template to support the workshop.
Deploys the networking infrastructure, IAM resources, and the microservices using ECS and EC2.
ECS: ecsdemo-frontend, ecsdemo-nodejs
EC2: ecsdemo-crystal
create steps/automation to meshify frontend
write conclusion chapter -- what did we accomplish? learn?
create steps/automation to build the mesh
create intro slide deck
In install_appmesh_controller.md link for IRSA
Hi,
It seems that in install_appmesh_controller.md, link to content about IRSA points to just appmeshworkshop's index.html. i am not sure this is actually intended but it would more helpful if it connect learners to detailed page about IRSA.
create failure content (introduce failure to one backend service)
unable to deploy in out of US regions
I got an error when deploying the workshop in non-US regions, and I got this error:
An error occurred (ValidationError) when calling the CreateChangeSet operation: Template error: Unable to get mapping for InstanceMap::eu-west-1::AMI
The AMI map includes only US regions, other regions are not in the AMI map, I am trying to play this workshop in France for my customer, it would better if we could enable other regions.
I am trying to add the ami map for DUB, trying to see if there is other issue.
create steps/automation to patch nodejs with new code and deploy v2
appmeshworkshop/content/prerequisites/bootstrapsh.md
Would like to point out that if STS is not enabled in the region (as you are asking to use a region that we weren't using before) there will be silent failures in EKS to connect to the provisioned EC2 nodes. (errors can be seen if logging is activated in the EKS node).
Just one note of that would sort it.
Thank you
create steps/automation to enable service discovery
create steps/automation to shift traffic to nodejs v2 based on headers
open mailinglist for appmeshworkshop@
EC2 SSM document error
My SSM documment was not parsing properly due to space issues (too many) in the YAML template.
Unable to start shell: failed to start pty since RunAs user ubuntu does not exist
:~/environment $ aws ssm start-session --target $TARGET_EC2
Starting session with SessionId: i-07......
SessionId: i-074.... :
----------ERROR-------
Unable to start shell: failed to start pty since RunAs user ubuntu does not exist
enable e2e encryption for mesh nodes (preview?)
page should be moved under start the workshop
https://www.appmeshworkshop.com/mesh_nodejs/install_helm/
should be moved to
https://www.appmeshworkshop.com/prerequisites/
it does not make sense for the appmeshworkshop attendee to waste time on installing helm with rbac which are really eks related content.
create steps/automation to meshify crystal
create cloudformation for ecs cluster
should be part of the same vpc as the ec2 instance -- this may be done already
Typos in permissions (appmesh-baseline.yml)
'xray:GertSamplingStatisticSumaries'
Should be: 'xray:GetSamplingStatisticSummaries'
create automation to deploy nodejs to eks
Deleting CloudFormation template fails due to ECR repositories having images
We should change the retain policy for the repositories, or see if we can completely empty them, and then delete them. I think it is easier to simply change the retain policy, and have a statement in the docs that the repos will exist beyond the lifetime of the workshop.
Failure message:
The repository with name 'appme-cryst-1ohx2vfar9cxh' in registry with id '991225764181' cannot be deleted because it still contains images (Service: AmazonECR; Status Code: 400; Error Code: RepositoryNotEmptyException; Request ID: 450688b7-a9c6-4367-bf73-0d0bce226a34)
updates needed for app mesh controller for k8s installation and configuration
The AWS App Mesh Contoller for Kubernetes (https://github.com/aws/aws-app-mesh-controller-for-k8s) plans to GA soon. With that GA, some elements of install and configuration change.
This issue is for tracking updates around install and configuration of the contoller related to GA.
eks cloudformation
Create cloudformation to build eks cluster... should be part of the same vpc that the ec2 instance builds
Possible Security Problems
Hey there! I noticed some possible problems in some code in this repo. A quick summary of a few of them is below, but let me know if you're interested in seeing a full report or talking about cloud security in general.
severity: serious
filename: ./templates/ci-cd-codepipeline.cfn.yml
line number(s): [204]
resource(s):
IAM role should not allow * resource with PassRole action on its permissions policy
severity: warning
filename: ./templates/ci-cd-codepipeline.cfn.yml
line number(s): [302]
resource(s):
CodeBuild project should specify an EncryptionKey value
severity: warning
filename: ./templates/ci-cd-codepipeline.cfn.yml
line number(s): [204, 240]
resource(s):
IAM role should not allow * resource on its permissions policy
severity: warning
filename: ./templates/ci-cd-codepipeline.cfn.yml
line number(s): [112]
resource(s):
S3 Bucket should have access logging configured
severity: warning
filename: ./templates/ci-cd-codepipeline.cfn.yml
line number(s): [112]
resource(s):
S3 Bucket should have encryption option set
severity: warning
filename: ./templates/amazon-eks-nodegroup-with-spot.yml
line number(s): [339]
resource(s):
Security Groups ingress with an ipProtocol of -1 found
severity: warning
filename: ./templates/amazon-eks-nodegroup-with-spot.yml
line number(s): [339]
resource(s):
Security Groups found ingress with port range instead of just a single port
create logging content
Error: unable to build kubernetes objects from release manifest - Mesh the NodeJS service (EKS)
Hi,
Running the workshop, I face one problem in the Mesh the NodeJS service running on EKS. When executing the command to install the appmesh-controller (https://github.com/brentley/appmeshworkshop/blob/master/content/mesh_nodejs/install_appmesh_controller.md)
helm upgrade -i appmesh-controller eks/appmesh-controller...
,
I receive the following message in the console:
Release "appmesh-controller" does not exist. Installing it now.
Error: unable to build kubernetes objects from release manifest: error validating "": error validating data: [ValidationError(MutatingWebhookConfiguration.webhooks[0]): missing required field "admissionReviewVersions" in io.k8s.api.admissionregistration.v1.MutatingWebhook, ValidationError(MutatingWebhookConfiguration.webhooks[1]): missing required field "admissionReviewVersions" in io.k8s.api.admissionregistration.v1.MutatingWebhook, ValidationError(MutatingWebhookConfiguration.webhooks[2]): missing required field "admissionReviewVersions" in io.k8s.api.admissionregistration.v1.MutatingWebhook, ValidationError(MutatingWebhookConfiguration.webhooks[3]): missing required field "admissionReviewVersions" in io.k8s.api.admissionregistration.v1.MutatingWebhook, ValidationError(MutatingWebhookConfiguration.webhooks[4]): missing required field "admissionReviewVersions" in io.k8s.api.admissionregistration.v1.MutatingWebhook, ValidationError(MutatingWebhookConfiguration.webhooks[5]): missing required field "admissionReviewVersions" in io.k8s.api.admissionregistration.v1.MutatingWebhook, ValidationError(MutatingWebhookConfiguration.webhooks[6]): missing required field "admissionReviewVersions" in io.k8s.api.admissionregistration.v1.MutatingWebhook]
Does anyone knows what could be the issue here?
Thanks in advance!
step 'Update IAM settings ...' requires jq
Typoes $EC2_METADATA/latest/meta-data/local-ipv4 should be $EC2_METADATA/meta-data/local-ipv4 in ADDING SERVICE DISCOVERY TO EC2 BACKENDS
What is the problem?
The code has typoes
Typoes in https://www.appmeshworkshop.com/appendix/servicediscovery/
line21
Current code :
INSTANCE_IP=$(curl -s $EC2_METADATA/latest/meta-data/local-ipv4);
Expected code:
INSTANCE_IP=$(curl -s $EC2_METADATA/meta-data/local-ipv4);
This is a documentation issue
filter on deleted cf stacks
from:
https://www.appmeshworkshop.com/prerequisites/deploycfn/
brent:/environment $ CFN_TEMPLATE=$(aws cloudformation list-stacks | jq -c '.StackSummaries[].StackName | select( . == "appmesh-workshop" )')/environment $ echo $CFN_TEMPLATE
brent:
"appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop" "appmesh-workshop"
Cleanup section doesn't remove Amazon EKS cluster
The workshop uses eksctl
to create Amazon EKS cluster in Run the bootstrap scripts section. The cleanup of the cluster is missing in "Cleanup" chapter, and should be placed before Delete the baseline template section - otherwise CloudFormation fails to delete the baseline stack due to existing EC2 instances in the VPC.
create comprehensive cleanup script
create monitoring (non-logging/xray) content
New physical diagram
It might be useful to either create a new diagram, or update the existing one specifying the fact that we are using both Fargate and EC2 based containers.
External LB -> Ruby app (EC2) -> Internal LB -> Crystal app (Fargate)
build-containers
in build-containers scripts, docker build command should be adjusted to find proper Dockerfiles.
docker build -t crystal-service ../ecsdemo-crystal
or docker build -t crystal-service ~/environment/ecsdemo-crystal
create steps/automation to meshify nodejs
from_output script missing?
failed... trying the appmeshworkshop.com
on this step: https://www.appmeshworkshop.com/prerequisites/bootstrapsh/
likely a problem with the fetch_outputs script... there isn't a from_output script and i think something with the syntax is wrong for jq or something... maybe a single quote in a wrong place?
Unknown parameter in input: "registeredBy"
The bug reported in this Issue seem to affect the workshop on this step when trying to describe-task-definition to afterwards register-task-definition failing with the following error message:
Parameter validation failed: Unknown parameter in input: "registeredBy", must be one of: family, taskRoleArn, executionRoleArn, networkMode, containerDefinitions, volumes, placementConstraints, requiresCompatibilities, cpu, memory, tags, pidMode, ipcMode, proxyConfiguration, inferenceAccelerators
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.