如何在Elastic Beanstalk中的EC2实例上重新启动httpd以启用HTTPS?

快将死

问题

我正在尝试在Elastic Beanstalk的EC2实例上启用HTTPS。https-instance.config.ebextensions目录中有一个文件,除其他外,文件停止并启动httpd服务器。原始的容器命令是这些命令(来自此处的AWS文档,并且在我的问题中也提到

container_commands:
  01killhttpd:
    command: "killall httpd"
  02waitforhttpddeath:
    command: "sleep 3"

但是,出现以下错误,详细信息在cfn-init.log

2020-08-25 14:51:55,622 [INFO] -----------------------Starting build-----------------------
2020-08-25 14:51:55,631 [INFO] Running configSets: Infra-EmbeddedPostBuild
2020-08-25 14:51:55,634 [INFO] Running configSet Infra-EmbeddedPostBuild
2020-08-25 14:51:55,638 [INFO] Running config postbuild_0_tiny_app
2020-08-25 14:51:55,706 [ERROR] Command 01killhttpd (systemctl restart httpd.service) failed
2020-08-25 14:51:55,706 [ERROR] Error encountered during build of postbuild_0_tiny_app: Command 01killhttpd failed
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/cfnbootstrap/construction.py", line 542, in run_config
    CloudFormationCarpenter(config, self._auth_config).build(worklog)
  File "/usr/lib/python2.7/site-packages/cfnbootstrap/construction.py", line 260, in build
    changes['commands'] = CommandTool().apply(self._config.commands)
  File "/usr/lib/python2.7/site-packages/cfnbootstrap/command_tool.py", line 117, in apply
    raise ToolError(u"Command %s failed" % name)
ToolError: Command 01killhttpd failed
2020-08-25 14:51:55,706 [ERROR] -----------------------BUILD FAILED!------------------------
2020-08-25 14:51:55,707 [ERROR] Unhandled exception during build: Command 01killhttpd failed
Traceback (most recent call last):
  File "/opt/aws/bin/cfn-init", line 171, in <module>
    worklog.build(metadata, configSets)
  File "/usr/lib/python2.7/site-packages/cfnbootstrap/construction.py", line 129, in build
    Contractor(metadata).build(configSets, self)
  File "/usr/lib/python2.7/site-packages/cfnbootstrap/construction.py", line 530, in build
    self.run_config(config, worklog)
  File "/usr/lib/python2.7/site-packages/cfnbootstrap/construction.py", line 542, in run_config
    CloudFormationCarpenter(config, self._auth_config).build(worklog)
  File "/usr/lib/python2.7/site-packages/cfnbootstrap/construction.py", line 260, in build
    changes['commands'] = CommandTool().apply(self._config.commands)
  File "/usr/lib/python2.7/site-packages/cfnbootstrap/command_tool.py", line 117, in apply
    raise ToolError(u"Command %s failed" % name)
ToolError: Command 01killhttpd failed

我尝试从中删除此重新启动https-instance.config,它可以构建,但无法连接到HTTPS。我还尝试用其他命令替换上述命令以重新启动httpd服务器,但是这些命令导致的错误与上述命令几乎相同:

container_commands:
  01restart:
    command: "systemctl restart httpd"

container_commands:
  01restartservice:
    command: "systemctl restart httpd.service"

如何重新启动httpd服务器以允许HTTPS连接到我的应用程序?

语境

  • 亚马逊Linux 2
  • Python 3.7环境中的Flask应用
  • 使用单个EC2实例,因此没有负载均衡器
  • 我只需要出于开发目的

这是https-instance.config我从AWS获得的全部信息

packages:
  yum:
    mod_ssl : []
    
files:
  /etc/httpd/conf.d/ssl.conf:
    mode: "000644"
    owner: root
    group: root
    content: |
      LoadModule wsgi_module modules/mod_wsgi.so
      WSGIPythonHome /opt/python/run/baselinenv
      WSGISocketPrefix run/wsgi
      WSGIRestrictEmbedded On
      Listen 443
      <VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile "/etc/pki/tls/certs/server.crt"
        SSLCertificateKeyFile "/etc/pki/tls/certs/server.key"
        
        Alias /static/ /opt/python/current/app/static/
        <Directory /opt/python/current/app/static>
        Order allow,deny
        Allow from all
        </Directory>
        
        WSGIScriptAlias / /opt/python/current/app/application.py
        
        <Directory /opt/python/current/app>
        Require all granted
        </Directory>
        
        WSGIDaemonProcess wsgi-ssl processes=1 threads=15 display-name=%{GROUP} \
          python-path=/opt/python/current/app \
          python-home=/opt/python/run/venv \
          home=/opt/python/current/app \
          user=wsgi \
          group=wsgi
        WSGIProcessGroup wsgi-ssl
        
      </VirtualHost>
      
  /etc/pki/tls/certs/server.crt:
    mode: "000400"
    owner: root
    group: root
    content: |
      -----BEGIN CERTIFICATE-----
      MIID8zCCAtsCFGzyKrXOsCiyLHRPfBG75SlmQyXqMA0GCSqGSIb3DQEBCwUAMIG1
      ...
      PuulTMAZWNXHa0g+XbRTtOQDA8FA0vlA80B+rFUQESSo2Cw5JKXTaL9OpMMG/t9S
      qvv+vGuaIw==
      -----END CERTIFICATE-----

       
  /etc/pki/tls/certs/server.key:
    mode: "000400"
    owner: root
    group: root
    content: |
      -----BEGIN RSA PRIVATE KEY-----
      MIIEogIBAAKCAQEA+OYzho7mXLUY6zTTqBIibsk2rfuJIO2xN2moIUNTqzJS8Yv6
      ...
      cSQsBzRR1Z5hl77Qa6gwiDx7rYswWtQt/8zsY8OUB3kg1SqriwI=
      -----END RSA PRIVATE KEY-----

container_commands:
  01restartservice:
    command: "systemctl restart httpd.service"
马辛

您的命令失败的原因是在Amazon Linux 2 Python 3.7环境中没有httpd(其物理安装,但未激活)。您可以通过插入实例并运行以下命令来验证这一点:

sudo systemctl status httpd

相反, nginxgunicornas wsgi。您提供的AWS文档的链接适用于Amazon Linux 1,而非2。

因此,SSL证书或HTTPs应该设置使用nginx的配置文件.platform/nginx/conf.d/文件夹。

本文收集自互联网,转载请注明来源。

如有侵权,请联系[email protected] 删除。

编辑于
0

我来说两句

0条评论
登录后参与评论

相关文章

来自分类Dev

如何在Elastic-Beanstalk创建的EC2实例上设置标签

来自分类Dev

如何在Elastic Beanstalk环境中自定义EC2实例

来自分类Dev

AWS Elastic Beanstalk-如何在同一ec2实例中运行php和nodejs

来自分类Dev

如何以编程方式重新启动和更改EC2实例的终止保护

来自分类Dev

如何在AWS EC2上增加根磁盘的大小以用于Elastic Beanstalk?

来自分类Dev

如何在AWS Elastic-Beanstalk上自动重新启动节点应用程序

来自分类Dev

如何在Elastic Beanstalk上添加PATH

来自分类Dev

每次启动EC2实例时,Elastic Beanstalk是否运行所有部署命令?

来自分类Dev

如何在 Elastic Search 中编写条件

来自分类Dev

如何在AWS Elastic Beanstalk上运行Rails后台作业?

来自分类Dev

如何在Amazon Elastic Beanstalk上安装PHP IMAP扩展

来自分类Dev

如何在AWS Elastic Beanstalk上运行celery worker?

来自分类Dev

如何在 AWS Elastic Beanstalk 上设置编码?

来自分类Dev

如何与 Elastic Beanstalk 多容器环境共享 AWS EC2 实例

来自分类Dev

如何在.net中读取Elastic Beanstalk环境属性?

来自分类Dev

如何在AWS Elastic Beanstalk中基于延迟配置扩展?

来自分类Dev

如何在Elastic Beanstalk中运行'rake db:drop'

来自分类Dev

如何在没有负载均衡器的 EC2 实例上设置 HTTPS?(aws)

来自分类Dev

如何在EC2实例上启动scrapyd服务器

来自分类Dev

Elastic Beanstalk:在同一可用区中创建EC2和RDS实例

来自分类Dev

如何在AWS Elastic Beanstalk服务器上使用Nginx启用WebSocket?

来自分类Dev

如何为Elastic Beanstalk URL启用HTTPS

来自分类Dev

如何在EC2启动实例请求中获取公共IP地址?

来自分类Dev

如何在Ansible中启动所有AWS EC2实例

来自分类Dev

如何在计划的时间终止和还原Elastic Beanstalk环境?

来自分类Dev

如何在AWS Elastic Beanstalk上部署next.js?

来自分类Dev

如何在Amazon Elastic Beanstalk实例中安装Oracle Java 7

来自分类Dev

如何在AWS Elastic Beanstalk Docker实例中更改logrotate的设置

来自分类Dev

如何在Amazon EC2实例上安装jq

Related 相关文章

  1. 1

    如何在Elastic-Beanstalk创建的EC2实例上设置标签

  2. 2

    如何在Elastic Beanstalk环境中自定义EC2实例

  3. 3

    AWS Elastic Beanstalk-如何在同一ec2实例中运行php和nodejs

  4. 4

    如何以编程方式重新启动和更改EC2实例的终止保护

  5. 5

    如何在AWS EC2上增加根磁盘的大小以用于Elastic Beanstalk?

  6. 6

    如何在AWS Elastic-Beanstalk上自动重新启动节点应用程序

  7. 7

    如何在Elastic Beanstalk上添加PATH

  8. 8

    每次启动EC2实例时,Elastic Beanstalk是否运行所有部署命令?

  9. 9

    如何在 Elastic Search 中编写条件

  10. 10

    如何在AWS Elastic Beanstalk上运行Rails后台作业?

  11. 11

    如何在Amazon Elastic Beanstalk上安装PHP IMAP扩展

  12. 12

    如何在AWS Elastic Beanstalk上运行celery worker?

  13. 13

    如何在 AWS Elastic Beanstalk 上设置编码?

  14. 14

    如何与 Elastic Beanstalk 多容器环境共享 AWS EC2 实例

  15. 15

    如何在.net中读取Elastic Beanstalk环境属性?

  16. 16

    如何在AWS Elastic Beanstalk中基于延迟配置扩展?

  17. 17

    如何在Elastic Beanstalk中运行'rake db:drop'

  18. 18

    如何在没有负载均衡器的 EC2 实例上设置 HTTPS?(aws)

  19. 19

    如何在EC2实例上启动scrapyd服务器

  20. 20

    Elastic Beanstalk:在同一可用区中创建EC2和RDS实例

  21. 21

    如何在AWS Elastic Beanstalk服务器上使用Nginx启用WebSocket?

  22. 22

    如何为Elastic Beanstalk URL启用HTTPS

  23. 23

    如何在EC2启动实例请求中获取公共IP地址?

  24. 24

    如何在Ansible中启动所有AWS EC2实例

  25. 25

    如何在计划的时间终止和还原Elastic Beanstalk环境?

  26. 26

    如何在AWS Elastic Beanstalk上部署next.js?

  27. 27

    如何在Amazon Elastic Beanstalk实例中安装Oracle Java 7

  28. 28

    如何在AWS Elastic Beanstalk Docker实例中更改logrotate的设置

  29. 29

    如何在Amazon EC2实例上安装jq

热门标签

归档