commit | 82bb48ec9909c77c40fe622f1e84eabaef6dab83 | [log] [tgz] |
---|---|---|
author | Antonio Barone <syntonyze@gmail.com> | Wed Nov 03 22:50:50 2021 +0100 |
committer | Antonio Barone <syntonyze@gmail.com> | Fri Nov 05 16:47:40 2021 +0000 |
tree | cb01b7d349e29a2a774eb629f2854245dc007c39 | |
parent | d38216b239ad65c58d351bf853052f379265f150 [diff] |
dual-primary: separate HTTP from SSH traffic Using a Network Load Balancer forces all the traffic to be handled at the transport level (Level 4). Whilst this is fine for SSH traffic, it is not ideal for HTTP traffic, which should be handled at application level (Level 7). Split HTTP and SSH traffic and handle HTTP traffic via an Application Load Balancer. This unlocks many benefits, among which: - Advanced routing: based on path, host, headers, request method, source IP, etc - Application-based sticky sessions - Seamless integration with X-Ray - Detailed access logs Bug: Issue 15087 Change-Id: Ie131d7c4a091c3af9b87e349fae89ce27881c32a
Those are a collection of AWS CloudFormation templates and scripts to deploy Gerrit in AWS.
The aim is to provide some guidelines and example on how to deploy different Gerrit setups in the Cloud using AWS as provider.
The goal of Gerrit AWS Templates is to provide fully-functional Gerrit installations to helps users deploying Gerrit on AWS by providing out-of-the-box templates.
With Gerrit AWS Templates, developers and administrator can create a production-ready installation on the cloud in minutes and in a repeatable way, allowing them to focus on fine tuning of the Gerrit configuration to suit the user needs.
The provided CloudFormation templates automate the entire creation and deployment of the infrastructure and the application.
To manage your AWS services via command line you will need to install AWS CLI and set it up to point to your account.
To build gerrit and related-components' images Docker
To manipulate aws cloudformation outputs jq
This is a list of external services that you might need to setup your stack and some suggestions on how to easily create them.
If you need to setup a SMTP service Amazon Simple Email Service can be used. Details how setup Amazon SES can be found here.
To correctly setup email notifications Gerrit requires ssl protocol on default port 465 to be enabled on SMTP Server. It is possible to setup Gerrit to talk to standard SMTP port 25 but by default all EC2 instances are blocking it. To enable port 25 please follow this link.
If you need a testing LDAP server you can find details on how to easily create one in the LDAP folder.
All recipes stream every log to CloudWatch. This always includes sshd_log
, httpd_log
and gc_log
.
The ‘error_log’ might or might not be available depending on which version of gerrit is being deployed. From gerrit 3.3 it will always be available. Prior to that it will be available from:
When the error_log
is not available, Gerrit will still output the same content to standard error. Refer to the standard error section.
Different recipes deploy different services to ECS (please refer to the documentation of each recipe for details on what services are actually deployed).
Every ECS service will stream anything outputted to stderr to cloudwatch, to a stream name that will take the form of:
{environmentName}/{serviceName}/{taskId}
For example, given the gerrit-primary
service running task bb21cb504ca44150b770ca05e922e332
, on the test
environment, the stderr will be streamed to:
test/gerrit-primary/bb21cb504ca44150b770ca05e922e332
The task name can be found in the Amazon ECS console's Task
section.
A set of utilities to perform operational tasks is also provided. Refer to the relevant documentation for details on this.