我将Java webapp托管在单实例Elastic Beanstalk环境中,并添加了几个ebextension文件,这些文件在每次部署时都能为我成功创建配置文件。但是,我找不到让Beanstalk在/etc/nginx或/etc/nginx/conf.d目录中添加新配置的方法。
我遵循了此处描述的步骤:https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-singleinstance-java.html
我的部署包结构如下:
$ zip -r deploy.zip api-1.0-SNAPSHOT-all.jar .ebextensions
adding: api-1.0-SNAPSHOT-all.jar (deflated 11%)
adding: .ebextensions/ (stored 0%)
adding: .ebextensions/ssl-certificates.config (deflated 37%)
adding: .ebextensions/https-instance-securitygroup.config (deflated 38%)
adding: .ebextensions/nginx/ (stored 0%)
adding: .ebextensions/nginx/conf.d/ (stored 0%)
adding: .ebextensions/nginx/conf.d/https.conf (deflated 61%)
我的文件几乎是上述指南中样本的1:1副本。
[在部署期间,我的两个*.config文件都成功执行,但是/etc/nginx/conf.d/https.conf丢失了。我试图通过删除.ebextensions/nginx目录并将其替换为另一个从头创建.config的/etc/nginx/conf.d/https.conf文件来解决此问题,但这无济于事,并且文件仍然丢失。
我将其切换到EC2实例上,这是我在/var/log/eb-engine.log中找到的内容:
2020/05/03 19:42:37.754375 [INFO] Executing instruction: configure proxy Nginx
2020/05/03 19:42:37.754393 [WARN] skipping nginx folder under .ebextensions
2020/05/03 19:42:37.754670 [INFO] No plugin in cfn metadata.
我觉得我可能在这里错过了很明显的事情,但是令人惊讶的是我找不到解决问题的任何方法。有什么想法吗?谢谢!
我觉得我是互联网上唯一遇到此问题的人。 ;-)
在深入研究日志后,我意识到Beanstalk在部署过程的最后只是覆盖了我的Nginx配置。这意味着我.ebextensions创建的所有文件都丢失了。
我还没有找到一个合适的解决方案,但是我使用了一个部署后挂钩解决了它。我的Nginx配置文件现在在/home/ec2-user中生成,而不是在/etc/nginx中生成,如下所示:
files:
/home/ec2-user/https.conf:
content: |
server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /etc/pki/tls/certs/server.crt;
ssl_certificate_key /etc/pki/tls/certs/server.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
然后在.platform/hooks/postdeploy/99_hack_nginx.sh中(确保此目录包含在部署包中-与.ebextensions相同):
cp /home/ec2-user/https.conf /etc/nginx/conf.d
sudo systemctl reload nginx
确保它具有正确的模式:
chmod +x .platform/hooks/postdeploy/99_hack_nginx.sh
部署并享受HTTPS流量。