• PRODUCT

    PRODUCT

  • PRICING
    PRICING

  • HELP
    HELP

  • BLOG
    BLOG

  • APPSTORE
    APPSTORE

  • COMPANY
    COMPANY

  • LEGAL
    LEGAL

  • LOGIN
    LOGIN

  • Workflow Automation

    Workflow Automation

  • AI Assisted Content Management System
    AI Assisted Content Management System

  • Analytics & Lead Generation
    Analytics & Lead Generation

  • Automation Projects
    Automation Projects

  • Browser Extension Apps
    Browser Extension Apps

  • Dashboard Theme Analysis: LN1
    Dashboard Theme Analysis: LN1

  • Data Exchange Automation Tools
    Data Exchange Automation Tools

  • Getting Started With Building Hybrid Apps
    Getting Started With Building Hybrid Apps

  • Izyware Hybrid UX Design Guidelines
    Izyware Hybrid UX Design Guidelines

  • Onboarding New Organizations Using Izyware
    Onboarding New Organizations Using Izyware

  • Legacy Features and Backward Compatibility
    Legacy Features and Backward Compatibility

  • How does the legacy frame architecture work
    How does the legacy frame architecture work

  • Izyware Legacy UI Circus Engine
    Izyware Legacy UI Circus Engine

  • Case Studies and Knowledge Center
    Case Studies and Knowledge Center

  • Angular and React Embedding Guide
    Angular and React Embedding Guide

  • Build and deploy a content distribution app in less than five minutes: Part II
    Build and deploy a content distribution app in less than five minutes: Part II

  • Comparison of CSS Preprocessors SASS vs LESS vs STYLUS
    Comparison of CSS Preprocessors SASS vs LESS vs STYLUS

  • Comparison of node.js test frameworks and utilities: lab, chai, sinon
    Comparison of node.js test frameworks and utilities: lab, chai, sinon

  • Manage and automate your day to day business tools using IzyCloud Tasks: Part I
    Manage and automate your day to day business tools using IzyCloud Tasks: Part I

  • MySql Performance Optimization
    MySql Performance Optimization

  • Onboarding Tutorial: Creating & publishing an app
    Onboarding Tutorial: Creating & publishing an app

  • Rebranding and Customizing Websites
    Rebranding and Customizing Websites

  • Using IzyCloud on Android: IzyCloud Query App
    Using IzyCloud on Android: IzyCloud Query App

  • Technical Resources
    Technical Resources

  • .NET SDKCore IzyWare
    .NET SDKCore IzyWare

  • ElasticSearch IzyWare Data Console Feature
    ElasticSearch IzyWare Data Console Feature

  • End To End Testing
    End To End Testing

  • End To End Testing, Part II
    End To End Testing, Part II

  • frames and nav (ui/w/shell/navmulti) README
    frames and nav (ui/w/shell/navmulti) README

  • izy-circus README
    izy-circus README

  • izy-idman-tools README
    izy-idman-tools README

  • izy-pop3 README
    izy-pop3 README

  • izy-proxy README
    izy-proxy README

  • izy-sync README
    izy-sync README

  • IzyIDE README
    IzyIDE README

  • IzyShell readme
    IzyShell readme

  • ReKey Feature Package README for IzyWare SQL Console
    ReKey Feature Package README for IzyWare SQL Console

  • Single Sign-On (SSO) README
    Single Sign-On (SSO) README

  • Tasks Migration : V5 guidelines
    Tasks Migration : V5 guidelines

  • Users & Groups README
    Users & Groups README

  • V5 Migration : apps/pulse guidelines README
    V5 Migration : apps/pulse guidelines README

  • Container Orchestration
    Container Orchestration

  • Izy Kubernetes Internal Networking Troubleshooting
    Izy Kubernetes Internal Networking Troubleshooting

  • Application Hosting
    Application Hosting

  • Content Publisher
    Content Publisher

  • Domain Registration
    Domain Registration

  • Email Hosting
    Email Hosting

  • Izyware Browser Extension
    Izyware Browser Extension

  • Izyware Deployment Engine
    Izyware Deployment Engine

  • Izyware Session Management
    Izyware Session Management

  • Messaging System APIs and functionality
    Messaging System APIs and functionality

  • Single SignOn
    Single SignOn

  • Integration APIs
    Integration APIs

  • iOS SDK
    iOS SDK

  • Azure and .NET
    Azure and .NET

  • izy-devops
    izy-devops

  • << Azure and .NET
    << Azure and .NET

  • izy-devops

  • Perform devops actions such as connecting the Izy Platform to Amazon Web Services (AWS) should be easy. In this article we discuss common problems and issues that may arise.

  • Working with AWS CLI Profiles

    Most users have their machines setup so that they have have a an ~/.aws/config file with different profiles:

    [default]

    region = us-east-1

    role_arn = arn:aws:iam::XXXXX:role/engineer

    source_profile = default

    [profile john]

    role_arn = arn:aws:iam::YYYYY:role/marketing

    source_profile = default

    [profile james]

    role_arn = arn:aws:iam::ZZZZ:role/marketing

    source_profile = default

    This will allow you to pass --profile john to the CLI.

    However, AWS node SDK does not support the profile option. You can always verify the "current user" by:

    izyaws.sh userId sts get-caller-identity

    Or, from the scripting environment:

    const sts = new AWS.STS();

    sts.getCallerIdentity((err, data) => {

    console.log(err, data);

    });

    To work around this problem, you can use assume role:

    izyaws.sh sts assume-role --role-arn "arn:aws:iam::xxxx" --role-session-name yourname --duration-seconds 3600

    Remember that new IAM users by default may not have any permissions or be part of any groups. You can use the following as a starting point:

    // full access to AWS services and resources.

    {

    "Version": "2012-10-17",

    "Statement": [

    {

    "Effect": "Allow",

    "Action": "*",

    "Resource": "*"

    }

    ]

    }

    You can then set

    export AWSACCESSKEY_ID=

    export AWSSECRETACCESS_KEY=

    export AWSSESSIONTOKEN=

    After you are done, be sure to unset the variables by

    unset AWSACCESSKEYID AWSSECRETACCESSKEY AWSSESSIONTOKEN

    If you need to generate a One Time Password from the cli use

    npm run otp.generate queryObject.secretStrBase32 your_secret

    npm run otp.generate queryObject.secretPath ~/.aws/otpsecret

    npm run otp.generate queryObject.secretPath ~/googleAccount1/otpsecret

    To create an aws session automatically using the otp feature do

    izy.aws "sts?newSession"

    Debugging AWS Node SDK Network Traffic

    You can use the following snippet inside aws-sdk/lib/http/node.js.

    console.log('HTTP_REQUEST', JSON.stringify(httpRequest, null, 2));

    var stream = http.request(options, function (httpResp) {

    console.log('OK-------------------------');

    var str = '';

    var response = httpResp;

    response.on('data', function (chunk) {

    str += chunk;

    });

    response.on('end', function () {

    console.log({

    success: true,

    responseText: str,

    status: response.statusCode,

    headers: response.headers

    });

    });

    return ;

    Working with SSH and RSYNC to access containers

    You can access the ssh scripts by the ssh prefix:

    izy.devops "ssh?shell" MACHINE_ID

    izy.devops "ssh?runx.sh" . "xeyes"

    izy.devops "rsync?download" . "~/Downloads/" ~/izyware/izy-idman-tools/id/x/Desktop/Downloads/

    izy.devops "rsync?upload" . "~/Downloads/" ~/izyware/izy-idman-tools/id/x/Desktop/Downloads/

    izy.devops "rsync?nodesync" ~/plat/p/servers/machine "~/codepath" appname

    pem file permissions

    You may get the following error when trying to SSH into the EC2 instance:

    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

    @ WARNING: UNPROTECTED PRIVATE KEY FILE! @

    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

    Permissions 0644 for 'private.pem' are too open.

    To fix this chmod to

    chmod 400 private.pem

    AWS Quirks

    Use the following tools and processes to workaround the issues from aws.

    Codebuild

    You can check the latest build status and logs by:

    izy.aws "codebuild?check" queryObject.izyUser 86 queryObject.showLogs true queryObject.projectName myProject

    Exploring codebuild setup and viewing a build projects details

    npm run codebuild.projectDetails queryObject.izyUser 86 queryObject.projectName myProject

    To debug your code build scripts (buildspec.*) use the provided docker Image:

    docker build -f codebuild/Dockerfile -t izy-aws-codebuild:7.0 .;

    You can then shell into the environment and run your commands:

    docker run -e BUILDDIR=pwd --env-file ~/dockerenv-file.list -v /var/run/docker.sock:/var/run/docker.sock -v pwd:/sourcedirectory -it --entrypoint sh izy-aws-codebuild:7.0 -c bash;

    docker_shell>rsync -av /sourcedirectory/ ~/src;

    dockershell>killanddeletedata.sh imagekeyword (i.e. sql)

    Notice that if you dont have a env file or AWS credentials are not available as environment variables you share your .aws folder:

    -v echo ~/.aws:/root/.aws

    If your application generates or uses docker containers as part of its CICD, you will need to use privilaged mode inside codebuild. Notice that the filesystem/volume mapping and network interfaces addresses can get confusing in this case. The most common issue reported on MacOS platforms vs Linux (Codebuild) is that the docker-compose volume mapping (using the volumes block) on Mac will only work if full path to host operating system is provided. Therefore, it is recommended to use the BUILD_DIR variable.

    You may use the dockertools/serviceprobe docker image to troubleshoot these issues. Refer to the Dockerfile for more information and examples about how to use the tool. Notice that if you are using dockercompose you can specifiy the following in the environment section:

    ENV CONTAINER_CONTEXT: Service Probe

    ENV SLEEP_SECONDS: 5

    ENV CMDTORUN: /usr/bin/nc -vz localhost 3306

    Route53

    • Redirect apex domain to www using Route 53: You should create an S3 bucket, Properties > Static website hosting and setup Redirect requests. Once thats setup, you can add a record for A - IPv4 address. Select Yes for Alias, and enter the S3 bucket you created earlier.

    Terraform

    We recommend using the Terraform docker image. We provide template apps in the apps folder. As an example, to quickly setup and deploy a static website for a domain follow these steps:

    Deep clone the app directory:

    rsync -rv apps/static-website/ myfolder

    cd myfolder;

    Update the variables (domain, aws credentials, etc.) inside the

    vi terraform_config.sh

    Make sure that you dont use the naked (apex) domain name and use a prefix (www, etc.). DNS protocol does not support CNAME records or 301 redirects for the apex record. See the section regarding AWS Quirks below to learn how to redirect the apex to your subdomain (domain -> www.domain).

    Shell into the image:

    docker run -v pwd:/izyhostdir -it --entrypoint sh hashicorp/terraform:latest

    Once inside the image, do:

    clear; cd /izyhostdir; source ./terraform_config.sh; terraform apply -auto-approve;

    The output should print the list of environment variables that will be used below:

    export AWSCLOUDFRONTDISTRIBUTIONDOMAINNAME=GRABFROMTERRAFORM_OUTPUT;

    export AWSCLOUDFRONTDISTRIBUTIONID=GRABFROMTERRAFORMOUTPUT;

    export AWSS3BUCKETID=GRABFROMTERRAFORMOUTPUT;

    You can push your files to the s3 bucket:

    izyaws.sh s3 cp /izyhostdir/src s3://$AWSS3BUCKET_ID --recursive

    Make sure to invalidate the cloudfront distribution after the push

    izyaws.sh cloudfront create-invalidation --distribution-id $AWSCLOUDFRONTDISTRIBUTION_ID --paths "/*"

    Terraform Quirks

    • awscloudfrontdistribution

    * when this is being created for the firsttime, you might get a "Missing required argument" error, followed by The argument "origin.0.domain_name" is required, but no definition was found.. rerunning the plan will address this.

    * viewer_certificate block for cloudfront will only accept certificates that are in us-east-1, regardless of your region.

    Docker

    When running out of space, do

    deleteall.sh

    If you have a stateful container (i.e. mysql), you should stop and delete its state by

    killanddeletedata.sh grepStr (mysql)

    To build runtimes

    docker build -f dockertools/nodejs/Dockerfile -t izy-nodejs:16.0 .;

    docker run -it --entrypoint sh izy-nodejs:16.0 -c bash;

    Links

    github

    ChangeLog

    V7.1

    • 7100006: use Wake Lock API for keep the browser from sleeping

    * May not work on some device since Permissions-Policy: screen-wake-lock=; may be required.

    • 7100005: implement nodesync functionality
    • 7100004: add the ssh and rsync scripts
    • 7100003: rename from izy-aws to izy-devops
    • 7100002: clean environment variables for sts session before calling aws cli
    * if set incorrectly aws cli will fail
    • 7100001: implement automatic sts session creation using the OTP feature

    V7.0

    • 7000002: codebuild scripts bug fix and improvements
    • 7000001: add support for OTP generation

    V6.9

    • 6900005: add codebuild docker image
    • 6900004: add dockertools scripts
    • 6900003: add dockertools/serviceprobe
    • 6900002: add apps/static-website sample app with terraform
    • 6900001: Codebuild - implement projectDetails

    * useful for exploring codebuild setup and viewing a build projects details in AWS CodeBuild

    * utilize callpretty for better output

    * add verbose logging

    V6.8

    • 6800002: Codebuild migration
    • 6800001: initial migration

    github: https://github.com/izyware/devops