Elasticbeanstalk在单个Python实例上配置HTTPS：模板中不允许使用空值 [英] Elasticbeanstalk configuring HTTPS on Single Instance of Python: null values are not allowed in templates

问题描述

我在EB（单实例）环境中部署了一个Flask应用程序并且运行良好，我现在正尝试使用自签名证书对其进行配置以对其进行测试。

I have deployed a Flask app in EB (single instance) environment and it's working well, and I'm now trying to configure it for https with a self-signed certificate to test it.

所以我添加了一个配置文件，就像它在.ebextensions的EB开发人员指南中所示（其中我有2个先前的文件用于设置satic dir路径和安装postgresql94-devel） ，现在我有：

So I added a config file like it's shown in EB Developer Guide to .ebextensions (where I had 2 previous files for setting satic dir path and to install postgresql94-devel), so now I have:

/.ebextensions
   a_packages.config
   b_path.config
   singlehttps.config
/.elasticbeanstalk
   config.yml

其中config。 yml是：

where config.yml is:

branch-defaults:
  default:
    environment: myApp-env
global:
  application_name: myApp
  default_ec2_keyname: aws-eb
  default_platform: 64bit Amazon Linux 2015.09 v2.0.6 running Python 2.7
  default_region: eu-central-1
  profile: eb-cli
  sc: null

a_packages.config是：

a_packages.config is:

packages:
  yum:
    postgresql94-devel: []

b_path.config是：

b_path.config is:

option_settings:
   "aws:elasticbeanstalk:container:python:staticfiles":
     "/static/": "flaskApp/static/"

和singlehttps.config是：

and singlehttps.config is:

Resources:
  sslSecurityGroupIngress:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
      GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}
      IpProtocol: tcp
      ToPort: 443
      FromPort: 443
      CidrIp: 0.0.0.0/0

packages:
  yum:
    mod24_ssl : []

files:
  /etc/httpd/conf.d/ssl.conf:  
  mode: "000644"
  owner: root
  group: root
  content: |
    LoadModule wsgi_module modules/mod_wsgi.so
    WSGIPythonHome /opt/python/run/baselinenv
    WSGISocketPrefix run/wsgi
    WSGIRestrictEmbedded On
    Listen 443

    <VirtualHost *:80>
      ServerName myserver
      Redirect permanent / https://myserver  
    </VirtualHost>

    <VirtualHost *:443>
      ServerName myserver

      SSLEngine on
      SSLCertificateFile "/etc/pki/tls/certs/server.crt"
      SSLCertificateKeyFile "/etc/pki/tls/certs/server.key"

      Alias /static/ /opt/python/current/app/static/
      <Directory /opt/python/current/app/static>
        Order allow,deny
        Allow from all
      </Directory>

      WSGIScriptAlias / /opt/python/current/app/application.py

      <Directory /opt/python/current/app>
        Require all granted
      </Directory>

      WSGIDaemonProcess wsgi-ssl processes=1 threads=15 display-name=%{GROUP} \
        python-path=/opt/python/current/app:/opt/python/run/venv/lib/python2.7/site-packages:/opt/python/run/venv/lib64/python2.7/site-packages \
        home=/opt/python/current/app
        user=wsgi \
        group=wsgi \

      WSGIProcessGroup wsgi-ssl
    </VirtualHost>                            

  /etc/pki/tls/certs/server.crt:
    mode: "000400"
    owner: root
    group: root
    content: |
      -----BEGIN CERTIFICATE-----
      MIID ....   fUJbS8/O+
      -----END CERTIFICATE-----


  /etc/pki/tls/certs/server.key:
    mode: "000400"
    owner: root
    group: root
    content: |
      -----BEGIN RSA PRIVATE KEY-----
      MIIEz ....... JTAwSYIw==
      -----END RSA PRIVATE KEY-----


container_commands:
  01killhttpd:
    command: "killall httpd"
  02waitforhttpddeath:
    command: "sleep 3"

因此，每当我尝试使用放在.ebextensions中的singlehttps.config创建一个新环境时，我无法部署和输出为：

So whenever I try to EB create a new environment with singlehttps.config placed in .ebextensions I can't deploy and the output is:

Enter Environment Name
(default is myApp-dev): myApp-env
Enter DNS CNAME prefix
(default is myApp-env): myApp
Creating application version archive "app-160115_183325".
Uploading myApp/app-160115_183325.zip to S3. This may take a while.
Upload Complete.
Environment details for: myApp-env
  Application name: myApp
  Region: eu-central-1
  Deployed Version: app-160115_183325
  Environment ID: ***********
  Platform: 64bit Amazon Linux 2015.09 v2.0.6 running Python 2.7
  Tier: WebServer-Standard
  CNAME: myApp.elasticbeanstalk.com
  Updated: 2016-01-15 17:34:22.209000+00:00
Printing Status:
INFO: createEnvironment is starting.
INFO: Using elasticbeanstalk-eu-central-1-************* as Amazon S3 storage bucket for environment data.
ERROR: Service:AmazonCloudFormation, Message:'null' values are not allowed in templates
ERROR: Failed to launch environment.

我很确定问题出在单个https.config中，因为没有它没有发生。我无法在日志中阅读任何有用的内容。我试着看看CloudFourmation，但我没有到达任何地方。

I'm quite sure the problem is in single https.config since without is it' not happening. I can't read anything usefull in logs. I tried to have a look at CloudFourmation but I'm not getting anywhere.

推荐答案

你应该缩进<$ c以下的所有内容$ c> /etc/httpd/conf.d/ssl.conf line：

You should indent all content below /etc/httpd/conf.d/ssl.conf line:

files:
  /etc/httpd/conf.d/ssl.conf:
    mode: "000644"
    owner: root
    group: root
    content: |
      multiline
      file content
      goes here

这篇关于Elasticbeanstalk在单个Python实例上配置HTTPS：模板中不允许使用空值的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！