AWS Import / Export DUMPS from RDS MySQL

So when you are exporting a MySQL Dump from RDS in AWS and Import to another RDS Instace, you are becoming an error by importing your dump file.

Access denied; you need the SUPER privilege for this operation

https://forums.aws.amazon.com/message.jspa?messageID=183618

 

Export your MySQL to a Dump

 mysqldump -h mydb.tasdasdasd.eu-central-1.rds.amazonaws.com -u my_qa -p my_q > my_qa.sql

In your exported dump file

 

/*!50003 CREATE*//*!50017 DEFINER=`root`@`localhost`*//*!50003TRIGGER temp_product_feature_insert

root@localhost is your enemy ūüėÄ

 

Modify your Dump

Import your MySQL Dump after modify with set to your target RDS instance

You must replace it with sed

sed -e 's/DEFINER=`.*`@`.*`/DEFINER=CURRENT_USER /g' my_qasql > fixed_my_qa.sql

This change all entry¬īs to

/*!50003 CREATE*/ /*!50017 DEFINER=CURRENT_USER */ /*!50003 TRIGGER temp_product_feature_insert

 

Import your MySQL Dump after modify with set to your target RDS instance

mysql -h myprod.dfsfsdfe3.eu-central-1.rds.amazonaws.com -u my_prod -p myproddb_p  < fixed_my_qa.sql

 

 

 

GlusterFS a little How to

Add more nodes to your peer

gluster peer probe glusterfs-2.domain.com
gluster peer probe glusterfs-3.domain.com

 

Check is your Cluster up and running

 

root@glusterfs-1:~# gluster peer status
Number of Peers: 2
Hostname: glusterfs-3.domain.com
Uuid: c87cbd29-0751-4dce-bf7b-119cbdba0334
State: Peer in Cluster (Connected)
Hostname: glusterfs-2.domain.com
Uuid: b940937d-b9b3-402a-a38b-245db929e481
State: Peer in Cluster (Connected)

 

Check your Cluster Volume status

 

root@-glusterfs-1:~# gluster volume status hybrisdata
Status of volume: hybrisdata
Gluster process                             TCP Port  RDMA Port  Online  Pid
------------------------------------------------------------------------------
Brick glusterfs-1.doamin.com:/opt/data
/hybrisdata                                 N/A       N/A        N       N/A
Brick glusterfs-2.domain.com:/opt/data
/hybrisdata                                 N/A       N/A        N       N/A
Brick glusterfs-3.domain.com:/opt/data
/hybrisdata                                 N/A       N/A        N       N/A
Self-heal Daemon on localhost               N/A       N/A        Y       1243
Self-heal Daemon on glusterfs-3.domain.com  N/A       N/A     Y       1350
Self-heal Daemon on glusterfs-2.domain.com
                                        N/A       N/A        Y       1245
Task Status of Volume hybrisdata
------------------------------------------------------------------------------
There are no active volume tasks

 

Show more Details

 

root@glusterfs-3:/data/hybrisdata# gluster volume status hybrisdata detail
Status of volume: hybrisdata
——————————————————————————
Brick : Brick glusterfs-1.domain.com:/data/hybrisdata
TCP Port : 49153
RDMA Port : 0
Online : Y
Pid : 1924
File System : xfs
Device : /dev/mapper/data-vault
Mount Options : rw,discard
Inode Size : 256
Disk Space Free : 18.7GB
Total Disk Space : 20.0GB
Inode Count : 20967424
Free Inodes : 20685863
——————————————————————————
Brick : Brick glusterfs-2.domain.com:/data/hybrisdata
TCP Port : 49153
RDMA Port : 0
Online : Y
Pid : 2362
File System : xfs
Device : /dev/mapper/data-vault
Mount Options : rw,discard
Inode Size : 256
Disk Space Free : 18.6GB
Total Disk Space : 20.0GB
Inode Count : 20967424
Free Inodes : 20685863
——————————————————————————
Brick : Brick glusterfs-3.domain.com:/data/hybrisdata
TCP Port : 49153
RDMA Port : 0
Online : Y
Pid : 2348
File System : xfs
Device : /dev/mapper/data-vault
Mount Options : rw,discard
Inode Size : 256
Disk Space Free : 18.6GB
Total Disk Space : 20.0GB
Inode Count : 20967424
Free Inodes : 20685861

 

Gluster Pool Overview

 

root@qa-glusterfs-1:/data/hybrisdata# gluster pool list
UUID Hostname State
c87cbd29-0751-4dce-bf7b-119cbdba0334 glusterfs-3.domain.com Connected
b940937d-b9b3-402a-a38b-245db929e481 glusterfs-2.domain.com Connected
17ffa661-2165-41a7-a7c8-0dbdab8e191f localhost Connected

 

Add a Volume to your Cluster

root@qa-glusterfs-1:/opt/data# mkdir hybrisdata
root@qa-glusterfs-1:/opt/data# gluster volume create hybrisdata replica 3 transport tcp glusterfs-1.domain.com:/opt/data/hybrisdata glusterfs-2.domain.com:/opt/data/hybrisdata glusterfs-3.domain.com:/opt/data/hybrisdata
volume create: hybrisdata: success: please start the volume to access data

 

Start a Volume

root@glusterfs-1:/opt/data# gluster volume start hybrisdata
volume start: hybrisdata: success

 

Delete a Volume

 

root@glusterfs-3:~# gluster volume stop testvol
Stopping volume will make its data inaccessible. Do you want to continue? (y/n) yes
volume stop: testvol: success
root@glusterfs-3:~# gluster volume delete testvol
Deleting volume will erase all information about the volume. Do you want to continue? (y/n) y
volume delete: testvol: success

 

Gluster Volume Mount from Cluster Peer

mount -t glusterfs glusterfs-1.domain.com:/hybrisdata /mnt
mount -t glusterfs glusterfs-2.domain.com:/hybrisdata /mnt
mount -t glusterfs glusterfs-3.domain.com:/hybrisdata /mnt

 

GlusterFS DNS RoundRobin

Add a DNS Entry to your DNS Server

glusterfs.domain are following 3 entrys with glusterfs-1.domain.com, glusterfs-2.domain.com, glusterfs-3.domain.com

Your Client will Access glusterfs.domain:/hybrisdata and the DNS Server is responding every request with an other glusterfs server.

 

Mount GlusterFS from a Client

Install Client Tools

add-apt-repository ppa:gluster/glusterfs-3.8
apt-get update
apt-get install glusterfs-client

 

Edit your FSTAB Entry

vim /etc/fstab

add

glusterfs.domain:/hybrisdata /mnt  glusterfs defaults,_netdev 0 0

AWS Import your own SSL Cert to CertificateManager

You need AWS CLI Tools and a IAM Role “AWSCertificateManagerFullAccess” added to this Maschine.

You must split your ssl cert in 3 pieces

aws iam upload-server-certificate --server-certificate-name MySSLCertonAWS --certificate-body file://mysslcert.crt --private-key file://myprivatekey.key --certificate-chain file://chain.crt --path /cloudfront/mydomain/

 

 

AWS CentOS Resize Disk

How to Resize a Disk from AWS CentoOS Image

 

Then create a new AMI. On boot, the cloud-init "growpart" module will grow the root partition to the total EBS size. Clearly, if that's not what you what, change or ignore that advice.
You can also fix this manually with a repartition and a reboot, but this will not automatically work as a new image.
# fdisk /dev/xvda <<END
u
d
n
p
1
2048
w
END
# reboot
# (after reboot)
# resize2fs /dev/xvda1
# df -h / # should now be entire EBS volume

 

aws_centos_disk_resize

 

S3 Statische Webseite

Statt selbst zu schreiben, verlinke ich hier ūüôā

 

https://rasm.io/blog/2013/statische-website-auf-amazon-s3-hosten/

 

Kurz Beschreibung

Das Bucket muss so heißen wie die Domain. Dem Bucket sagen, wer alles zugreifen soll.

Am Besten per Policy

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Sid”: “AddPerm”,
“Effect”: “Allow”,
“Principal”: “*”,
“Action”: “s3:GetObject”,
“Resource”: “arn:aws:s3:::mein.bucket.com/*”
}
]
}

 

Der DNS Eintrag vom S3 Bucket kann bis zu 20 min gehen.

Danach in Route 53 ein A Record anlegen und Alias ausw√§hlen und nun m√ľ√üte dort das S3 Bucket auftauchen mit dem selben Namen.
Wenn nein, mal den Record anlegen mit irgendwas und dann nochmal aufrufen.

Dann ist man auch schon fertig.

 

S3 bucket policy access for a spezific user

Import you must give permission to the bucket itself and /*

 

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Sid”: “Stmt1333333300”,
“Effect”: “Allow”,
“Action”: [
“s3:DeleteObject”,
“s3:GetObject”,
“s3:PutObject”,
“s3:GetObjectAcl”,
“s3:PutObjectAcl”
],
“Resource”: [
“arn:aws:s3:::my.bucket.com/*”,
“arn:aws:s3:::my.bucket.com”
]
}
]
}

http://stackoverflow.com/questions/38774798/accessdenied-for-listobjects-for-s3-bucket-when-permissions-are-s3