Nco ntsoov: Ua ntej koj pib koj yuav tsum tau nruab GoLang 1.9+ ΠΈ AWS CLI
Tsim ib cov ntaub ntawv zip
acme-dns-route53 yog sau rau hauv GoLang thiab txhawb nqa version tsis qis dua 1.9.
Peb yuav tsum tsim cov ntaub ntawv zip nrog binary acme-dns-route53 sab hauv. Ua li no koj yuav tsum tau nruab acme-dns-route53 los ntawm GitHub repository siv cov lus txib go install:
$ env GOOS=linux GOARCH=amd64 go install github.com/begmaroman/acme-dns-route53
Lub binary yog ntsia rau hauv $GOPATH/bin phau ntawv. Thov nco ntsoov tias thaum lub sijhawm teeb tsa peb tau teev ob qhov chaw hloov pauv: GOOS=linux ΠΈ GOARCH=amd64. Lawv ua kom pom tseeb rau Go compiler tias nws yuav tsum tau tsim binary haum rau Linux OS thiab amd64 architecture - qhov no yog dab tsi ua haujlwm ntawm AWS.
AWS cia siab tias peb cov kev pab cuam yuav raug xa mus rau hauv zip file, yog li cia peb tsim acme-dns-route53.zip archive uas yuav muaj cov tshiab binary ntsia:
$ zip -j ~/acme-dns-route53.zip $GOPATH/bin/acme-dns-route53
Nco ntsoov: Lub binary yuav tsum nyob rau hauv lub hauv paus ntawm lub zip archive. Rau qhov no peb siv -j chij.
Tam sim no peb zip lub npe menyuam yaus npaj txhij rau kev xa tawm, txhua yam uas tseem tshuav yog los tsim lub luag haujlwm nrog cov cai tsim nyog.
Tsim lub luag haujlwm IAM
Peb yuav tsum teeb tsa lub luag haujlwm IAM nrog cov cai xav tau los ntawm peb lub lambda thaum nws ua tiav.
Wb hu txoj cai no lambda-acme-dns-route53-executor thiab tam sim muab nws lub luag haujlwm tseem ceeb AWSLambdaBasicExecutionRole. Qhov no yuav tso cai rau peb lambda khiav thiab sau cov cav rau AWS CloudWatch kev pabcuam.
Ua ntej, peb tsim cov ntaub ntawv JSON uas piav txog peb txoj cai. Qhov no yuav tseem ceeb tso cai rau cov kev pabcuam lambda siv lub luag haujlwm lambda-acme-dns-route53-executor:
Tam sim no cia peb khiav cov lus txib aws iam create-role tsim lub luag haujlwm:
$ aws iam create-role --role-name lambda-acme-dns-route53-executor
--assume-role-policy-document ~/lambda-acme-dns-route53-executor-policy.json
Nco ntsoov: nco ntsoov txoj cai ARN (Amazon Resource Name) - peb yuav xav tau nws hauv cov kauj ruam tom ntej.
Qhov haujlwm lambda-acme-dns-route53-executor tsim, tam sim no peb yuav tsum qhia kom meej tso cai rau nws. Txoj kev yooj yim tshaj plaws los ua qhov no yog siv cov lus txib aws iam attach-role-policy, dhau txoj cai ARN AWSLambdaBasicExecutionRole raws li nram no:
$ aws iam attach-role-policy --role-name lambda-acme-dns-route53-executor
--policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
Nco ntsoov: ib daim ntawv teev npe nrog lwm txoj cai tuaj yeem pom no.
Tsim lub lambda muaj nuj nqi uas khiav aws-dns-route53
Hooray! Tam sim no koj tuaj yeem xa peb cov haujlwm rau AWS siv cov lus txib aws lambda create-function. Lub lambda yuav tsum tau teeb tsa siv cov hauv qab no hloov pauv ib puag ncig:
AWS_LAMBDA - ua kom pom tseeb aws-dns-route53 qhov kev ua tiav tshwm sim hauv AWS Lambda.
DOMAINS - ib daim ntawv teev npe sib cais los ntawm commas.