Skip to content

CICD Setup for EC2

Jump to bottom
Juhi edited this page May 25, 2020 · 14 revisions

🔑 Create IAM roles

If below roles don't exist in you IAM, create them

CodeDeploy Service Role

This role gives codedeploy access to target instances (EC2 / lambda). It also provides cloudwatch, SNS access for alerts & notification
Steps --

  • Go to IAM roles and click on create role
  • Select CodeDeploy service and CodeDeploy use case for deployment to EC2
  • Add tags if required, give appropriate name and create the role

EC2 Role

This role gives code deploy agent installed on EC2 instance, access to read S3 srtifacts.
Now, the obvious question is - why does EC2 instance need access to S3?
On any change in source code, CodeDeploy is triggered. It internally converts the change as artifacts and stores it on S3. The agent installed on EC2 is supposed to get a trigger for the change. On receiving this trigger, it fetches the artifacts (changes in code) from S3.
Steps --

  • Create a new role selecting EC2 service with AmazonS3ReadOnlyAccess policy
  • Add tags if required, give appropriate name and create the role

💻 EC2 setup

If the target EC2 instance is not created, create it and attach the EC2 IAM role (IAM Role #2 in above step)

Next, ssh into the instance & install code deploy agent. Run below commands to do that.

 #!/bin/bash
 	
 # Installing CodeDeploy Agent
 sudo yum update
 sudo yum install ruby
 	
 # Download the agent (replace the region)
 wget https://aws-codedeploy-eu-west-3.s3.eu-west-3.amazonaws.com/latest/install
 chmod +x ./install
 sudo ./install auto
 sudo service codedeploy-agent status

The status should look something like this -- The AWS CodeDeploy agent is running with pid xxxx
Refer FAQ if you get 0 pid

📝 appsec.yml

To the github source code repository, add appspec.yml. This yml file tells CodeDeploy about the which code needs to be deployed and how. Populate the yml with below information

  • Specify source of the file / directory that needs to be synced to AWS instance
  • Specify destination absolute path on the AWS instance where source needs to be synced
  • Add the dependency installation script in AfterInstall
  • Specify the instructions to start / reload server in AfterInstall

⤴️ CodeDeploy

Go to CodeDeploy Application. Select EC2 / On-premises as the compute platform and create the application

Under the created application, go to deployment groups tab and create new deployment group. This group indicates which all instances need to reflect the change in source code.
Steps --

  • Add a name & select IAM role #1
  • Select in-place deployment for maintaining the instance (There is option to select blue-green deployment which will create new instances against a load balancer and de-register original ones)
  • Select Amazon EC2 instances with default deployment settings
  • For the simplest configuration, load balancing & rollbacks can be disabled

🎞️ CodePipeline

Go to AWS CodePipeline and create a new pipeline
Steps --

  • In the source provider, select github as the source provider
  • Connect to github, select the repository & branch
  • Use the recommended github webhooks which ensure fastest deployment compared to AWS Pipeline. The difference between the two is the same difference as any trigger v/s polling mechanisms.
  • For the simplest setup, skip build stage
  • Select AWS CodeDeploy as the deploy provider and input the application, deployment group details created earlier.
  • Create pipeline

👑 Congratulations! your simplest pipeline for EC2 CodeDeploy is ready.
On any new change commited to your source repo, you should see pipeline getting triggered automatically.

Basic CodePipeline

Clone this wiki locally