AWS CodeDeploy is a fully managed serverless deployment service that allows developers to automate the process of deploying code, while providing built-in security and scalability. Getting started with AWS CodeDeploy can be done in just a few minutes!
AWS CodeDeploy is a service that allows you to deploy your application in the cloud. This tool provides several benefits such as faster deployment and scalability. In this blog, we will go through the steps of getting started with AWS CodeDeploy. Read more in detail here: how to deploy application in aws ec2.
Toil is exacerbated by manual application deployments to an AWS EC2 virtual server. When you handle services in production, toil is the consequence of repeated manual procedures. So, how can you avoid working? The key is AWS CodeDeploy.
In this article, you’ll learn how to use the AWS CodeDeploy tool to deploy programs to an Amazon EC2 instance and save time.
Continue reading to find out more!
Prerequisites
This will be an interactive presentation. If you want to follow along, make sure you have these items:
- AWS account is required. A free tier account is available if you don’t already have an AWS account.
- AWS CLI installed and configured
- This tutorial needs Docker 20.10.18 on a compatible Linux or Windows operating system with Docker Desktop installed.
CodeDeploy: An Overview
CodeDeploy is an AWS compute service deployment service that automates software deployments. Elastic Compute Cloud (EC2), Fargate, Lambda functions, Elastic Compute Service, and even on-premise servers are among the AWS compute offerings.
An AppSpec configuration file in either YAML or JSON format is used to configure the deployment process of an application delivered through CodeDeploy. AppSec defines the kind of AWS resource to use and is put in the deployment folder for the application.
Using the AWS Console to create IAM Roles and Policies
Before you can use AWS CodeDeploy to deploy an application, you must first build an Identity and Access Management (IAM) role and rules. On AWS, an IAM role is a collection of rules that provide people access to your AWS resources, while an IAM policy is a set of rights to grant to a resource.
Create a custom IAM Policy in this area to enable EC2 to connect to AWS S3 and the Systems Manager services. Then, using the AWS interface, establish two IAM roles with the proper trust policies to attach the policies and provide access to CodeDeploy.
Managing an EC2 Instance with a Custom IAM Policy
To begin, build a custom policy that authorizes access to AWS S3 and Systems Manager services for an EC2 instance running the python-shortner-application application.
Although you may build the policy using the AWS CLI, the GUI way is shown in this post.
1. Navigate to the IAM Policies area of your AWS management interface by searching for “IAM Policies” and selecting Policies from the Features menu.
The IAM Policies section is now open.
2. Go to the Policies page and click the Create Policy button in the top-right corner to start the three-step process of establishing a new policy.
Developing a new Identity and Access Management policy
3. Switch to the JSON editor by clicking the JSON tab on the Create Policy page and pasting the JSON object below into the editor. The s3:Get* and s3:List* actions in the policy object below enable data retrieval from the AWS S3 service.
“Version”: “2012-10-17”, “Statement”: [ “Action”: [“s3:Get*”, “s3:List*”], “Effect”: “Allow”, “Resource”: “*”], “Action”: [“s3:Get*”, “s3:List*”], “Effect”: “Allow”, “
To advance to the next stage, click the Next: Tags button to get to the tags page (no tags are required to be assigned), and then click the Next: Evaluate button to go to the final phase, where you will review and name the new policy.
In the Create Policy page, you may add a policy object to the JSON editor.
4. In the Review Policy phase, give the policy a name and a description in the Policy Name and Description input boxes, then save it by clicking the Create Policy button.
- Name of policy: CodeDeploy-EC2-Permission
- Policy description: CodeDeploy policy to be applied to a role for an EC2 instance.
The CodeDeploy-EC2-Permission policy’s name
Creating the IAM Role CodeDeploy-EC2-Permission
Now that you have the policy you need for the right EC2 permissions, you must establish and connect it to the role CodeDeploy-EC2-Permission, which will be created later.
1. Navigate to the IAM Roles service part of your AWS management interface by typing “IAM Roles” into the search box and selecting Roles from the Features menu.
The IAM Roles section is now open.
2. Return to the IAM console’s Roles page and click the Create Role button in the top-right corner of the page to start the process of establishing a new role.
To begin the process of establishing an IAM role, click the Create Role button.
3. Select the EC2 option as a typical use case on the Create Role page, then click the Next: Permissions button at the bottom of the page. When you choose EC2 as a typical use case, the EC2 instance may make calls to other AWS services on your behalf.
Choosing EC2 as a typical use case
4. On the Attach permissions policies page, search for CodeDeploy-EC2-Permission in the policies search field and click the checkbox to add the policy. The CodeDeploy-EC2-Permission policy grants the role access to the previously established permissions object.
The CodeDeploy-EC2-Permission policy is attached to the IAM role.
5. Next, type SSM into the permissions search field and choose the AmazonSSMManagedInstanceCore policy from the drop-down menu. The AmazonSSMManagedInstanceCore policy grants the IAM role access to the AWS Systems Manager’s core capability, which is used to help manage EC2 instances.
IAM role with AmazonSSMManagedInstanceCore policy attached
To move to the Tags stage (no tags must be assigned), click the Next: Review button, and then click the Next: Review button to go to the last step, where you will review and name the new position.
6. On the Review page, give this new position a name and a description, as shown below, and save the role by clicking the Create Role button.
- python-app-ec2-codedeploy-role is the name of the role.
- Role description: To utilize CodeDeploy, this role must be tied to an EC2 instance.
Reviewing the python-app-ec2-codedeploy-role details
Creating the CodeDeploy IAM Role
After you’ve established the required role for an EC2 instance to access AWS S3 and SSM, you’ll need to construct the IAM Role for CodeDeploy.
1. Go back to the Roles page and click the Create Role button in the top-right corner to start the four-step process of establishing a new role.
To begin the process of establishing an IAM role, click the Create Role button..
2. Select the CodeDeploy option at the bottom of the Create role page as a typical use case and click the Next: Permissions button at the bottom of the page. When you choose CodeDeploy, you give it permission to contact other AWS services on your behalf.
Locating a frequent CodeDeploy use case
Choosing the CodeDeploy scenario
3. The AWSCodeDeployRole is immediately associated to the new role when the CodeDeploy common use case is chosen. The CodeDeploy agent does deployments to an EC2 instance on your behalf using the AWSCodeDeployRole policy.
The linked policies to the CodeDeploy use case are shown.
To move to the Tags stage (no tags must be assigned), click the Next: Review button, and then click the Next: Review button to go to the last step, where you will review and name the new position.
4. Finally, in the Role Name and Description input boxes, give this new role a name and a description, then click the Create Role button to save it.
- CodeDeploy-Deployment-Role is a role.
- Role description: The CodeDeploy Deployment Group uses this role.
Examining the CodeDeploy IAM Role’s specifics
AWS EC2 Instance Creation
You’ll now establish a t2.micro instance running an Ubuntu-based Amazon Machine Image after creating an IAM role. To execute the python-shortner-application later in this tutorial, you’ll construct an EC2 instance. You’ll connect the IAM role you generated to the instance once you’ve created it.
1. You must first build a key pair before you can construct an EC2 instance. Search for “key pairs” in the AWS Console and choose Key pairs under Features.
The EC2 Key Pairs functionality may be found here.
2. After that, choose Create key pair.
Putting together a key pair
3. Download the Private Key in either.ppk (PuTTY) or.pem (OpenSSH) format, and give it the name “PythonEC2KeyPair.” When you click Create key pair, the private key will be downloaded right away.
Putting the key pair values in
Downloading the key pair’s private key
4. Run the create-security-group command below in a terminal with an AWS CLI attached to establish a security group for the EC2-Classic instance called python-app-ec2-sg, which works as a firewall.
—group-name python-app-ec2-sg —description “Security group for EC2 instance running python application.” aws ec2 create-security-group
EC2 security group creation
5. Now run the authorize-security-group-ingress command to activate a rule for the python-app-ec2-sg security group you defined before.
Incoming traffic from all sources (—cidr 0.0.0.0/0) that reach —port 8000 opened by python-shortner-application is enabled by the rule defined by the command below.
—group-name python-app-ec2-sg —protocol tcp —port 8000 —cidr aws ec2 authorize-security-group-ingress 0.0.0.0/0
Creating a rule for the Amazon EC2 security group
To execute the python-shortner-application on an EC2 instance (aws ec2 run-instances), use the command below.
To control inbound traffic to the instance, the EC2 instance utilizes the Ubuntu Server 20.04 LTS image, —image-id ami-00399ec92321828f5, and the security group, —security-groups python-app-ec2-sg, that was previously established.
The —image-id argument in the code below refers to the Amazon Machine Image for Ubuntu Server 20.04 LTS (HVM), SSD Volume Type. To retrieve a list of all accessible AMIs, use the aws ec2 describe-images command.
—image-id ami-00399ec92321828f5 —count 1 —instance-type t2.micro —key-name PythonEC2KeyPair —security-groups python-app-ec2-sg aws ec2 run-instances —image-id ami-00399ec92321828f5
You’ll need the instance-id that the command returns in the following step.
Obtaining the EC2 instance’s instance ID
7. Use the InstanceId previously indicated after the —resources argument in the create-tag command below.
When you build a deployment group inside a CodeDeploy application, the tag supplied to the instance, —tags Key=used by,Value=python-app, will be used to match the instance.
—resources “i-0280eebb615ed3731” —tags Key=used by,Value=python-app aws ec2 create-tags
Creating the EC2 tags that are required
8. Run the instructions below to establish an instance profile, assign it a role, and associate it with the EC2 instance.
At this point, the EC2 instance has a role with all of the rules required to utilize CodeDeploy and Azure Sessions Manager.
aws iam create-instance-profile —instance-profile-name # Creates an instance profile for passing role and information to an EC2 instance. Python-app-ec2-instance-profile # The python-app-ec2-codedeploy-role aws adds the previously established instance profile. —role-name python-app-ec2-codedeploy-role —instance-profile-name iam add-role-to-instance-profile Python-app-ec2-instance-profile # aws ec2 associate-iam-instance-profile —instance-id “i-0280eebb615ed3731” associates the instance profile to the EC2 instance —iam-instance-profile Name=Python-app-ec2-instance-profile
Adding the instance profile role and creating the instance profile
Associating the role with the IAM instance profile
9. Finally, look at the summary of the EC2 instance you created in the AWS interface.
Viewing the EC2 instance’s overview
Getting the code for the python-shortner-application for deployment
Although you will be deploying your own program, this lesson includes an example Python application for testing. The attached GitHub repository has a finished version of this example Python program named python-shortner-application, which includes the deployment files.
The python-shortner-application is pre-built using the FastAPI Web Framework and offers a GET and POST endpoint for URL abbreviation. FastAPI is a framework for creating Python APIs that is very fast.
The files that come with the python-url-shortner folder are listed below.
- Dockerfile and docker-compose.yml — These two files provide the settings required to construct a Docker container for this application. A database service for the MongoDB database and a Python API service for the python-shortner-application are both included in the docker-compose.yml file. MongoDB is a document-based, open-source NoSQL database for storing large amounts of data.
- A routes.py file — Creates a GET and POST API endpoint for URL abbreviation using the FastAPI client class.
- A requirements.txt file – This file contains a list of all Python packages installed in the python-shortner-application virtual environment.
You must either download the files or clone the ATA Scripts repository and utilize the files in the python-url-shortner directory before proceeding on and uploading these files to an AWS S3 bucket for deployment (where AWS CodeDeploy takes source files from).
# git clone https://github.com/Adam-the-Automator/Scripts.git ATA Scripts Repository # Use cd to get to the python-url-shortner directory. Scriptspython-url-shortner # ls displays the contents of the directory.
Examining the GIT repository
If you have Docker installed locally, you may run docker-compose up in the python-url-shortner directory to test the application locally.
AWS S3 Storage Bucket Uploading Source Code
The code must first be uploaded and stored in an AWS S3 bucket before it can be deployed. The source code will be used for the two deployments that you will make in this course.
1. Run the following s3api create-bucket command in a terminal with an AWS CLI attached to construct the requisite bucket to store the code. The bucket is called python-app-bucket and is set to be publicly accessible through the public-read ACL and in the same region as your EC2 instance in this example.
Bucket names must be unique since they are shared by all AWS customers. The date has been inserted for uniqueness in this example, but you will need to modify yours accordingly.
aws s3api —acl public-read —create-bucket-configuration create-bucket —bucket python-app-bucket-10212021 LocationConstraint=us-east-2
Creating an Amazon Web Services S3 bucket
2. Next, use the tar command to compress the files in the codedeploy-files subdirectory for python-shortner-application into a GZIP TAR file called python-app.tar.gz. On each deployment, CodeDeploy will download and extract the file.
tar -czvf python-app.tar.gz.codedeploy-files
GZipped TAR file creation
3. Finally, use the cp command to transfer the compressed file (python-app.tar.gz) to the AWS S3 bucket (s3:/python-app-bucket-10212021) that you previously generated.
aws s3 cp s3:/python-app-bucket-10212021/python-app.tar.gz
Using AWS S3 to upload the resulting GZipped TAR file
AWS CodeDeploy: Creating an AppSpec.yml and Additional Deployment Files
You should now have a clear knowledge of the setup and requirements required. Now it’s time to use CodeDeploy to deploy the sample application to production. However, you must first construct AppSpec as well as the container start and stop script files.
1. Create an appspec.yml file in the root directory of the python-shortner-application folder using your favourite code editor. The AppSpec settings for CodeDeploy will be stored in the appspec.yml file.
All of this is available in the linked GitHub directory, but it’s also covered in this lesson.
When the three lifecycle event hooks specified in the code below are run independently throughout the deployment process, Docker and docker-compose will be installed. On the EC2 instance, Docker and docker-compose are also used to create a Docker image of the application.
# The deployment version, which starts at 0.0 and is automatically incremented by CodeDeploy after each successful deployment: 0.0 # The operating system installed on the computing resource in question. # Use Linux as the value for EC2 instances running Ubuntu, RHEL, or Linux Amazon Machine Images (AMI). os: linux # A list of files that should be copied on each deployment. files: # In each application revision, a directory to copy; if simply a “/” is supplied for the source, all files in that directory are copied. – source: / app destination: # The “hooks” section specifies the scripts that will be executed in response to each Lifecycle event. “BeforeInstall”, “ApplicationStop”, “ApplicationStart”, “ValidateService” hooks: # Perform the following procedures before beginning the installation process. BeforeInstall: # The directory where the “install docker.sh” script for installing Docker and Docker-compose is stored. – script name: install docker.sh # Use root rights to run the CodeDploy agent. root runas # Using the specified script, run the lifecycle event to end the application. ApplicationStop: – timeout: 2000 – location: stop.sh root runas # Start the application using the given script by running the lifecycle event. timeout: 3600 ApplicationStart: – location: start.sh root runas
2. Now, in the root directory of python-shortner-application, create an install docker.sh file and paste the code below into it. The BeforeInstall event in the preceding code within the appspec.yml is referenced by the install docker.sh file.
The following code updates the apt repository and installs all of the packages required to install Docker and Docker Compose on the host virtual machine.
#!/bin/bash # Update container Linux image APT repository data apt-get update # Install Docker required packages apt-get -y install apt-transport-https ca-certificates lsb-release # Add the Docker GPG key to trust the Docker APT repository curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg –dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg echo “deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable” | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null # Update container Linux image APT repository data again after adding the Docker repository apt-get update # Install the Docker community edition and cli apt-get -y install docker-ce docker-ce-cli containerd.io # Download docker-compose executable file, replace the 1.29.2 listed below with the latest version you intend to use. curl -L “https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)” -o /usr/local/bin/docker-compose # Change permission of docker-compose to become executable chmod +x /usr/local/bin/docker-compose
3. Make a new file called start.sh in the root directory. Copy and paste the code below into the start.sh file. In the appsec.yml file, the start.sh file is linked to the ApplicationStart lifecycle event.
Each time a new application deployment is done, the code below switches the directory into the app folder where the application version is transferred to and builds a container image of the application.
cd /app docker-compose up —build -d #!/bin/bash
Docker—d compose’s argument tells it to operate in detached mode, in the background, and to always construct (—build) the container before executing it.
4. Finally, create a stop.sh file in the root directory and paste the code below into it. The stop.sh file, like the previous ones, is linked to the ApplicatonStop lifecycle event in the appsec.yml file.
The code below switches the path to the app folder and performs the docker-compose command to stop (down) the compose container that is currently operating.
cd /app docker-compose down #!/bin/bash
Application Deployment
It’s time to use CodeDeploy to deploy the python-shortner-application to the EC2 instance that was built with the python-app-ec2-codedeploy-role connected.
You must first construct an application on the CodeDeploy service before you can deploy the python-shortner-application.
1. To create an application on the CodeDeploy service, use the create-application command from your terminal (—application-name python-url-codedeploy-app). The application you write will deploy to your EC2 instance ( —compute-platform Server ).
A tag (-tags Key=user,Value=python-url-shortner) is also applied to identify the EC2 instance.
deploy aws —compute-platform Server —tags Key=user,Value=python-url-shortner create-application —application-name python-url-codedeploy-app
CodeDeploy application creation
2. Get the value of the role ARN for the CodeDeploy command.
I’m getting aws -role CodeDeploy-Deployment-Role —role-name
The ARN values for the role are being retrieved.
3. To establish a deployment group, use the create-deployment-group command (—deployment-group-name python-url-app-deploygroup). The command establishes a deployment group inside the CodeDeploy application that was previously built (—application-name python-url-codedeploy-app).
An Amazon Resource Name (ARN) is a string that combines your AWS Account ID (aws:iam::591107461920) and the role name (role/CodeDeploy-Deployment-Role) to identify an AWS resource.
Your AWS Account ID will be different from the one provided above; be sure to substitute yours.
—deployment-group-name python-url-app-deploygroup —application-name python-url-codedeploy-app —service-role-arn aws deploy create-deployment-group —ec2-tag-filters Key=used by,Value=python-app,Type=KEY AND VALUE arn:aws:iam::591107461920:role/CodeDeploy-Deployment-Role
Creating the deployment group for the application
4. Run the create-deployment command to deploy the CodeDeploy application (—application-name python-url-codedeploy-app) from an S3 bucket (—s3-location bucket=python-app-bucket-10212021); your bucket will be named differently.
The deployment group (—deployment-group-name python-dg) and file bundle type (bundleType=tgz) are also specified in the command below.
deploy aws —s3-location bucket=python-app-bucket-10212021,bundleType=tgz,key=python-app.tar.gz create-deployment —application-name python-url-codedeploy-app —deployment-group-name python-url-app-deploygroup
Creating the deployment of the application
5. In the AWS interface, type “CodeDeploy” in the search box and choose CodeDeploy. This will take you to the CodeDeploy service area.
Using the AWS interface to look for the CodeDeploy service
The deployment status established above may be seen in the AWS Console’s CodeDeploy section.
Viewing lifecycle events generated by a CodeDeploy deployment
6. Use the public IPv4 address to send a POST request to the instance to validate that python-shortner-application is running on the EC2 instance.
To get a list of all EC2 instances (ec2) created in your AWS account, use the describe-instances command.
describe-instances aws ec2
The command returns the EC2 instance’s PublicIpAddress, as seen below. Take note of the PublicIpAddress since you’ll need it later.
Viewing the EC2 instance’s PublicIpAddress
7. To shorten the URL you entered, use the curl command to perform a POST request to the instance from your local terminal. Substitute the PublicIpAddress you noted earlier for the PUBLIC-IP placeholder (step five).
“Content-Type: application/json” curl -X POST -H ‘”url”:”https://docs.aws.amazon.com”‘ http://PUBLIC-IP:8000/shorty -d
As demonstrated below, the program produces a short URL in JSON format.
URL abbreviation
AWS CodeDeploy was used to re-deploy the API.
Let’s alter the python-shortner-application after it has been deployed to the EC2 instance to see how CodeDeploy handles new modifications in the application.
You’ll make a little update to the python-shortner-application, upload it to the storage bucket, and apply it to the EC2 instance.
1. Open the routes.py file under the python-shortner-application in your code editor and paste the code below into it.
A GET endpoint handler is included in the code below, which produces a JSON response with information about the application.
# @app, create a GET /detail endpoint. function detail() async get(“/detail”): # a string that describes the full API return “message”:”REST API for short URL generation”
2. Run the following commands to remove the existing zip folder, create a new one, and upload it to the S3 bucket.
How to Use the AWS CLI to Upload Local Files to AWS S3
# rm -rf python-app.tar.gz # Delete the old ZIP file # tar -czvf python-app.tar.gz Create a new ZIP file, excluding the.git VCS directory # and the python virtual environment (venv) # —exclude=/url/.git —exclude=/url/venv aws s3 cp python-app.tar.gz s3:/python-app-bucket aws s3 cp python-app.tar.gz s3:/python-app-bucket
3. Now execute the create-deployment command to redeploy the CodeDeploy app (python-url-codedeploy-app) into the deployment group ( python-dg ). This will get the updated code from the S3 bucket (—s3-location bucket=python-app-bucket-10212021) and apply it to the EC2 instance’s running container.
—application-name python-url-codedeploy-app —deployment-group-name python-dg —s3-location aws deploy create-deployment bucket=python-app-bucket-10212021,bundleType=tgz,key=python-app.tar.gz
4. To get to the Deployments area, click the Deployments item in the Deploy menu in the console sidebar.
You’ll find a list of all deployments done using CodeDeploy in the Deployments section. As seen below, the list contains your most recent deployment to apply the code modifications uploaded to the AWS S3 bucket.
History of CodeDeploy Deployments
5. Finally, try the new endpoint using the curl command below.
The command makes a GET request to the EC2 instance’s python-shortner-application. Replace the PUBLIC IPV4 ADDRESS placeholder in the command below with your EC2 instance’s public IPV4 address.
curl /detail/PUBLIC IPV4 ADDRESS:8000
The REST API information are included in the curl command’s response, as illustrated below. CodeDeploy successfully published the updated API modification to the EC2 instance, according to the details.
You may now make further modifications to the python-shortner-application and create an application revision with this configuration in place. As before, initiate a deployment using CodeDeploy to apply new modifications to the EC2 instance (step three).
To redeploy the application, make a GET request.
Conclusion
This article will show you how to use CodeDeploy to automate deployments to an AWS EC2 instance. Was it a success? You learnt about CodeDeploy and created an AppSpec configuration file to coordinate the deployment process in this lesson.
Why not learn more about using AWS Lambda functions and Amazon S3 buckets to automate CodeDeploy tasks using this newfound knowledge?
Building Your First AWS Lambda Python Function is Related
The “github codedeploy” is a tool that allows users to deploy their applications to AWS CodeDeploy. It’s easy and quick to use, which makes the process of deploying your app easier.
Related Tags
- aws codepipeline
- deploy to aws from github
- aws codedeploy documentation
- aws codedeploy does not have the permissions required to assume the role
- aws codedeploy example
