Mar 11
2 min read
Deploy with AWS CodeDeploy from GitHub
Code deploy is a a fully managed deployment service which helps you deploy on AWS EC2, AWS ECS , AWS Fargate, AWS Lambda and on premises servers. This helps in faster releases with zero downtime.
Aim :
To deploy the code stored in a GitHub repository to multiple AWS instance at once.
Sample Repository : https://github.com/kaumudigupta/GithubCodeDeployDemo
Requirements :
- AWS EC2 instances with IAM role attached.
- Access to GitHub repository where the code is present.
- AWS IAM role for the AWS CodeDeploy Service.
- Appspec file and scripts.
IAM Roles (IAM.txt):
a) IAM Role for Codedeploy (CodeDeployRole)
1. Policy Role for Code Deploy (AWSCodeDeployRole)
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"autoscaling:CompleteLifecycleAction",
"autoscaling:DeleteLifecycleHook",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeLifecycleHooks",
"autoscaling:PutLifecycleHook",
"autoscaling:RecordLifecycleActionHeartbeat",
"autoscaling:CreateAutoScalingGroup",
"autoscaling:UpdateAutoScalingGroup",
"autoscaling:EnableMetricsCollection",
"autoscaling:DescribePolicies",
"autoscaling:DescribeScheduledActions",
"autoscaling:DescribeNotificationConfigurations",
"autoscaling:SuspendProcesses",
"autoscaling:ResumeProcesses",
"autoscaling:AttachLoadBalancers",
"autoscaling:AttachLoadBalancerTargetGroups",
"autoscaling:PutScalingPolicy",
"autoscaling:PutScheduledUpdateGroupAction",
"autoscaling:PutNotificationConfiguration",
"autoscaling:PutWarmPool",
"autoscaling:DescribeScalingActivities",
"autoscaling:DeleteAutoScalingGroup",
"ec2:DescribeInstances",
"ec2:DescribeInstanceStatus",
"ec2:TerminateInstances",
"tag:GetResources",
"sns:Publish",
"cloudwatch:DescribeAlarms",
"cloudwatch:PutMetricAlarm",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeInstanceHealth",
"elasticloadbalancing:RegisterInstancesWithLoadBalancer",
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:RegisterTargets",
"elasticloadbalancing:DeregisterTargets"
],
"Effect": "Allow",
"Resource": "*"
}
]
}2. Trust policy for CodeDeploy :
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": [
"codedeploy.us-east-1.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}b) Instance Role for EC2 Instance (EC2DeployRole)
- AWS Managed Role (AmazonEC2RoleforAWSCodeDeploy) :
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetObject",
"s3:GetObjectVersion",
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "*"
}
]
}Steps :
- Upload the code on a private Github repository.
- Create appspec.yml file to cater the needs of our code and upload it with the required scripts.
- Create the IAM roles for the EC2 instance (EC2DeployRole) and for the CodeDeploy application. (CodeDeployDemo).
- Create the AWS EC2 instances on which you want to deploy the application and use EC2DeployRole as IAM role during the launch.
- Use a tag for the grouping of the instances.
- Install and configure AWS CLI and then, install the CodeDeploy agent using SSH. Check codedeployagent.txt for steps in GitHub repo.
- Use AWS CodeDeploy to create an application and a deployment group. Use in-place deployment and choose the instances to be put in the deployment group using the tag.
- Choose “CodeDeployDemo” which we created earlier as the service role while creating and configuring the application.
- We can choose if we want to deploy the app to one instance at a time or to half of the instances or to all of the instances in the deployment group.
- Create new revision to deploy the application and provide the Github account credentials, the name of the repository and the commit ID.
- It will start deploying the application and to deploy a new commit in the future, just create a new revision.
Conclusion :
We can deploy our code easily using CodeDeploy on ’n’ number of instances.
