AWS CI/CD: Everything on AWS — Decoding DevOps [08]

This article provides a comprehensive guide to implementing a fully automated AWS CI/CD pipeline, using only AWS services.

Photo by Richy Great on Unsplash

Project Overview

Our goal is to deploy a simple application to AWS using a robust and efficient CI/CD process. This project will involve the following components:

• Codebase: Our application code hosted in a Git repository.
• Beanstalk: An AWS service for managing our application deployment.
• RDS: A relational database service for storing our application data.
• CodeBuild: An AWS service for building our application code.
• CodePipeline: An AWS service orchestrating the entire CI/CD pipeline.

Setting up the Infrastructure

1. Codebase:

• Create a Git repository in AWS CodeCommit, storing your application code.
• Alternatively, use GitHub or Bitbucket and integrate with AWS CodeCommit using the provided instructions.

2. Beanstalk:

Create a Beanstalk environment:

• aws elasticbeanstalk create-environment --application-name my-application --environment-name my-environment --solution-stack-name 64bit Amazon Linux 2 v4.1.4 running Tomcat 9 --region us-east-1

Configure the application:

• Create a Dockerrun.aws.json file defining the Docker image to use.
• Upload this file to the Beanstalk environment using the AWS console or CLI.

3. RDS:

Create an RDS instance:

aws rds create-db-instance --db-name my-database --db-instance-identifier my-instance --engine postgres --db-instance-class db.t2.micro --allocated-storage 10 --port 5432 --vpc-security-group-ids <your_security_group_id> --region us-east-1

• aws rds create-db-instance --db-name my-database --db-instance-identifier my-instance --engine postgres --db-instance-class db.t2.micro --allocated-storage 10 --port 5432 --vpc-security-group-ids <your_security_group_id> --region us-east-1

Create a database user:

CREATE USER my-user WITH PASSWORD 'my-password';
GRANT ALL PRIVILEGES ON DATABASE my-database TO my-user;

• CREATE USER my-user WITH PASSWORD 'my-password'; GRANT ALL PRIVILEGES ON DATABASE my-database TO my-user;

Update the database credentials in your application configuration.

4. CodeBuild:

• Create a CodeBuild project:

aws codebuild create-project --name my-build-project --source {location of your source code} --buildspec {path to buildspec.yml} --service-role {ARN of CodeBuild service role} --environment {Environment configuration for CodeBuild} --region us-east-1

• aws codebuild create-project --name my-build-project --source {location of your source code} --buildspec {path to buildspec.yml} --service-role {ARN of CodeBuild service role} --environment {Environment configuration for CodeBuild} --region us-east-1
• Define a buildspec.yml file:

version: 0.2
phases:
  install:
    commands:
      - echo "Installing dependencies"
      - npm install
  build:
    commands:
      - echo "Building the application"
      - npm run build
  post_build:
    commands:
      - echo "Packaging the application"
      - docker build -t my-image .
    - echo "Pushing the image to ECR"
    - aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin {your_ecr_account_id}.dkr.ecr.us-east-1.amazonaws.com
    - docker push {your_ecr_account_id}.dkr.ecr.us-east-1.amazonaws.com/my-image
artifacts:
  files:
    - "build/app.zip"

5. CodePipeline:

Create a CodePipeline:

aws codepipeline create-pipeline --name my-pipeline --role {ARN of CodePipeline service role} --artifact-store {S3 bucket configuration} --stages {stages configuration} --region us-east-1

• aws codepipeline create-pipeline --name my-pipeline --role {ARN of CodePipeline service role} --artifact-store {S3 bucket configuration} --stages {stages configuration} --region us-east-1

Define the stages:

Source:

• Type: AWS CodeCommit
• Output: Artifact

Build:

• Type: AWS CodeBuild
• Input: Artifact
• Output: Artifact

Deploy:

• Type: AWS ElasticBeanstalk
• Input: Artifact

Code Commit, Build & Deploy

• Push code changes to your Git repository (CodeCommit).
• CodePipeline automatically triggers CodeBuild for building your application.
• CodeBuild builds the application, packages it, and pushes it to ECR (if using Docker).
• CodePipeline triggers Beanstalk to deploy the application to your defined environment.
• Beanstalk pulls the latest build from ECR or the CodeBuild artifact, deploys it, and restarts the application.

Best Practices

• Security: Implement strong security measures for all services, especially RDS and Beanstalk.
• Logging: Configure logging for all stages of your CI/CD process to facilitate troubleshooting.
• Monitoring: Monitor your application performance and infrastructure health to ensure stability.
• Automation: Automate as many tasks as possible to reduce human error and increase efficiency.
• Version control: Use version control for all configurations and infrastructure code.