{"componentChunkName":"component---src-templates-blog-js","path":"/ctf/aws-formation/tp1-cicd","result":{"data":{"markdownRemark":{"html":"

1 - What is CI CD

\n\n

to remember

\n\n

2 - CodeCommit 101

\n

to remember

\n\n

3 - CodeCommit Lab

\n

ToDo

\n
    \n
  1. Developer Tools
    2. \n
  2. CodeCommit
    3. \n
  3. Create a repository
    4. \n
  4. Create branch
    5. \n
  5. Create a commit
    6. \n
  6. Create a pull request
    7. \n
\n

If the branch is out update, we have to clone the master branch before to push on it

\n

4 - CodeDeploy 101

\n

Automated Deployment works with :

\n\n

Instance runs on Elastic Run Balancment

\n

2 deployment approaches :

\n
    \n
  1. In-Place : the application is stopped on each instance = Rolling Instance :
    2. \n
  2. 1 elastic run balancment + 3 instances
    3. \n
  3. so the capacity will be reduced
    4. \n
  4. new version = Revision (= virgin)
    5. \n
  5. you can NOT rollback quickly
    6. \n
  6. first deploying
    7. \n
  7. fees : +
    8. \n
  8. Blue (active deployment) / Green (the new release) :
    9. \n
  9. 1 elastic run balancment + 2 group of 3 instances
    10. \n
  10. switch between group of instance
    11. \n
  11. no reduces of capacity
    12. \n
  12. you can rollback quickly
    13. \n
  13. after first deployment
    14. \n
  14. fees : ++
    15. \n
  15. safest option
    16. \n
\n

5 - Advanced codedeploy the AppSpec File

\n

AppSpec File : configuration files defining the parameters used during a CodeDeploy deployment

\n

Le fichier Appspec est un fichier spécifique à CodeDeploy. Ce fichier permet d'orchestrer les actions à mener sur une machine. Il est sous format YAML ou JSON et se place à la racine du repository GitHub de notre WordPress.

\n

Ce fichier est nécessaire pour :

\n\n

File structure

\n\n

\"appspec\"

\n

step

\n

root folder contains :

\n\n

6 - CodeDeploy Lifecylce Event Hooks

\n

Run Order - Phase

\n
    \n
  1. De-registering instances from a load balancer
    2. \n
  2. Before Block Traffic
    3. \n
  3. Block Traffic
    4. \n
  4. After Block Traffic
    5. \n
  5. Installation : The real nuts & bolts of the appllication deployment
    6. \n
  6. application stop
    7. \n
  7. Download Bundle : CodeDeploy agent copies the application revision files to a temporary location
    8. \n
  8. BeforeInstall : Pre install script (as backing up the current version or decrypting files)
    9. \n
  9. Install : Copy application revision files to* final* location
    10. \n
  10. AfterInstall : Post install scripts e.g. configuration
    11. \n
  11. ApplicationStart
    12. \n
  12. ValidateService (test)
    13. \n
  13. Re-registrering with the load balancer
    14. \n
  14. Before Allow Traffic
    15. \n
  15. Allow Traffic
    16. \n
  16. After Allow Traffic
    17. \n
\n

https://docs.aws.amazon.com/fr_fr/codedeploy/latest/userguide/deployment-steps-server.html#deployment-steps-components-server

\n

CodeDeploy sont les suivantes:

\n
    \n
  1. On crée une application CodeDeploy
    2. \n
  2. On cible les instances sur lesquelles on va déployer : le groupe de déploiement
    3. \n
  3. On spécifie la configuration du déploiement
    4. \n
  4. On envoie une révision du code à CodeDeploy
    5. \n
  5. CodeDeploy la déploie
    6. \n
  6. On vérifie le résultat
    7. \n
  7. Si besoin on redéploie
    8. \n
\n

7 - CodeDeploy Lab

\n

ToDo

\n
    \n
  1. Security, Identity & Compliance
    2. \n
  2. IAM
    3. \n
  3. Create a role from S3Full access policy
    4. \n
  4. Create a role from AWSCodeDeployRole : Allow it to call AWS services, allowing :
    5. \n
  5. AutoScaling
    6. \n
  6. Describe instances and terminates instances
    7. \n
  7. cloudwatch
    8. \n
  8. tags
    9. \n
  9. registering and deristering with our load balancer
    10. \n
  10. Services - Compute - EC2 IAM Linux
    11. \n
  11. noneed to define a subnet
    12. \n
  12. auto assign public ip
    13. \n
  13. add tags to help codeploy to use this tags to identify the instance to deploy
    14. \n
  14. configure security group : SSH & HTTP
    15. \n
  15. choose a key pair
    16. \n
  16. Connect to ec2-user@
    17. \n
  17. \n

    on the instance.

    \n\n
    18. \n
  18. connect the local machine to code deploy from the local machine
    19. \n
  19. \n

    on aws console :

    \n\n
    20. \n
  20. \n

    on the local machine :

    \n\n
    21. \n
  21. Upload in a bucket the config files (appspec.yml : application bundle) to give the possibility to CodeDeploy to Access them
    22. \n
  22. AWS console - S3 - Storage - bucket
    23. \n
\n
2.$  aws deploy create-application --application-nam mywebapp\n
\n
    \n
  1. Developper Tools
    2. \n
  2. CodeDeploy
    3. \n
  3. Application - mywebapp
    4. \n
  4. deployment group - create :\n1. envirobment configuration : Amazon EC2 instances\n2. setting : AllAtOnce, halfAtOnce\n3. Use or not the loadbalancer
    5. \n
  5. Application lifecycle event failure
    6. \n
  6. Rollback configuration
    7. \n
\n

8 - CodePipeline

\n

Roles

\n

A fully managed CI/CD service :

\n
    \n
  1. Triger a pipelin every time there is a change to our code
    2. \n
  2. Aitomated Release Process
    3. \n
  3. integrates with AWS tools :
    4. \n
  4. CodeCommit, CodeBluid, CodeDeploy, GitHub, Jenkins, Elastiks (containers managers)...
    5. \n
\n

CodePipeline Workflow

\n
    \n
  1. CodePipeline (workflow defined)
    2. \n
  2. CodeCommit (new code appears)
    3. \n
  3. CodeBuild (testes)
    4. \n
  4. CodeDeploy (application deployed)
    5. \n
\n

to remember

\n

\"CodePipeline1\"

\n

9 - CodePipeline lab

\n

steps

\n
    \n
  1. Cloud formation to create an EC2 instance
    2. \n
  2. Upload a version 1 to S3 bucket
    3. \n
  3. Deploy EC2 instance using codeDeploy
    4. \n
  4. Code Pipeline : a managed trigger to deploy our version 2
    5. \n
  5. Cloud Watch : : a automaticaly trigger to deploy our version 3
    6. \n
\n

\"CodePipeline2\"

\n

Origin folder and files

\n

CF.txt : CloudFormation commands : laucnh an EC2 instance as on the AWS console

\n

CF.json : tag our instance to identify xith code deploys, asosicate an SSH key pair name, set up a security group, mapping in at least a region

\n

steps

\n

1sr deployment

\n
    \n
  1. creation of the bucket using CloudFormation :
    2. \n
  2. upload the CF_template .json files to your own bucket
    3. \n
  3. run the CF.txt files
    4. \n
  4. before :
    5. \n
  5. indicates bucket name
    6. \n
  6. indicates key pair name
    7. \n
  7. create policy to grant new right to the user
    8. \n
  8. add the app.zip to the bucket
    9. \n
  9. verify that the cloud Formation wtack has completed using :
    10. \n
  10. $ awscloudformation describe-stacks --stack-name
    11. \n
  11. Log into you instance and check that the codeploy agent has correctly installed :
    12. \n
  12. laucnh EC2 instance and copy its IPV4 IP
    13. \n
  13. ssh i- keypair.pem ec2-user@
    14. \n
  14. sudo service codedeploy-agent status
    15. \n
  15. CodeDeploy
    16. \n
  16. Deploy Group new
    17. \n
  17. Find the instance thanks to its instance
    18. \n
\n

step with Code Pipeline with manually upload :

\n
    \n
  1. Choose pipeline settinfs
    2. \n
  2. Add source stage (where our application S3 object key : app.zip is locataed)
    3. \n
  3. Add build state (providing build artificat details like OS, output files names : CodeBuild or Jenkins)
    4. \n
  4. Add deploy stage (deploy provider, region, application name, deployment group)
    5. \n
\n

step with Code Pipeline with triggered codeDeploy (automatic deployment)

\n
    \n
  1. upload the app.zip
    2. \n
\n

10 - IAM - Lab

\n

\"iam1\"

\n

.JSON :

\n
{\n  \"Version :\" : \"2012-10-37\",\n  \"Statement\" [\n    {\n      \"Effect\" : \"Allow\",\n      \"Action\" : \"*\",\n      \"Resource\" : \"*\"\n    }\n  ]\n}\n
\n

to remember

\n
    \n
  1. Roles are more secure thant storing your access key and secret access key on individual EC2 instances
    2. \n
  2. Roels are easier to manage
    3. \n
  3. Roelse can be assigner to an EC2 instance after it is created using both AWS console and command line
    4. \n
  4. Roles are universal (any region)
    5. \n
\n

11- Using BootStrap Script - Lab

\n

Way to automatisating AWS deployment

\n

ToDo

\n

1.S3 bucket using our bootstrap script

\n
    \n
  1. \n

    Add in Advanced details at the configure Instance details

    \n
    #!/bin/bash\nyum update -y\nyum install httpd -y\nservice httpd start\nchkconfig httpd on\ncd /var/www/html\necho \"Hello\"\naws s3 mb s3 \naws s3 cp index\n
    \n
    2. \n
\n

12 - Instance MetaData

\n

curl http://123.123.132/latest/meta-data\n\\ > bootstrap.txt

\n

\n

curl http://123.123.132/latest/user-data\n\\ > ip_adress.txt

\n

EC2 vs Lambda

\n

https://www.simform.com/aws-lambda-vs-ec2/

\n

EC2 = Elastic

\n

AppSpec file : YAML only

\n

Amazon Elastic Compute Cloud (EC2) est un service d'infrastructure de cloud virtuel proposé par AWS. Il fournit des ressources informatiques à la demande grâce auxquelles vous pouvez créer de puissants serveurs dans le nuage.

\n

L'ensemble du matériel de l'EC2 est fragmenté en de multiples ressources qui sont offertes sous la forme d'instances évolutives en termes de mémoire de calcul et de puissance de traitement.

\n

Il vous offre également la possibilité d'héberger votre application sur plusieurs plateformes avec une sécurité renforcée pour une architecture multi-modèles et multi-locataires. Ces instances peuvent être accessibles par HTTP ou HTTPS (API), ce qui permet aux développeurs de créer des applications comme s'il s'agissait d'une infrastructure sur site.

\n

Avec Amazon EC2, vous avez la possibilité d'approvisionner des machines virtuelles selon les besoins de vos applications. Cette possibilité est offerte dans le cadre d'un modèle d'abonnement basé sur l'utilité, où l'utilisateur est facturé en fonction de sa consommation de ressources.

\n

AWS Lambda

\n

AppSpec file : YAML and JSON

\n

AWS Lambda est une ressource de cloud computing à la demande proposée en termes de fonction-as-a-service par AWS. Au fil du temps,

\n

La principale différence entre AWS Lambda et EC2 (ressources basées sur des serveurs virtuels) réside dans la responsabilité du provisionnement et des cas d'utilisation, pour n'en citer que quelques-uns. La tarification d'AWS Lambda est également l'un des principaux facteurs.

\n

Avant l'émergence de solutions agiles comme AWS Lambda, les équipes opérationnelles devaient allouer les ressources en fonction des prévisions. Elles devaient s'assurer que les besoins en ordinateurs et en mémoire ne dépassaient pas les limites que leur système pouvait supporter.

\n

Avec des ressources informatiques comme AWS Lambda, les ressources informatiques peuvent s'adapter et diminuer automatiquement en fonction des demandes en temps réel. Actuellement, AWS Lambda prend en charge plusieurs langues et peut être utilisé dans une application de plusieurs manières ou en tant que service.

\n

L'architecture des applications construites à l'aide de fonctions comme AWS Lambda est communément appelée architecture sans serveur.

\n

Which one to use

\n

If you’re wasting your compute resources due to unpredictable traffic for your application but still want a scalable and cost friendly solution, AWS Lambda is for you. When not to use AWS Lambda? When you want to do complex processing and your process can’t be executed in the limited execution time.Or maybe you want to run a complex application which has consistent traffic and want to operate in a tried and tested deployment environment, EC2 if for you. The only drawbacks are a complex setup environment and provisioning of servers.The result- For either AWS Lambda vs EC2 or vice versa, both operate for a highly specific use case, however, one wasn’t sufficing the need which necessitated the invention of another.Until then, let’s make the most of each of the services. If you’ve hands-on experience with either EC2 or Lambda or both, I’d love to hear from you.

","frontmatter":{"date":"July 31, 2020","path":"ctf/aws-formation/tp1-cicd","title":"TP2 - CICD","tags":["cloud","ec2","aws"],"categorie":"ctf","thumbnail":"/assets/alex-machado-80sv993luki-unsplash.jpg"},"fields":{"readingTime":{"text":"10 min read"}}},"file":{"childImageSharp":{"fluid":{"base64":"data:image/jpeg;base64,/9j/2wBDABALDA4MChAODQ4SERATGCgaGBYWGDEjJR0oOjM9PDkzODdASFxOQERXRTc4UG1RV19iZ2hnPk1xeXBkeFxlZ2P/2wBDARESEhgVGC8aGi9jQjhCY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2P/wgARCAANABQDASIAAhEBAxEB/8QAFwAAAwEAAAAAAAAAAAAAAAAAAAMEBf/EABUBAQEAAAAAAAAAAAAAAAAAAAED/9oADAMBAAIQAxAAAAGFz11jKaIn/8QAGhAAAgMBAQAAAAAAAAAAAAAAAAECERMSMf/aAAgBAQABBQLm3gxwaJTxe1i8/8QAGBEAAgMAAAAAAAAAAAAAAAAAAAECElH/2gAIAQMBAT8BUdKn/8QAFhEBAQEAAAAAAAAAAAAAAAAAABEB/9oACAECAQE/Abqv/8QAGhAAAQUBAAAAAAAAAAAAAAAAAQACEBESIv/aAAgBAQAGPwJckOjObVBtR//EABwQAQACAgMBAAAAAAAAAAAAAAEAETFBIWFxkf/aAAgBAQABPyEVB9ih2jUSxfkFQDkWX4Ju5grU/9oADAMBAAIAAwAAABDjD//EABYRAQEBAAAAAAAAAAAAAAAAAAEAIf/aAAgBAwEBPxAA1M//xAAWEQEBAQAAAAAAAAAAAAAAAAABIRD/2gAIAQIBAT8QWYTP/8QAGhABAQEAAwEAAAAAAAAAAAAAAREAIUFxwf/aAAgBAQABPxAYkFlcFzRnCFCH3zCCggiKI5gk6hL1lpwEhs0zEABv/9k=","aspectRatio":1.4970059880239521,"src":"/static/11cdcb302d032fa2db3a46428a8f74c9/a7715/alex-machado-80sv993luki-unsplash.jpg","srcSet":"/static/11cdcb302d032fa2db3a46428a8f74c9/8f7df/alex-machado-80sv993luki-unsplash.jpg 250w,\n/static/11cdcb302d032fa2db3a46428a8f74c9/0f3a1/alex-machado-80sv993luki-unsplash.jpg 500w,\n/static/11cdcb302d032fa2db3a46428a8f74c9/a7715/alex-machado-80sv993luki-unsplash.jpg 1000w,\n/static/11cdcb302d032fa2db3a46428a8f74c9/37d86/alex-machado-80sv993luki-unsplash.jpg 1500w,\n/static/11cdcb302d032fa2db3a46428a8f74c9/a41d1/alex-machado-80sv993luki-unsplash.jpg 2000w,\n/static/11cdcb302d032fa2db3a46428a8f74c9/6a059/alex-machado-80sv993luki-unsplash.jpg 6000w","sizes":"(max-width: 1000px) 100vw, 1000px"}}}},"pageContext":{"slug":"ctf/aws-formation/tp1-cicd","featuredImage":"alex-machado-80sv993luki-unsplash.jpg"}}}