Installing and configuring the CodeDeploy agent

Before we begin with the actual launch of our EC2 instance with the CodeDeploy agent installed on it, we need to set up an EC2 instance profile as well as an instance role that will grant our EC2 instances the necessary permissions to interact with both CodeCommit as well as with CodeDeploy:

  1. To get started, first log in to the AWS Management Console and select the IAM service from the services Filter. Alternatively, you can launch the IAM dashboard by selecting URL https://console.aws.amazon.com/iam/.
  2. From the IAM dashboard, select the Policies option from the navigation pane to bring up the IAM Policies page. Here, click on Create policy to get started.
  3. In the Create policy page, select the JSON tab and paste the following lines of the policy document:
{ 
    "Version": "2012-10-17", 
    "Statement": [ 
        { 
            "Action": [ 
                "ec2:Describe*", 
                "sns:*", 
                "codecommit:*", 
                "codedeploy:*", 
                "codepipeline:*", 
                "codecommit:GetBranch", 
                "codecommit:GetCommit", 
                "codecommit:UploadArchive", 
                "codecommit:GetUploadArchiveStatus", 
                "codecommit:CancelUploadArchive", 
                "s3:*" 
            ], 
            "Effect": "Allow", 
            "Resource": "*" 
        } 
    ] 
}

The policy document essentially provides the EC2 instance with the required set of permissions to interact with the likes of AWS services, such as CodeDeploy, CodeCommit, and CodePipeline.

  1. Click on Review policy once done. In the final Review policy page, provide a suitable Name for the policy and click Create policy to complete the process.
  2. With the policy created, we now simply assign this to a new IAM Role. To do so, select the Roles option from the navigation pane to bring up the IAM Roles page.
  3. Click on Create role to start the wizard. From the Select type of trusted entity section, make sure you select AWS service and filter out EC2 from there. Click on Next: Permissions to proceed.
  4. In the Attach permissions policy page, filter the earlier created policy and attach it to our new role, as depicted in the following screenshot:
  1. Finally, at the Review page, provide your role with a suitable Role Name and click on Create role to complete the process.
  2. Before launching your EC2 instance with this newly created Role, ensure that the role's Trust Relationship has the following set of AWS services added in its policy document:
{ 
  "Version": "2012-10-17", 
  "Statement": [ 
    { 
      "Sid": "", 
      "Effect": "Allow", 
      "Principal": { 
        "Service": [ 
          "codecommit.us-east-1.amazonaws.com", 
          "ec2.amazonaws.com", 
          "codedeploy.us-east-1.amazonaws.com", 
          "codepipeline.us-east-1.amazonaws.com" 
        ] 
      }, 
      "Action": "sts:AssumeRole" 
    } 
  ] 
}

With this step completed, we are now ready to launch a simple EC2 instance and assign the newly created role:

  1. From the EC2 Management Console, select the Launch Instance option to get started. For this particular use case, I've opted to go for the standard Amazon Linux AMI (amzn-ami-hvm-2017.09.1.20171120-x86_64-gp2 - ami-55ef662f); however, you can very well opt for a different Linux OS distribution as per your requirements.
  2. Select an appropriate Instance type for hosting our simple WordPress application. For now, I've selected the t2.micro instance type itself.
  3. Next, in the Configure Instance Details page, select the appropriate Network, Subnet, and IAM Role for our new EC2 instance. Paste the following set of lines as User data under the Advanced Details section, as shown in the following code. This simple user data script will copy and install the CodeDeploy agent along with a few other essential dependencies. You can find the complete copy of the following code at https://github.com/yoyoclouds/Administering-AWS-Volume2:
#!/bin/bash 
yum -y update 
yum install -y ruby 
yum install -y aws-cli 
cd /home/ec2-user 
aws s3 cp s3://aws-codedeploy-us-east-1/latest/install . --region us-east-1 
chmod +x ./install 
./install auto
Remember to change the region parameter as per your current operational region value.
  1. Once the required storage is assigned to the instance, move on and assign a few essential tags for our EC2 instance. These tags will be used later in CodeDeploy to reference our EC2 instances, so make a note of the same.
  2. Finally, create a new security group and make sure that the ports 22 (SSH) and 80 (HTTP) are open for internet traffic.
  3. Review the settings of your instance and launch it. Additionally, remember to associate your instance with a key pair as well before you launch it, as it can be useful to verify or troubleshoot the AWS CodeDeploy agent.

With this, you now have successfully launched and set up a CodeDeploy agent on an EC2 instance. In the next section of this chapter, we will look at how you can take this installation further by configuring the AppSpec file for the final CodeDeploy deployment.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset