AWS DevOps Pro Domain 1: SDLC Automation – CodeDeploy

This article is the second in a series covering my AWS DevOps Professional certification study process. Part 1 is here.

CodeDeploy

AWS Managed deployment service that automates application deployments to (1) EC2 instances, (2) serverless Lambda functions, (3) AWS ECS services, or (4) on-premises virtual machines.

Ansible, Terraform, Chef, Puppet are similar services.

*CodeDeploy does not provision resources*

Can deploy code from: S3 buckets, CodeCommit/GitHub/Bitbucket repos

CodeDeploy Agent must be running on any EC2 or on-prem VM:

1. Push code + appspec.yml file to [CodeCommit, S3, Github]
2. Trigger CodeDeploy deployment
3. Agent polls CodeDeploy continuously
4. EC2 instances pick up new deployment
5. Agent pulls new code & appspec.yml file from [CodeCommit, S3, Github]
   1. (EC2 attached role needs to have access to code source)
6. EC2 runs the deployment instructions
7. Agent reports success/failure of deployment on the EC2 instance

EC2 instances are grouped by deployment groups (dev, test, UAT, prod, etc..) – very flexible

CodeDeploy can be chained into CodePipeline for using artifacts.

Blue/Green deployments cannot be use on-prem VMs and has to be in an autoscale group (ASG)

CodeDeploy groups into:

• Applications
  • Deployment Groups (grouped by tagged key/values)
    • Create a new Deployment Group for each env (Dev, QA, Stg, Prod, etc…)
    • Flexibility is all based on tags
  • Deployments – the actual action of pushing code to the EC2 instances. Points at a Deployment Group
    • Deployment types are ‘In-place’ or ‘Blue/Green’
    • Deployment Configurations specifies how you are going to take down/upgrade systems
    • Working with deployment configs
    • Custom Deployment Configs can customize how many healthy systems exist in application fleet (either by % or # of healthy systems):

• appspec.yml file deep dive
  • Know the appspec ‘hooks’ section (at a high level how it works):

• Environment variable availability for hooks (to customize deployment – i.e. something diff for Dev, or Prod, then customize installation):
  • APPLICATION_NAME
  • DEPLOYMENT_ID
  • DEPLOYMENT_GROUP_NAME
  • DEPLOYMENT_GROUP_ID
  • LIFECYCLE_EVENT
• Use triggers to send AWS SNS messages
  • Use CW integrations for more complex interactions:
    • CloudWatch integrations Monitoring deployments with CloudWatch tools
• Go over different types of rollback procedures
  • Read Configure advanced options for a deployment group.
  • Know how rollback alarm thresholds works:

Know how on-premise CodeDeploy instances are handled.

• Either use IAM user ARN to authenticate requests (easier for a 1 on-prem server) OR
• Use an IAM role ARN (to call AWS STS) to authenticate requests (more secure & scalable)

AWS CodeDeploy tutorials (do ALL of these):

• Deploy WordPress to an EC2 instance
• Deploy “hello, world!” app onto Windows Server
• Deploy an app to an “on-premises” instance
• Deploy an application to an Amazon EC2 Auto Scaling group
• Deploy an application from GitHub
• Deploy an Amazon ECS service
• Deploy an Amazon ECS service with a validation test
• Deploy an updated Lambda function with CodeDeploy & SAM