![\"\"](\"\/wp-content\/uploads\/2019\/01\/CodePipeline.png\")
<\/a><\/p>\nBefore we get started, there are a couple of pre-requisites needed in order to follow along:<\/p>\n
- \n
- AWS account with EC2, S3, CodePipeline, CodeDeploy, and CodeCommit permissions. If you don’t have an AWS account, you can sign up for the free tier for one year.<\/li>\n
- Git client: For Mac, I recommend Homebrew<\/a> (brew install git). On the PC, you can use Git SCM<\/a>.<\/li>\n<\/ol>\n
There are a number of steps we need to complete in order to setup our code pipeline with a new web server. These steps include creating a new security group, setting up a key pair, which we will use to access our AWS EC2 instance, provisioning a new EC2 instance, and setting up our code pipeline for Continuous Integration\/Continuous Delivery (CI\/CD).<\/p>\n
Roles and Permissions<\/h2>\n
When setting up a CodeDeploy (later in this article), we will need to use service roles for to provide needed permissions for both the CodeDeploy service (service role) as well as for our EC2 instance that we are deploying code to (instance role). Let’s go ahead and set these up. There are more detailed directions available within AWS documentation and I’ve provided links should you want to learn more.<\/p>\n
CodeDeploy Service Role<\/h3>\n
- \n
- Using the AWS console, browse to IAM Management and select Roles – Create Role.<\/li>\n
- Next select CodeDeploy and under Use Case choose ‘CodeDeploy’.<\/li>\n
- Click ‘Next: Permissions’ leaving defaults and ‘Next: Tags’ leaving blank.<\/li>\n
- Click ‘Next: Review’.<\/li>\n<\/ul>\n
![\"CodeDeploy](\"\/wp-content\/uploads\/2019\/01\/codedeploy-sr.jpeg\")
<\/a><\/p>\nHere you can provide a name for your service role. I am using the name carnaghan-codedeploy<\/strong>. Keep a note of the name you choose as you will need this later.<\/p>\n
For more information, see: Create a Service Role for AWS CodeDeploy<\/a>.<\/p><\/blockquote>\n
IAM EC2 Instance Role<\/h3>\n
In order for our EC2 server to work with CodeDeploy, we need to create an IAM instance role. In IAM Management select ‘Create Role’. Under service select ‘EC2’ and then click ‘Next: Permissions’. Under ‘Filter Policies’ type ‘S3’ and then select ‘AmazonS3ReadOnlyAccess’. Select ‘Next: Tags’ and then ‘Next: Review’. Provide a name for your role, I used carnaghan-dev<\/strong>. Keep a note of whatever name you choose for later.<\/p>\n
Note: for simplicity I chose AmazonS3ReadOnlyAccess’, however for better security you can create your own policy and choose only those parts of S3 needed for CodeDeploy.<\/p>\n
For more information see: CodeDeploy: Create an IAM Instance Profile for Your Amazon EC2 Instances<\/a>.<\/p><\/blockquote>\n
Creating our EC2 Security Group and Key Pair<\/h2>\n
Before we can setup a new EC2 instance which will serve as our web server, we need to create a security group. The security group will determine ingoing and outgoing traffic. Security groups in AWS are simply firewalls at the server level. They will enable us to allow traffic from various sources access to our server. To keep things simple, I am going to enable all incoming traffic for HTTP and SSH connections, which we will need for our setup. Ideally, SSH traffic should be restricted to your own set of IP addresses which you will access the EC2 instance from for security purposes. Within the AWS Console, select EC2 under the Compute group. Under Network and Security select ‘Security Groups’. Select ‘Create Security Group’ and provide a name. In my example, I am using carnaghan-dev<\/strong>. Next we will configure the inbound traffic our security group will permit. Under the Inbound tab, select Add Rule. You should add two rules (one for SSH and one for HTTP) with IP address 0.0.0.0, ::\/0 for each (which allows all incoming traffic for that protocol by default). Click Create to save your new security group. We will now be able to use this when provisioning our new EC2 instance.<\/p>\n
![\"\"](\"\/wp-content\/uploads\/2019\/01\/sg.jpeg\")
<\/a><\/p>\nNext we need to create a key pair. This is a set of credentials we will use to access our EC2 instance once it is setup.Under the same Network and Security section we accessed Security Groups, select Key Pairs. Click on Create Key Pair and provide a name. In my example I am using the name carnaghan-dev<\/strong>. Once created, you will receive a download file with a .pem extension. This is your private RSA key, which will be used later to SSH into our server. For now store this in a safe place.<\/p>\n
Creating our EC2 Instance<\/h2>\n
Next we are going to provision our web server. From the AWS console, select Services -> Compute -> EC2. Next click the Launch Instance button. We are going to choose Amazon Linux 2 AMI (HVM), SSD Volume Type<\/strong>, which should be the very first entry under Amazon Machine Images (AMIs).<\/p>\n
![\"Amazon](\"\/wp-content\/uploads\/2019\/01\/AmazonLinux.png\")
<\/a><\/p>\nClick Select<\/strong>. On the next screen for instance type, choose t2.micro (free tier eligible)<\/strong>. Click Next – Configure Instance Details<\/strong>. Scroll down to Advanced<\/strong> and click to expand. Under User Data, paste the following code:<\/p>\n
#!\/bin\/bash\nsudo yum update -y\nsudo yum install -y httpd\nsudo service httpd start\nsudo chkconfig httpd on\n\nsudo yum install ruby -y\nsudo yum install wget -y\ncd \/home\/ec2-user\nwget https:\/\/aws-codedeploy-us-east-1.s3.amazonaws.com\/latest\/install\nchmod +x .\/install\nsudo .\/install auto<\/pre>\n
AWS provides User Data to allow us to pass one time commands to our server once it is provisioned, or booted up for the first time. The first part of the above code runs updates on the operating system, followed by installing and running our Apache web server. The second set of commands provisions our CodeDeploy agent, which we will be using later on for our Continuous Deployment. Click Next – Add Storage<\/strong> and leave all defaults as is. AWS automatically provisions an 8Gb Elastic Block Storage (EBS) volume<\/strong> for our instance, which will act as our hard drive or storage. Click Next – Add Tags<\/strong> and add a Name tag for your instance. In my example I am using Name: carnaghan-dev<\/strong> as below.<\/p>\n
![\"tags\"](\"\/wp-content\/uploads\/2019\/01\/tags.png\")
<\/a><\/p>\nClick Next – Configure Security Group<\/strong>. Here you will choose the security group you setup above. Be sure to complete this step correctly or you may not be able to access your instance.<\/p>\n
![\"\"](\"\/wp-content\/uploads\/2019\/01\/assign-sg.png\")
<\/a><\/p>\nAfter you have chosen your security group, click Review and Launch and on the following screen select Launch. You will be prompted to create or choose a key pair to access your server. Select the key pair you created above and then click launch instance.<\/p>\n
![\"\"](\"\/wp-content\/uploads\/2019\/01\/select-key.png\")
<\/a><\/p>\nAt this stage you have completed all steps to launch your EC2 instance. It will take several minutes to provision and run our user data commands specified above. To view the status of your EC2 instance select View Instances<\/strong> on the confirmation page. After several minutes have passed, the status of your instance should change from Initializing to Running. At this time, copy the public DNS address, it should look something like ec2-99-99-999-99.compute-1.amazonaws.com. Paste this address into your web browser. If everything is running as expected with your new Apache webserver, you should see the test page below.<\/p>\n
![\"\"](\"\/wp-content\/uploads\/2019\/01\/test-page.jpeg\")
<\/a><\/p>\nIf you don’t see the test page, give your instance another few minutes to fully initialize.<\/p>\n
Setting up Code Commit<\/h2>\n
There are two main ways you can manage CodeCommit repositories:<\/p>\n
- \n
- Install the AWS Command Line Interface (CLI) and provide CodeCommit to your AWS account<\/li>\n
- Create a public SSH Key which you can then upload to your repository (in a similar way you would manage a Github repository)<\/li>\n<\/ul>\n
For this setup, I am going to recommend using the CLI as it provides a lot more options out of the box and the more you work with AWS the more you will come to use this tool. In order to install the CLI, follow this guide: Installing the AWS CLI<\/a>. If you prefer to use a public key, see Setup for SSH Users Not Using the AWS CLI<\/a>.<\/p>\n
Next we will setup our code repository, which will enable us to update our website. Using the AWS console, head over to CodeCommit and create a new repository.<\/p>\n
![\"codecommit\"](\"\/wp-content\/uploads\/2019\/01\/codecommit-create.jpeg\")
<\/a><\/p>\n