CI/CD With AWS ECS + CodePipeline + CodeDeploy + CodeCommit + CodeBuild + Docker

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] hello all today we gonna learn about the cicd pipeline for aws ecs ecr aws code commit for deploy and code pipeline so all those tools we're gonna use in this project so this project uh typically take ten steps it's a very high level steps over here so likewise in step one the docker basics uh we're gonna learn about like how we're gonna install the docker in a linux machine how we're gonna pull the centos 6 image and then create an index file and create a docker file through which we can create a docker image also okay and similarly we do have a very similar steps and simple steps for the steps too okay so let me explain and tell you that how we gonna create an ecr repository and log in over there and then we're gonna create a repository then push this particular docker image over there right so similarly we're gonna uh you know do this project step by step step 3 4 till ten right so without making any delay let's go uh to the aws console and try to complete this project uh as simple as possible so i already logged into my aws account and i am in the north virginia region so let's go to the ec2 console and let's click on the running instance click on the launch instance i'm going to select this linux ami 2018 version and let's go with this t2 small make sure it is not a free version so for your own practice you can utilize the t2 micro which is free so by default i am choosing the default option let's go to the storage it should be the default one tag default and select and security group so what i'm gonna do it create a new group with name [Music] docker dmz and port number 80 should be open to everywhere because we are gonna launch the apache web server and this port number 22 is custom to my ip only okay so i'm just reviewing it click on the launch button and now i'm going to create a key pair with named varun docker i'm downloading this key pair it is there in my download section okay and now i'm click on the launch instance so this is how simple step we're gonna create a ec2 instance and just click over here just name it docker okay and let's assign a public ip to this means the static ip so i'm gonna create the elastic ip right now okay click on the elastic ip allocate one elastic ip for this it's allocated then click on the action and associate the elastic ip to this so there is only one running instance which is docker just click here press associate yes it is associated so let's go back to the instance okay so uh this is my windows machine and already i have a wsl running on my windows machine and i'm at the download folder so if i can put ll uh i can see my pem file which is i have created just now so i'm gonna change the mode with ch mode four zero zero okay and now i'm gonna copy my instance ip so let's copy this one and i'm gonna do the ssh over there ssh hyphen i your key pair name an ec2 hyphen user and delete your ip address hit enter it will ask for a confirmation press yes and now you are logged into the aws newly launched machine right so let's say utilize the sudo user sudo hyphen i to get inside as a sudo user and first thing first yum update hyphen y that means yeah i'm providing the permission to yes to download all the packages okay so it's already updated so let's do one thing yum install docker hyphen y it will install the docker now you can see docker info docker is installed but it is not running so let's service docker start check the service service docker status is running and then you can clear the screen sometimes i can press ctrl l so make sure like don't confuse with this control l or clear so docker info yeah so this is the docker info information about this and all the detail about your docker okay which version like 19.0.36 ce right and all those details so let's move forward and image right so docker pull centers colon the version name syntax so it is pulling an image in my local machine so this ec2 machine i'm always utilizing as a local machine because this machine is uh we are going to do all the things from this machine only right so yes the centos is there so docker images if you can see okay you can see there is a repository is centos tag is sent to s6 image id is this and it is created like 16 months ago okay so uh let me give you a little brief of docker and then after that we can move forward and create all those ecr and ci cd stuffs over there so just to let you know uh if i want to run uh apache service inside the docker there is a couple of way to do that so one of the way i'm gonna show you the manual way and then after that i'm gonna show you uh the the proper way to do that so let's let's uh run a command with the docker run hyphen i hyphen t that is interactive terminal and i'm not utilizing the detached mode which is d so just a interactive terminal docker run hyphen ip uh hyphen i t and hyphen p for the port so am going to utilize the 80 colon 80 okay and which image you want to do that so i am just copying this image id hit enter now i am inside this docker container okay so without making any delay let's install yum install httpd okay so it will take some time to install the httpd yes yes okay and now i can see uh cd www.html this directory is already created while installing the httpd then just create a you know index file to say i'm coming from docker or something so eco i'm coming from container and let's save this one with index dot html now you can see index.html is created so if you can go to your browser over here and just copy this one and paste it in a browser that's good so we found some error over here and let's double shoot this error first so if i remember well my i my my security group is already allowed the port number 82 everywhere okay okay the mistake is that it's a very common mistake right i didn't start the service so service httpd start okay now it's started and let's try one more time okay i'm coming from container right so yeah this is how we we run the instance and inside the instance we can pull the container images and we can with that with the command with help of the command docker run hyphen itd okay and this is the port number 80 which is my host port as well as my container port and my container id so with the help of this command we can logged in inside the container and you can see the difference between this ec to ip address as well as this container id so that means i'm in the container and i have installed the apache and then after i have created a file index.html and start the service and it is running uh in that way okay so this is the manual way to do that so i'm pressing ctrl d to exit from this container and now if i can see the docker ps so there is no image nothing like that okay so if i'm putting minus a for all i can see like three minutes ago uh we have created a docker in a container and it will like 15 seconds ago we have already exited it so uh how to do uh in a proper devops manner this thing so for this i am going to create a a docker file but before this let's go to the opt directory for this and create something called mkdir docker so all my folder all my project for this [Music] all my files for this project is available in this particular folder right so okay let's go inside the docker and create a file name docker file okay so i already had copied couple of things for you guys so uh yeah so this is the one i'm gonna copy it and just to let you know this is from like which container you want to run all the projects and who is the maintainer you can put your name or email address and what are the commands so i need to i just need to install the apache over there and i'm just copying the index.html file to my www.html location and at the last i am utilizing my service of httpd must be on whenever my container is available in the running state and it will expose the port number 80. so this is just six lines of command i'm just gonna save it okay well so escape then hold on wq and as you said that index.html which is not here so wim index.html let's create and copy and paste it from my notepad plus plus okay let's go with this okay so for building a docker image from your docker file the command is docker build hyphen t that means tag and you can tag anything let me put web server and what is the location of your docker file so the current location okay hit enter and now it will create an image for you with all the instruction we have given in the file so in the download of apache is done it's copied the index.html file to the html location and then the command of apache and foreground is running over there it is exposing the port number 80. so there is a lot of thing to explain in this docker thing but this is not a specific class for docker so i'm just giving in a high level overview so if i can put the docker image command in my terminal now i can see my web server command is there so let's check whether it is working fine or not so just run this one and this time i'm using the itd docker hyphen interactive terminal detached mode what is the port port number 80 for your host then port number 80 for your container and what is the name of your uh container or the image or the image id any of them you can provide a door there so for me i am just giving the image id and let's hit enter and now i can find some error okay it should be yeah so that's very common mistake i forget to put the run over here so docker run hyphen itd hyphen p that is port on 8080 and your container id that's all okay so it's running right now so docker ps now i can see uh one container is running over here with name of sweet bassy so let's go again to your browser refresh it now you can see the ci cd and docker tutorial by varun kumar manik and yeah this is my pretty cool name okay and this is the version one in a green color that's what i have just launched a container inside the ec2 instance and it's working fine so let's move on the step two of this tutorial which is the ecr so let's type ecr over here and elastic container service or elastic container registry so let's click on the registry in the new tab and before making any delay let's put on the get start so ecr is nothing but a repository for storing your containers like a docker hub so it's a specific service from the aws so let me put the name manic cloud okay and yeah that's all click on the create now this is my uri this is my money cloud name repository name this is my uri created at this so yep without making any delay let's go to the view and push command so this is how you're going to push your thing push your container to the ecr so first of all we need to successfully log in over there and copy this command and go to your terminal i'm pressing ctrl l to clear the machine clear the screen and just hit enter now it can see you need to configure the aws configuration with the access key and id but as i told uh and we started with the ec2 machine so let's go and create a role and attach that role with this machine and i believe so i already have some role okay but okay let's let's go with the flow and let me create a code for you know so i'm gonna create a role okay [Music] okay create a role and common use case for ec2 i'm just utilizing ec2 so on my on behalf of my ec2 and just for this uh you know tutorial purpose i'm just selecting administrator access but do not do it at your production environment that's a very bad practice but it's okay in the demonstration kind of thing right so easy to access for other aws resources right create a role so we have successfully created a role go back to your ec2 instance and click on this you know action select your machine click on the action go to the instance step instance setting choose the attached iam role and then ec2 access for the other aws resources right and click apply over there now you can see this role is successfully attached with this machine here you can see the i am roll right so let's go back again to your terminal and try it on one more time the same command wow so this is the magic happen and we successfully logged into the machine now the second part in this step to tag your machine to tag your docker image with the same name your repo is created so okay okay let's go to the ecr again view push command and now here you can see the docker tag command so let me copy this one okay go back to my terminal paste it here and just now i need to change my existing docker image which name which we already put the name as a web server right so you can just enter this and check again docker images and here you can see uh this web server with the latest tag we have created and right now we just rename it or you know i just make a tag with this uh the new repository name and with the latest tag okay so we already done this let's go back to the console again and here they can see how we're going to push this particular ec particular container to the ecr right so docker push command i just copy and paste it okay it's not copied successfully let's copy [Music] okay sorry it's my bad guys docker push and if everything is okay it will be pushing my image to the ecr so my running image is already successfully pushed to my ecr uh repository let's check it over there and verify it go back and go go inside the money cloud repository and here you can see the newly created or newly uploaded resource is available it's morning to near about three o'clock right 257 so yep in utc it's a 657 right so yeah i'm in a singapore time zone so yeah uh that's why the time difference is there so yeah half of the part we have done it for the ecr and now i'm going to move on the ecs things so let's create a ecs which is elastic container service so just click on the ecs in the new tab and i believe so like you guys know about the elastic container service and also i'm not going to define most of the thing but yeah this is the task definition here you can see uh you can see the cluster and if you can click on the create cluster you can find this kind of thing so but let's let's start with the task right now okay so here uh we need to create the task definition so for farget um for this tutorial i'm going to use the forget so just click on the next put your task name so i'm i'm putting it let's put a ci cd or you know cicd tutorial something picd task okay and fargate task role so there is no role right now and this role is specifically utilized when your containers need some role to access the aws resources but for this demonstration we are not going to use it we just gonna use the default things and here we gonna choose the size so i am gonna choose the size for my task is 0.5 gb which is minimum and then 0.25 vcp which is also a minimum criteria because this demonstration we don't require more and here you're going to add the container right so here is a catch you could put any name of your container and i'm going to put the web one okay and the image repository url so just go back to your ecr copy your uri go back to here paste it the uri and here there is a lot of option you can go one by one and check it and if you can press on the i button over there you can find it out the explanation of all the things right so because it will be a very long video so i don't want to explain all those things so let's go with the important things so here you can see the memory limit soft limit or hard limit so if you can put a hard limit it will automatically allocate that particular memory for this 0.5 gb which we have already selected previously and soft limit whatever you're going to put it over there and that will be slowly allocated as per the use it will be allocated to your container but again i'm not going to do anything i'm just putting the port number 80 okay because my container port my container will be running on the portability and then let's go down go down go down and storage login i don't want to make any changes here here and this is one of the important thing about the log so automatically this particular task will create a log group in your cloud watch and all the logs should be available on that particular location right so i'm just gonna press the button add okay and let's go and create this task with all the default values so this task is created let's check the task okay it's already created now go back to the service or go back to the cluster and create a cluster so i'm going to create a cluster for the farget so i'm just choosing the networking only because this is required for the fargate and these two other options for the ecs which can launch the ec2 con ec2 machine for you right so cluster name so let's put like ci cd cluster okay create a vpc no i don't want to create any pc with this default thing just click on create so my cluster is created with zero services no task running over here nothing like that it's a clean cluster so let's go and create a service so i'm gonna choose the launch type and guys those who are not familiar with this ecs cluster what is cluster what is task and service you can go and read one by one uh all those things you can get an idea about this click on this i button and you can find it out the optional detail over there right so i believe like you guys have an idea about that and even though if you do not have you just follow my instruction and you can create a fully ci cd uh devops pipeline for the ecs okay so just follow my instruction so here i choose the target and automatically i can see in the drop down menu my task is available over here and there is a no division okay so that's the reason one is latest it's chosen already over there and put your service name so let's put a common name like service one i'm okay with the service name service one and how many tasks you wanted so let's go with the two tasks just for the demonstration purpose minimum healthy person maximum healthy percent again you can just click on there and get all those details right so okay do you want to blue green deployment or rolling update so right now i'm going with the rolling update go with the next step and yes here we want to give some vpc detail whether you want to create the vpc or all so i'm going to choose the default vpc for this what are the subnets so all the subnets i'm going to choose one by one okay as this is okay let's go with a b and c rather than choosing all let's go with the a b let's choose b also a b and c this is the b okay so three uh subnets i have chosen out of six okay and it will create a security group for you fine and do you want to go with the load balancer yes i do want to go with the load balancer and yeah now here we do not have the load balancer so um before moving forward let's jump to the ec2 and create the elastic sorry application load balancer quickly right so just click on the load balancer side and click on create load balancer choose the application load balancer just give a name just give a name over here alb ecs or something right and it should be uh internet facing and what protocol you're gonna run so uh http is fine for this experiment and what are the availability zone you have chosen so i have chosen one a b and c so uh pretty good for this move forward right just go with the security group and yep just choose this guy also docker which is open okay and i'm okay with the default one right so routing i want to create a target group or select a target group but we didn't have any target group so just create one thing uh target group one which we're not going to use but for creation of this alb we require one right so yup uh protocol is http port is 80 path is slash and yeah you can help put the threshold too right it will it will make the things faster and click on the register target we don't have anyone so let's go with the next create and your alb is up and running and this is your alb dns so moving forward we're gonna use this lbdns okay let's go back to the ecs and let me refresh it over here now i can see my load balancer is here with the container name web one and port 8080 so uh you can you know if you want you can click add to the load balancer then you can create the new services if you choose one you know uh so both of the things will work for you right so let's go and follow my instruction and other than service one pattern default let's go with the health check this pattern with this put evaluation order one okay so i'm gonna create a new target group for this right i could able to use the previous one also which we have created over there but um i'm okay with that so here a quick catch if you're gonna click on the next uh it would go into the next one uh okay but in the previous experiment it was not going for the you know next button so i have to created uh this enable directory integration which will create some some service some identification on the route 53 right so yeah but here it is working fine so let's go with the next click next because we don't know we don't want any auto scaling and and i have to choose the security group also in in aws alb right so let's create the service it will take some time meanwhile we can go to the load balancer and go to the security group and just choose the security group too right save it come back to the ecs view your service and if everything is fine you can see there is a two task is provisioning right now okay and you can see the event service one has started with two tasks this is the task id so if you want you can click any of the tasks in the new tab and here you can see the auto scaling we didn't set anything in auto scaling this is the deployment and we just did our deployment over there with the two desired count and this is the primary status for this and here you can see the metrics where you can able to see the graphs and monitor your things and for the log there is no log right now it will take some time to get some locks over here right so go back to the task go back to the details and yep so this is the load balancer group name uh the vpc and networking all those networking stuffs are there and in the task we can see two task is running right now so uh before going to the load balancer or anything else let's go and see the tasks so i have already opened two tasks and it's in a pending state so just wait for a few minutes it will be available yeah it's now in a running state and if you can check it out over here ah this is my task and whatever things we have defined in the task definition it's already here right so yep let's go and check the another task also my mistake okay so this is the second task and you can see it's running successfully and all those detail you can find it or whatever we have set it in the task definition right so if everything is working fine and uh you know all things seems to be good so let's go back to our load balancer and check it out the dns name open a new tab copy your alb dns name and hit enter and it is absolutely working fine this is the expected outcome i'm expecting now we have created the ecs and we have created the task and service and everything is running fine right so till this part part one is completed now i'm gonna tell you about the ci cd part of this right how we gonna create the code commit how we gonna create the code deploy code pipeline and code build everything okay so yeah be ready for the part two so we gonna create a code commit resource in aws code commit you can take it from here this is the alternate of the github or bitbucket or git lab you know it's a completely based on the git technology and here you can see the developer tool all those things are there in the pipeline with the new console so without making any delay let's go with this create repository so repository name should be let's go with my name manic repo okay or let's make it darker repo okay and click on the create so ah to make a setup with this code commit to your ec2 instance there is a few things you want to do it right in iam user but before that let me tell you why we required that one so just copy this particular command which is a git clone command and make sure that your instance have the git so yum install git that's all it's already there oh it's not the way so we just successfully installed the gate i thought it's already there in the ec2 machine but okay it's my bad so let's copy and paste it over here this command which is cloning my repository the code commit repository to my local machine and we can find some errors so it it require my user name as well as if i can hit enter it require my password too so there is a couple of way to do that let me tell you both the way with the username and password and as well as the ssh also so let's go back to the console and all the instructions so this is the beauty of aws that all the instruction you can find it out on the same page right so here you can just click on uh generate the git credential and it will tell you all those stuffs like how how you're gonna do that and where you're gonna click it and each and everything is step by step uh is here right so uh to save our time i can just go to the iem because i have already done this many times so just go to the iam okay this is my imuser i am going to my user okay and here i can find it out the security credential and in the security credential you have the option to generate the credential for code commit right generate a user name and password you will use to authenticate the https connection and all right so here you can able to do that so let's let's generate it for one time okay and yep so this is uh my username and password so um anyhow i'm gonna delete it so let let's copy this things you know one by one and if you're gonna see again if i'm gonna run this command right so it require my username i'm just pasting my username over here which is copied from this location okay and this is my password copy it hit enter now ah this time we didn't find this fatal error which is authentication phase we already uh you know able to get this particular we already able to clone this particular repository so if you can see with the ll command the docker repo is already here right so yep we have successfully uh cloned the docker repo from the aws code commit with help of my username and password right but moreover i i'm not going to use this username and password so for you uh because see once you close this you cannot see your password again so better you can download your credential or copy and paste your credentials somewhere else i'm gonna close it right because i just want to show you the second option right so here you can see uh the ssh key assess key for your code commit and if you want to learn more just click over there it will open the another beautiful document for you you can go ahead and find this all those steps right so yep so come back to the code commit and again i just wanted to redirect you one more page so for linux so this is where uh they have let you know how to do the ssh connection right it's quite tricky it's not that easy as a github or the bitbucket it's a quite tricky one so that's why i'm trying to focus uh you here at this part okay so we have to create some uh ssh generic key so let me go back over here and clear my screen and ssh hyphen keygen okay this is command to generate the key pair i i just wanted to put some name like code commit that's all or even though not needed right just hit enter enter enter and that's all so your id rsa and id lsa dot public key is downloaded in some location and that location is somewhere around the uh at your root location ss such directory if you can put ll you can see idris say and ideas say hyphen dot pub right so we need to just copy this public key this public key not pub copy the content go back to your iam user upload your ssh key paste okay it was not copy okay paste it successfully and upload the ssh key so once you uploaded the ssh key you can see there is a ssh key id and that it that requires uh you know uh in after after few seconds later right so this is how we have created this uh ssh uploaded this ssh key the public key now you can go over here and in this directory you have to copy this particular line and create a file name config paste the copy thing here and now you need to copy your ssh id from your iam location go to your iam copy this one paste it here right okay so i'm utilizing the vim editor for this and your private key file name here so my private key file name is id rsa that's all iphone rsa okay that's all and again you can come back and see the instruction so here your private key file name here and we already provided this id and then you need to run this chmod config command because config is the file name so let's clear the screen and chmod config if you can put ll you can see the idr say public is only for the read write okay and if everything is fine then we need to check it out whether we can able to clone it or not right in some different location so just copy this one go to your cd opt so previously we are working in the docker directory just uh just for the testing purpose i'm going to click this clone command over here and let's see whether it is successfully authenticating or not just give the yes for authentication and it's permanently editor get this message you are you are getting over here and just put ll you can see the docker depos there so we have successfully integrated our ec2 machine with code commit in both the ways with credential id and password as well as from the ssh also so let's go back and focus on our cicd project so i'm going to the docker uh repositor directory where we already cloned this repo now i am moving my docker file in index.html file inside the docker apple okay so let's get inside the docker truffle okay i press ctrl l to clear my screen so do not confuse okay uh yep so so without making any delay let's uh play with the git command and i believe so you guys know the gate if you don't know what is gate and how you can utilize it you can search it on google and you can find the other way to do that right but for this particular project you just follow my instruction so i'm gonna add the git uh files so the command is get add utilize dot which can include all the files and now you can see the gate status so here uh the only one branch is there master there is a no commit yet and there is a two file in the cache right docker file and index file so let me let's make a git commit so you want to give some message so i will always put am [Music] and first or primary files okay now it is already committed and if you want to check the git status right now you can see uh there is a true file which is already is committed so let's push that clear the screen and just run the git push command wow so yeah the it again asking for a credential so let's go to the iam right now and delete our uh credential things right generate credential this guy select it delete this one right let's type delete it will delete the existing one now we are we have only one way to access to our repository is ssh public keyway right so let's go back again and wait for a couple of moment let's do it again get push my goodness wow so let's go back there and again i just want to move all the file outside and i want to delete this repository and clone it again i'm moving it here right and let's run rf so rm hyphen rf is to remove the directory with all the files and whatever things there it's a recursive forcefully removal okay let's go to our port commit copy this line again and clone it now it's cloned move your docker and index.html file to the docker rep and see you you have seen that like this time we are cloning and it won't ask any credential or anything right so let's move inside the docker file docker directory and get add dot get commit [Music] primary files get push okay so it is successfully uh uploaded in the master branch 4 slash 4 object has been successfully updated so if you can go and check your repository and just see here and boom inside my docker repository so this is my repository inside my docker depository i can see my docker file i can see my index.html okay so this part has been done for the code commit let's move to the next part which is code deploy so what i'm gonna do it with the code deploy uh whenever we push anything in our code commit automatically it will take the source file and build a docker image in the code deploy okay so let's close all those things here okay so let's go to the build section getting it started or else if you want you can come from the code build here also just type build it will code believe the second option and you will be redirected to the same page right so create a build project from scratch just name it docker build okay and yeah so here is some trick you know and you have to follow that trick right because uh it's quite few places it's so tricky and you could not find the documentation and all uh neither you can find in any youtube uh video or any other uh you know technical videos so yeah so i'll let you know the trick uh the the at the end of this you know part somewhere here right so uh in the code commit you have to first to provide the uh source provided so couple of options is there uh s3 github bitbucket and github enterprise so i'm gonna choose the quote commit and which repository so we do have only one repository what is the branch we have just a master branch for this then which image you want to take it where you want to build your uh docker container right or docker images so i'm always the amazon guy amazonian mind so i'm choosing this amazon linux too for you you can choose any ubuntu or amazon linux 2. not not the windows one right and the runtime environment so i standard runtime environment and which image you want to use it so i'm going with this standard 2.0 and yeah this is one catch over here you have to click on this check box so that it can build a docker image if you would not click a check box where there is no other way to build a docker image inside this particular machine or inside this particular code build okay so yeah that's one catch and here we're gonna create a new role because we don't have any existing ones so i'm gonna create a new role okay and let's go to the configuration for the vpc okay we do not require uh to install any certificate or all and uh install the s3 bucket so we we don't require it let it be as it is we don't require any vpc let it be as it is the default one and inside this build spec file we need to create a build spec file okay so that's one thing and in the artifacts uh just say that okay we do have an artifact and we need to provide the bucket name over here right so uh i'm not choosing it right now but once my code pipeline will run i will come again and edit this code build and i'll choose this artifact so this is one of the very important catch for ci cd pipeline with this aws tools right okay so yeah as of as of now all things is good so let's create a build project so it will take couple of moments to build the project based on our configuration yeah so if you're gonna click on a start build you can do you can start your start building your docker image and all but it gonna fail it because we do not have a build spec file right so it will take some time and meanwhile let's go with the options here is the tail log you can see all those log four thousand till thousand line yeah so you can see uh almost thousand line in this one and we can see it's uh there is a no yml file available for build spec dot yml so it's failed and it's the expected behavior so before moving forward let's do one thing let's go to our terminal and create a build spec file right this is my terminal ctrl l to clear the machine and vim dot y aml okay and here i have the content for building spec.iml okay let me change the ecr details write the repository detail ecr just copy the repository uri and i am just replacing the existing one yes so in production you would not ever you you you should not show your all those details uh there is another way with the environment variable in the code build so you can utilize that environment variable things but for the demonstration purpose uh i'm not utilizing that one so just copy this and go to your terminal again and okay paste it over here let me have a look of this and it seems like okay so let me let me explain you this uh this is the version and there are the phases so there is a three phases in this the pre-built phase the build phase and the post build phase so pre-built phase what we are trying to do we are trying to log into the ecr okay and this is the command for login to the ecr then in the build phase we can put take the date and image and we gonna build it from the build command which i already showed you in the initial stage of this project right and here you can find the docker tag command which can tag your docker image uh the existing where the newly created web one image to the repo uri right and then post build once your docker image is already tagged then it's gonna push it gonna you know post your docker image to the amazon uh ecr service right so this is how uh it's very simple thing okay this is how we're gonna save it and let's commit it again uh okay so yep get add get commit and another file or add builders profile get push now it's already there in our code repository so if you want to check the repo you can go ahead and see the repository and [Music] inside the docker repo my newly created file is available builderspec.yaml okay go to the bills section go to the build project we already have a build project and if you want to edit something over here there is the edit button yeah in future we gonna do it so let's start building this project and [Music] here you can override all those things if you want that there are way to to override these things right so environment variable what i have already discussed with you you can if you don't want to provide the security things over there then you can you know just provide inside the environment variable uh security things that is referred to my aws account and you know few other things so this is the account number and all if you don't want to give there are other way to do that so let's start building this project and this will take some time so i'm gonna pause this video for a few moment okay so this time uh it's run successfully uh not successfully actually but it it runs from till next few step and this is an expected error what we are facing over here and it says that you do not have permission to contact with the amazon ecr okay so let's do one thing go to the iam and find it out the code build role and allow the ecr access over there right so inside the role just find code okay so this is the newly created role and click on this role go to the attach policy find the ecr elastic container registry full access right now it's done and let's go back to the code build and retry this one again we try the build so it's building the build okay and let's see uh yeah it's creating the image now my image creation is almost done okay and it's installing the packages apache and all and their dependency yes so image creation is completed and see here the push refers to the repository and it's successfully pushed yeah so the status is succeed now if you can take a look of this repository of your money cloud you can see it's a newly created newly pushed container is available over here okay so uh moving forward what we want to do whenever we try to upload or any developer try to upload any code in the git hub or in the bitbucket it automatically it can create a build and that build should be pushed to the repository of ecr and from the ecr repository it can push the repository or push the container to the elastic container service which is my target right so half of the way we have done successfully let's go and create the code pipeline to complete that okay to complete that all section right but before that let me make some changes and show you again right how to do it manually then you could be able to understand once we have created the ci cd pipeline fully working pipeline right so let's do uh [Music] let's do in a very manual way okay let me do one thing i'm just i'm just gonna copy this particular color to my container okay vim index.html or just make a very simple change make it 2.0 and this is version 2 right and then get add get commit version two okay get push so in my code commit if we can see in the code commit my version 2 should be available the changes should be available let's see and verify it this is my index.html file and now you can see the version 2 is available and for more info if you want to go for this then go to the commit and here inside the commit you can see the commit id click on this commit id and you can see the changes what are the changes we have done so we have just replaced one to two that's all right yeah so if you're gonna do on the deployment section sorry in the build section go to the build repository select your docker build and start building it again just click on the start build so now build is successful we can see it's a successful build go to your ecr again and refresh it now you can see this newly created build is available on the ecr so let's go to the ecs container and let me show you what i'm trying to do uh with our automated way so click on the ecs this is my cicd cluster right and if i'm there in the task definition but before going to the task definition let me show you the exact output what we are getting it right [Music] one moment yeah so this is my alb and still it's version one right i'm refreshing it i'm refreshing it and i'm getting my version one over here right so yeah what i want to do i want to just manually transfer version one to the version two for that i need to go to the task definition select this task and create a new version so select the role we don't have any role uh either we can choose none or ecs task role both of them is fine we are not utilizing the role so uh any any of them is fine right so go with the none or choose this one right uh and aws vpc fargate as well as everything is by default and here you just want to change your container right so here just go to your ecr copy this uri although this is the same uri but we have to paste it again to make it update until unless it it would not accept it right okay and create this one so once you created this task you can go back to the cicd task all thing is done yep yeah so go back to the cicd task and here you can see there is a couple of version so if you want to select this one the newly created version and go to the run task or update any service so if i'm gonna choose the update service which service you want to update so i do have only one service service one and i'm gonna update next step right so configure networking configuration is fine health check is fine load balancer is fine click on the next next and update the service so once you update the service you can check it out in the task section there are two another task is provisioning right now okay with the version two it will take couple of minutes and meanwhile you can check it out the events also inside the events so previously there were two tasks right and here we can see that there are two new tasks has been created right inside the deployment also if you can check it out there so yeah so primary was 2 and active was 2 right so you can see the time difference also 1 is almost 40 43 minutes ago right so primary one is 1957 and the secondary one and the active one is 1908 right so yeah uh yeah and in the matrix if you want to see the metrics this is the matrix right now and logs let's see whether there is any locks or not okay no locks but anyhow all the locks should be available on the cloud watch log so let us go back again to the detail and see the task and now all four are running so in this time if we can go to the alb and we can just refresh it so we can see the version two but all four task is running right now so sometimes we can see the version one or version two both right it's completely depend on the task and the alb d that just being the task okay so what do i mean alb d registering the task if you can go to the details over here and here you can see the target group right [Music] okay let me open the new tab let me open in the new tab right so load balancer okay in the listener we have this target group t okay okay yeah so so that's that's what i'm trying to show you here so two newly created tasks has been deployed in the uh fargate services and the old one is draining it right now right so this is what i mean uh to you know de-registered the deregister from the target group so come back to the ecs go to the task and now you can see it will take some time to make it feel from here the register but as already it's not there in the not behind in the load balancer load balance is already registered them so we can able to just click it many times and we can see the version two so this whole process i just wanted to automate uh with this cold pipeline so i believe uh it's a quite long class but yeah it's a very informative and very very subjective class right so let's go back again to the ec2 okay [Music] code build now let's go to the code deploy section uh code pipeline section because this is not a blue green deployment so let's choose the code pipeline section go and click on the getting started create on the pipeline click on the pipeline right ecs pipeline right uh i'm gonna create a new role for this and go to the advanced setting uh it will create a sp bucket for you just click next now what is the source provider so for source provider i have a code commit over here then what is the repository name my docker repo what is the branch name my master branch and amazon cloudwatch events is recommended so go with this click on next which is your build provider code build is my build provider okay what is the project name docker build and let's go and click next it is asking for the deployment stage i am skipping this deploy stage as we do not have the code deploy skip it so ah by bad let's let's move back to the previous one yeah inside the code deploy we need to select this ecs amazon ecs elastic container service and then it will appear the ci cd cluster name the service name and we need to provide this uh [Music] filename.json or definition of the file okay but right now i'm not going to give this file name over here let's let's uh click on next and find the error first there is a few errors we gonna received it and one one by one we cannot solve short or all this errors right so just click on the create pipeline it will create a pipeline and it will run it for you so yeah just wait for a moment so now it is getting uh connected with the code commit so typically source and second phase is built and the third and last phase is deploy and we are gonna get the error in this particular section right so the first section is done the second section is building the code it will take some time so i'm gonna pause this video so as i said that uh the first two stages should be passed and the third state will we gonna we're gonna face some issue right so let's click on this uh pipeline execution id and see what kind of error we are facing with right now so it says that uh we do not have the uh s3 access this code pipeline role which we have created while creating the code pipeline which do not have the access of the bucket right so first of all let's go to the iam and provide this bucket policy sorry bucket access so go to the iam which is not open yet so let me open the ian right now go to the roles this is the role we have created click on this role go to the attach policy and let's go for the s3 i'm giving the sd full access right now and yep it's done uh so i'm gonna retry uh just i'm going to the code pipeline and i'm trying to go to the pipeline and just retry this particular stage right deploy stage now it's trying to deploy again and i strongly believe that i'm gonna find some error for this just wait for a couple of moment yeah so it's it's we can see that okay and still we are facing the same problem so as we still facing the same issue so to resolve this issue uh let's let's do uh something on the code build section first but before that let me show you the s3 section where you can see a new bucket has been created from the code pipeline so this is the code pipeline bucket has been created here with ecs pipeline and all those artifacts are available over here right so this is how the code pipeline will store the artifacts in the s3 so remember i have discussed something in while while explaining the code pipeline right code build there's a catch there is some trick to get that one so go to the code build section here go to the projects click here edit this and let's go to the artifact one so amazon s3 and my bucket name is code pipeline and that's all uh yeah so so go go to the path section put slash and just for the namesake you can put like output or something right any name you can give here and name space type so it's none and for me i'm gonna choose the zip it will zip it and yep so just update the artifacts okay and if artifact is updated let's go again to the code pipeline and go to the pipeline and just [Music] select this one and release changes so let's let's release one more time and i'm going to pause this video for a moment so after making these changes still we are getting the same issue okay if you can click on this particular error and again it says that the permission issues but actually it's not the permission issues right so let's let's go and make some changes there inside the pipeline okay which is very important right now so just go back to the edit button and select your ecs in the deploy section edit this stage click on this icon and here you need to choose the build artifact as a source artifact right source artifact that means it is taking source from the code build right and yeah one more thing one very important thing we need to provide the detail uh of the identification file which i already have it for you so let's copy this image definition.json and type it here okay imagedefinition.json and just click on done right and save this one so what is image definition dot json let me show you here so it's typically just want my image name my container name what is my name of container and my aleppo uri so let's go to the task this is my ecs and and let's refresh it okay so these two uh uh task has been deleted what we have done it you know manually so let's go to the task definition so my task name is or my container name is cicd task right just copy the ci cd task you can see it here cicd task copy it here paste it here and the uri of my ecr is this copy it and paste it here my thing wait okay and then copy this json file over here go to your linux terminal rim stop it here and paste the json in your vm okay now post this file to the code commit again so get add get commit minus m image deficient.json get push right so let's go again and see our pipeline whether it is running or not while pushing the code in the code in the in the code commit right so i can see it's running again from here and then it will come to the code build and then it will go to the port deploy so uh yeah so code code commit part has been done code code build will take some time so i'm gonna pause the video hey uh i have done a mistake over there uh it the container name should be the web one as i can write the container name over here as a web one so you can just go through this and just just have a look of this so there is a task definition and inside the task i have a ci cd task right and inside this task four or five because i have deleted couple of tasks uh to double shoot this one to find it out my silly mistake so here you can see if you can go down the container name so this is the one the container name should be at the web one in my image definition file so i'm just writing the image definition file with container name web one okay and i'm gonna push it and just make a little change on the index.html also so just index.html and let's make it version 3. okay get add get commit and give you a message like web one or something and then get push now you pushed your uh code to the code commit now let's go to the code pipeline and just check it over here let's see this is my code pipeline i do have one ecs pipeline which we have created and here you can see the code commit part is done and it's now building a code build and then it will deploy to the ecs version right so let's wait for the time and it will take some time so i'm gonna pause this video and meanwhile just just look it into the details so if you can go to the docker build see the logs now it is installing the package and it has been installed successfully it's completed now it will create my docker image image has been done now it's already pushed uh the docker container to the given repository so let's go back to the code pipeline again and see the pipeline it's still in a progress so first two part is done and then it will come to the third part we have to wait a few moment for this yeah here you go so now it is deploying the pipeline to the ecs okay so if you can click on this ecs detail or this icon it will open a new elastic container task and you can see the deployment over here so active is two and now it's uh another deployment is going on right so these are the tasks so primary is this desired count two pending count two running count two and same thing if you can check it over here in the details section in the tasks section you can see uh there is a four running task tasks five and six so task five was the old one and task 6 was the new one so here you can check out the event also so it's 1801 that means just this you know you can check out the time so just now uh the service service won't register one target in the target group so we have to wait for a few moment and then it will automatically you know update our task in our ecs cluster and right now i can see the version 2 in blue color and we have made a change to version 3 okay so we can we can see the version 3 also here you can check it out version 3 is visible right now that means our task has been deployed and let's confirm it from the ec2 alb side also but before yeah this is my alb and go to the listener okay so this was the one my bad i have created few target groups just because of a silly mistake but i have done it okay uh let's go to the service one target group which is running on a port 80 and if you can check out the targets now you can see here these targets two is draining right now these two is the old one is draining right now from my target group and these two the new target uh in the task is healthy right now right so this is how it is slowly removing the older version of task from behind the alb and it is uh um running healthy the newer version of task over here so with this example uh um just a moment okay so let's check it on the task this is still running but after some time later you can find it out uh it will be draining from here also and in the deployment we can check it out the deployment so this two deployment nothing is pending running is true and yep uh what else i can show you here um yeah so two tasks has been uh begin draining itself and then the register two tasks has been deregistered first and then they are in draining from the behind the auto scaling sorry behind the alb and then it already register one task right so yep with this proof we can say that yeah everything is running successfully and we have successfully deployed the cicd pipeline for aws ecs including aws ecr aws code pipeline aws code deploy aws code commit as well as aws code build okay [Music] [Music] you

Info

Channel: Cloud Guru

Views: 3,378

Rating: undefined out of 5

Keywords: aws codedeploy, aws ecs, amazon ecs, ecs aws, aws docker, aws code commit, codecommit, code commit, amazon codecommit, aws code build, aws codebuild, aws codepipeline, codepipeline, code pipeline, ci cd pipeline aws, aws pipeline, aws ci cd pipeline, codebuild, codebuild aws, code build aws, docker, docker tutorial, aws code deploy, aws code deploy tutorial, amazon code deploy, codedeploy, aws codepipeline tutorial, codecommit in aws, aws codedeploy tutorial, aws, devops, cicd

Id: d7PTjQiahOQ

Channel Id: undefined

Length: 96min 59sec (5819 seconds)

Published: Fri Aug 06 2021