Tools we're going to use:
- Ansible
- aws-cli
- Github
- AWS
- Repository (Docker and Docker-Compose)
If your repository is public you can skip this part!
- Create new deploy keys.
$ cd github-deploy-keys
$ ssh-keygen -t rsa -b 4096 -C "[email protected]" -f $PWD/github-key.pem
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/arthuralvim/Work/deploy-aws-image/github-deploy-keys/github-key.pem.
Your public key has been saved in /Users/arthuralvim/Work/deploy-aws-image/github-deploy-keys/github-key.pem.pub.
The key fingerprint is:
...- Add the generated public key to the repository deploy keys.
- Create an user with programatically access (aws_access_key_id and aws_secret_access_key) and the necessary permissions.
- EC2 permissions
- ECR permissions
-
Create a role with your application permissions (S3 + Cloudwatch). (optional)
-
Test your credentials and make sure your user has permissions to push/pull images.
-
Generate a hash string for use as a tagging resource. Ex: kZRaDCtdUIiFv9ApVmSX
-
Generate a key to access the machine.
$ aws ec2 create-key-pair --key-name tutorial-deploy-aws-image --query 'KeyMaterial' --output text > ~/.ssh/tutorial-deploy-aws-image.pem- Give necessary permissions to the key.
$ chmod 600 ~/.ssh/tutorial-deploy-aws-image.pemREVERSE:
aws ec2 delete-key-pair --key-name tutorial-deploy-aws-image
- Create a security group with the list of ports you need.
$ aws ec2 create-security-group --group-name tutorial-deploy-aws-image-sg --description "tutorial-deploy-aws-image-sg"
{
"GroupId": "sg-0732f6c4f4554cccc"
}
$ aws ec2 authorize-security-group-ingress --group-name tutorial-deploy-aws-image-sg --protocol tcp --port 22 --cidr 0.0.0.0/0
$ aws ec2 authorize-security-group-ingress --group-name tutorial-deploy-aws-image-sg --protocol tcp --port 80 --cidr 0.0.0.0/0
$ aws ec2 authorize-security-group-ingress --group-name tutorial-deploy-aws-image-sg --protocol tcp --port 8000 --cidr 0.0.0.0/0REVERSE:
aws ec2 delete-security-group --group-name tutorial-deploy-aws-image-sg
- Create the instances.
$ aws ec2 run-instances --image-id ami-09479453c5cde9639 \
--key-name tutorial-deploy-aws-image \
--security-groups tutorial-deploy-aws-image-sg \
--instance-type t3.medium \
--placement AvailabilityZone=us-east-1a \
--block-device-mappings "[{\"DeviceName\":\"/dev/xvda\",\"Ebs\":{\"VolumeSize\":30,\"DeleteOnTermination\":true}}]" \
--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=kZRaDCtdUIiFv9ApVmSX},{Key=tutorial,Value=kZRaDCtdUIiFv9ApVmSX}]' 'ResourceType=volume,Tags=[{Key=tutorial,Value=kZRaDCtdUIiFv9ApVmSX}]' \
--count 1REVERSE:
aws ec2 describe-instances --filters "Name=tag:tutorial,Values=kZRaDCtdUIiFv9ApVmSX" --query "Reservations[].Instances[].InstanceId" --output text
aws ec2 terminate-instances --instance-ids
- Get the ip of the instance.
$ aws ec2 describe-instances --filters "Name=tag:tutorial,Values=kZRaDCtdUIiFv9ApVmSX" --query "Reservations[*].Instances[*].PublicIpAddress" --output textpipenv installpipenv shell- Open inventory and add the ip of the machines in the specified sections.
make deploy.testor
make deploy.tasksmake deploy
** THE END **