Story ….
Create IAM group with policy below, say grp-code-deploy
AmazonS3FullAccess
AWSCodeDeployFullAccess
Create a user with user group just set, codedeploy-bitbucket, as this example use bitbucket as repository hub
Save csv file, key pair for later use
Next, Create an S3 bucket which store the source code deploy from bitbucket
Enter bucket name
default options
Create IAM Role to associate with the code deploy, choose EC2 as we now configure code deploy to EC2
Add permission policies AWSCodeDeployRole and AmazonS3FullAccess
Input the role name your want and create, e.g. “role-code-deploy-ec2”, then submit and role created.
Next, click the role just created in role list, and navigate to Trust relationships tab, Edit trust relationship and edit JSON as below
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"ec2.amazonaws.com",
"codedeploy.amazonaws.com",
"codedeploy.ap-southeast-1.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}
Suppose you have an EC2 instance, e.g. an Ubuntu 18.04 server,
Go to EC2 console page and modify IAM Role
Or create new instance and set IAM role during initialising instance
Setup Code Deploy in Application level
Go to Developer Tools > CodeDeploy > Application, you can search in Console by typing “CodeDeploy”
Input Application name, and choose Compute platform as EC2/On-premises
Next under this application, create deployment group
Enter information, deployment group name, as you want and Service Role, which is the iam role made before
Environment configuration
Select Amazon EC2 instances, by typing Key = Name, and the tag (optional) which code will deploy to
Agent configuration with AWS Systems Manager
I choose Never as next session, I will describe how to install agent manually.
Deployment settings
Choose CodeDeployDefault.AllAtOnce
Load balancer
Disable load balancing
Rollbacks
Disable rollbacks
Install CodeDeploy Agent manually in EC2
Refer to AWS official guideline, https://docs.aws.amazon.com/codedeploy/latest/userguide/codedeploy-agent-operations-install-ubuntu.html
Now we are using ubuntu 18.04, ssh to EC2, then install below
sudo apt-get install rubysudo apt-get install wget
then go to your user folder
cd /home/{user}
then input command below to install agent
As this example use Singapore region, i.e.
wget https://aws-codedeploy-ap-southeast-1.s3.ap-southeast-1.amazonaws.com/latest/install
Change mod of install
chmod +x ./install
Install latest version of CodeDeploy
sudo ./install auto
Deploy file locate at
/opt/codedeploy-agent
Log file locate at
/var/log/aws/codedeploy-agent
Setup Bitbucket Pipeline
First enable pipeline
Define Deployment variables
Base on different environment, to define variables used, the environment name need to be the same as the environment name in bitbucket-pipeline.yml. below are the Name
DEPLOYMENT_GROUP
APPLICATION_NAME
S3_BUCKET
AWS_DEFAULT_REGION
AWS_SECRET_ACCESS_KEY // the s3 secret access key we made in IAM
AWS_ACCESS_KEY_ID // the s3 access key we made in IAM
Troubleshooting
If sometime / initial deploy not works, hangs, you can restart the agent
sudo service codedeploy-agent restart