[AWS] Jenkins, CodeDeploy로 AutoScaling Blue/green 배포 환경 구성
1. Architecture
1.1 Infra
1.2 Service
3. Requirements
- Configured VPC
- Jenkins server
- GitLab server
- AMI with CodeDeploy agent
4. Target Group
EC2 → Target groups → Create target group
Choose a target type: Instances
Target group name: prd-apn2-test-web-tg
Protocol: HTTP : 80
VPC: prd-apn2-test-vpc
Health checks: HTTP
Health check path: /
5. Security Group
5.1 Web Load Balancer
EC2 → Security Groups → Create security group
Security group name: prd-apn2-test-web-xalb-sg
Description: Allows HTTP and HTTPS to clients
VPC: prd-apn2-test-vpc
Inbound rules:
TCP: 80
, Source: 0.0.0.0/0
, Description: All open
Tages:
Key: Name
, Value: prd-apn2-test-web-xalb-sg
5.2 Web Auto Scaling Group
Security group name: prd-apn2-test-web-asg-sg
Description: Allows HTTP to Web Load Balancer
VPC: prd-apn2-test-vpc
Inbound rules:
TCP: 80
, Source: prd-apn2-test-web-xalb-sg
, Description: Allow HTTP to Web Load Balancer
6. ELB
EC2 → Load Balancers → Create Load Balancer
Load balancer types: Application Load Balancer
Load balancer name: prd-apn2-test-web-xalb
Scheme: Internet-facing
IP address type: IPv4
VPC: prd-apn2-test-vpc
Mappings: ap-northeast-2a(pub)
, ap-northeast-2c(pub)
Security Groups: prd-apn2-test-web-xalb-sg
Listeners and routing:
Protocol: HTTP
Port: 80
Default action: prd-apn2-test-web-tg
7. IAM
7.1 EC2
IAM → Roles → Create role
Trusted entity type
-
AWS service
Use case
Common use cases:
EC2
Add permissions: AmazonEC2RoleforAWSCodeDeploy
Role name:
EC2TestWebASGCodeDeployRole
7.2 CodeDeploy
7.2.1 Policy
IAM → Policy → Create Policy
JSON
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "iam:PassRole", "ec2:CreateTags", "ec2:RunInstances" ], "Resource": "*" } ] }
Name: AWSCodeDeployRoleForAutoScaling
7.2.2 Roles
IAM → Roles → Create role
Trusted entity type
-
AWS service
Use case
Use cases for other AWS services: CodeDeploy
Add permissions
Set permissions boundary - optional
- Create role without a permissions boundary
Name, review, and create
Role name:AWSCodeDeployRoleForAutoScaling
Permissions → Add permissions → Attach policies
AWSCodeDeployRoleForAutoScaling 적용 확인
7.3 Jenkins
IAM → Users → Add users
Username: JenkinsForCodeDeploy
Select AWS credential type
- Access key - Programmatic access
Set permissions
Attach existing policies directly:AWSCodeDeployFullAccess
,AmazonS3FullAccess
8. AMI
Create an AMI from an Amazon EC2 Instance
Image name: prd-apn2-test-web-ami
9. Launch templates
EC2 → Launch Templates
Launch template name: prd-apn2-test-web-template
Application and OS Images (Amazon Machine Image) - required
MY AMI: prd-apn2-test-web-ami
Instance type:
t2.micro
key pair name: prd-test-web-ec2-key
Subnet: Don’t include in launch template
Security groups:
prd-apn2-test-web-asg-sg
Configure storage: 1x
30GiB
,gp2
Root volume
Advanced details
IAM instance profile:EC2TestWebASGCodeDeployRole
10. Auto Scaling
EC2 → Auto Scaling groups
Auto Scaling group name: prd-apn2-test-web-asg
Version:
Latest
VPC: prod-apn2-test-vpc
Availability Zones and subnets:
prd-apn2-test-pri-2a
,prd-apn2-test-pri-2c
- Attach to an existing load balancer
- Choose from your load balancer target groups
Existing load balancer target groups:
prd-apn2-test-web-tg
Group size
Desired capacity: 2
Minimum capacity: 2
Maximum capacity: 4
Scaling policies
- Target Tracking scaling policy
Scaling policy name:Target Tracking Policy
Metric type:Average CPU untilization
Target value:40
Instances need:300
Add notifications
Add tags
Key:Name
Value - optional:prd-apn2-test-web-asg
11. CodeDeploy
11.1 Application
CodeDeploy → Applications → Create application
Application name: test-web
Compute platform:
EC2/On-premises
11.2 Deployment Groups
Deployment Groups → Create deployment group
Enter a deployment group name:
prd-test-web
Service role
Enter a service role:arn:aws:iam::400450079911:role/AWSCodeDeployRoleForAutoScaling
Deployment type
Choose how to deploy your application:Blue/green
Environment configuration
Automatically copy Amazon EC2 Auto Scaling group
prd-apn2-test-web-asg
Deployment settings
Traffic rerouting:Reroute traffic immediately
Choose whether instances in the original environment are terminated after the deployment is succeeds, and how long to wait before termination
Terminate the original instances in the deployment group
Days:0
/ Hours:0
/ Minutes:10
Deployment configuration:CodeDeployDefault.AllAtOnce
Load balancer
- Application Load Balancer or Network Load Balancer
Choose a target group:prd-apn2-test-web-tg
12. S3
S3 → Buckets → Create bucket
General configuration
Bucket name: test-jenkins-deploy-s3
AWS Region: ap-northeast-2
Object Ownership
Object Ownership: ACLs disabled (recommended)
Block Public Access settings for this bucket
- Block all public access
Bucket Versioning
Bucket Versioning: Disable
Default encryption!
S3 → Buckets → Create bucket
General configuration
Bucket name: test-jenkins-deploy-s3
AWS Region: ap-northeast-2
Object Ownership
Object Ownership: ACLs disabled (recommended)
Block Public Access settings for this bucket
- Block all public access
Bucket Versioning
Bucket Versioning: Disable
Default encryption!
13. Jenkins
13.1 Setting Up the Jenkins Plugin for AWS CodeDeploy
13.2 Pipeline
Choose New Item Freestyle project
Enter a name for the project:
test-web-prd
Post-build Actions:
Deploy an application to AWS CodeDeploy
Deploy an application to AWS CodeDeploy
AWS CodeDeploy Application Name:test-web
AWS CodeDeploy Deployment Group:prd-test-web
AWS CodeDeploy Deployment Config:CodeDeployDefault.AllAtOnce
AWS Region:AP_NORTHEAST_2
S3 Bucket:test-jenkins-deploy-s3
Include Files:dist/**, scripts/*.sh, nginx.conf, appspec.yml
Use Access/Secret keys
AWS Access Key:{AWS Access Key}
AWS Secret Key:{AWS Secret Key}
14. Checking Deploy Process
14.1. Jenkins Build
Build Now
14.2. S3 Build File
Build Now
Check if the file built on S3 has been successfully uploaded.
Download uncompress the file, then you'll see the files that you uploaded as Include Files.
14.3. Checking CodeDeploy
CodeDeploy → Deployments → Deployment history
14.4. Checking Target groups
EC2 → Target Groups
Check the Health status
14.4. Checking ALB
Copy the DNS name address and test if you can access the website with the address.
Author And Source
이 문제에 관하여([AWS] Jenkins, CodeDeploy로 AutoScaling Blue/green 배포 환경 구성), 우리는 이곳에서 더 많은 자료를 발견하고 링크를 클릭하여 보았다 https://velog.io/@bellnine/AWS-Jenkins-CodeDeploy로-AutoScaling-Bluegreen-배포-환경-구성저자 귀속: 원작자 정보가 원작자 URL에 포함되어 있으며 저작권은 원작자 소유입니다.
우수한 개발자 콘텐츠 발견에 전념 (Collection and Share based on the CC Protocol.)