AWS CodeDeploy Operations: Difference between revisions
(2 intermediate revisions by the same user not shown) | |||
Line 4: | Line 4: | ||
=Create an Application= | =Create an Application= | ||
An AWS CodeDeploy application can be automatically created when defining an ECS service and selecting a [[Amazon_ECS_Operations#Deployment_type|Blue/Green deployment type]]. | |||
==Application Configuration== | ==Application Configuration== | ||
Line 18: | Line 20: | ||
{{Internal|AWS CodeDeploy Concepts#Deployment_Group|Deployment Group}} | {{Internal|AWS CodeDeploy Concepts#Deployment_Group|Deployment Group}} | ||
==Prerequisites== | |||
If this deployment group is intended to serve an ECS cluster service, the service must be creates in advance and the fact that AWS CodeDeploy will handle deployments must be known to the service at creation time. Capability of a service to use AWS CodeDeploy deployments is defined at the service deployment configuration phase, as shown here: "[[Amazon_ECS_Operations#Deployment_type|ECS Operations - Service Configuration]]". | |||
==Application== | ==Application== |
Latest revision as of 19:46, 28 February 2019
Internal
Create an Application
An AWS CodeDeploy application can be automatically created when defining an ECS service and selecting a Blue/Green deployment type.
Application Configuration
Application name
Compute platform
Amazon ECS.
Create a Deployment Group
Prerequisites
If this deployment group is intended to serve an ECS cluster service, the service must be creates in advance and the fact that AWS CodeDeploy will handle deployments must be known to the service at creation time. Capability of a service to use AWS CodeDeploy deployments is defined at the service deployment configuration phase, as shown here: "ECS Operations - Service Configuration".
Application
Deployment Group Name
themyscira-unity-deployment-group
Service Role
First create a service role with CodeDeploy permissions that grants AWS CodeDeploy access to the target instances. This is how to crate a Service Role:
Name: "themyscira-unity-codedeploy-role"
After creation, which can be done through a standard IAM wizard, it contains an AWSCodeDeployRoleForECS policy that looks like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ecs:DescribeServices",
"ecs:CreateTaskSet",
"ecs:UpdateServicePrimaryTaskSet",
"ecs:DeleteTaskSet",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:DescribeListeners",
"elasticloadbalancing:ModifyListener",
"elasticloadbalancing:DescribeRules",
"elasticloadbalancing:ModifyRule",
"lambda:InvokeFunction",
"cloudwatch:DescribeAlarms",
"sns:Publish",
"s3:GetObject",
"s3:GetObjectMetadata",
"s3:GetObjectVersion"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"iam:PassRole"
],
"Effect": "Allow",
"Resource": "*",
"Condition": {
"StringLike": {
"iam:PassedToService": [
"ecs-tasks.amazonaws.com"
]
}
}
}
]
}
Environment Configuration
Chose an ECS cluster name
Chose an ECS service name
Load balancers
Chose a load balancer
Production listener port
Test listener port
Target group 1 name
Target group 2 name
Deployment Settings
Traffic rerouting
Reroute the traffic immediately.