AWS CodeDeploy Bitbucket

User must have the following permissions for createing a deployment automation.

1) AmazonEC2FullAccess - AWS Managed policy

2) IAMFullAccess - AWS Managed policy

3) AmazonEC2RoleforAWSCodeDeploy - AWS Managed policy

4) AmazonS3FullAccess - AWS Managed policy or atleast full access for 1 bucket

5) AutoScalingNotificationAccessRole - AWS Managed policy

6) AWSCodeDeployFullAccess - AWS Managed policy

7) AWSCodeDeployRole - AWS Managed policy

8) AWSCodePipelineFullAccess - AWS Managed policy

Step 1: Create two IAM roles one for instance purpose and another for service purpose.

i) IAM roles one for Instance Purpose :

Go to IAM roles, click on Create New Role, Enter Role Name as you like ex: “Cdinstancerole” , Click on Next step. In AWS Service Roles select amazon EC2

add or attach the following policy :

1)amazonEC2RoleforAWSCOdeDeploy

2)AutoScalingNotificationAccessrole

Click on Next button, review your information and click on “Create Role”

Please find the below images, step by step to create IAM roles

Enter your Role Name

Slect Role Type as Amazon EC2

Select Policy required for Instance Role as mentioned above. Here we require two policy

Review your data and Create Instance Role

Similarly Create another role for Code Deploy Service

ii) IAM roles one for Service Purpose :

Go to IAM roles, click on Create New Role, Enter Role Name as you like ex: “Cdservicerole” , Click on Next step. In AWS Service Roles select amazon EC2

add or attach the following policy :

1) AwsCodeDeployRole

Click on Next button, review your information and click on “Create Role”

Click on the service role, go to Trust Relationship, click on edit trust relationship and replace the following code “ "Service": "ec2.amazonaws.com" ” to “ "Service": "codedeploy.amazonaws.com" ”

Select Role Type as Amazon EC2

Select Policy required for Service Role. Here we require only policy

Review your data and Create Service Role

Select Service Role click on

Click on Trust relationship

Change “service”: “ec2.amazonaws.com” to “service”: “codedeploy.amazon.com”

Now Two IAM Roles are created.

Step 2: Attach Instance role to EC2 Instance.

We can attach Instance role to EC2 instance in two ways

1) Attaching Instance role to Existing Instance.

2) Attaching Instance role to new Instance.

1) Attaching Instance role to Existing Instance.

Slecet your instance under actions select Instance Settings > Attach/Replace IAM role.

Select Instance IAM role & click on apply.

2) Attaching Instance role to new Instance.

While creating a new instace In step3: Configure Instance Under IAM role need to select instance role and create your instance as usually.

Step 3: Install CodeDeploy Agent in your Instance

Login to your instance as root user and execute the following commands. Or crete a codedeploy.sh file and add the below content and run the file ./codedeploy.sh or bash codedeploy.sh

For Linux Instance :

yum -y update

yum install ruby wget -y

yum install httpd

cd /home/ec2-user

wget https://aws-codedeploy-us-east-1.s3.amazonaws.com/latest/install

chmod +x ./install

./install auto

For Ubuntu Instance :

sudo apt-get update

sudo apt-get install apache2

sudo apt-get install python-pip

apt-get install -y ruby2.0

sudo apt-get install wget

cd /home/ubuntu

wget https://aws-codedeploy-us-east-1.s3.amazonaws.com/latest/install

chmod +x ./install

sudo ./install auto

Note: change “us-east-1” as per your avalibility zone

To verify the AWS CodeDeploy agent is running In Amazon Linux or RHEL or Ubuntu

sudo service codedeploy-agent status

or

ps -ef | grep code*

If you see a message like error: No AWS CodeDeploy agent running, start the service and run the following two commands, one at a time:

sudo service codedeploy-agent start

sudo service codedeploy-agent status

Step 4: Creating Simple Notification Service

In AWS Service, Under Messaging Topic select Simple Notification Service.

Create Topic :

Under SNS dashboard Click on Create Topic, A popup will appear to create a new topic, Enter Topic Name and Display Name as your wish & click on Create Topic

Go to Topics section, select or click on your Topic ARN. Which contains information about your Topic. like

1. Topic ARN
2. Topic Owner
3. Region
4. Display Name

Create Subscription

In your Topic , Click on Create Subscriptions Or Click on Subscriptions in Left pannel then click on Create Subscription

When Click on Create Subscription, A popup will appear to create a Subscription.

Enter your Topic ARN(which crated in Step2). Select protocal as email and Endpoint as your Email ID & click on Create subscription.

A Subscription is created which is in Pending State. Once you verify Email or Confirm Subscription you will get Subscription ARN.

To Single topic you can add multiple number of subscriptions.

Step 5: Creating CodeDeploy Application

1. In AWS under service select codedeploy & click on Get Started Now if you are using this services 1^st time. Select Custom Deployment and click on Skip Walkthough

Or

If any application already exists click on Create Application

2. Under Create New Application add Applicaiton Name & Deployment Gruop name as your wish

ex: Application Name : CDstageapp

Deployment Group Name: Cdstageappgroup

3. Under Add Instances > Search by Tags select Amazon EC2 as Tag Type, Name as Key, Your Instance as Value

4. Under Deployment Configuration select “CodeDeployDefault.OneAtATime”

5. If you want to add any Email Triggers for any build sussfull deployment or failure

Click on Create Triger

Enter your Trigger Name, Select event type

Select your SNS Topic.

6. Under Rollbacks enable Roll back when a deployment fails (Optional)

finally click on “Create Application”

7. Under Service Role select “servicerole” which we created in step 1

https://wiki.pheonixsolutions.com/index.php?title=Special:Upload&wpDestFile=Vertopal_3f227c19cba54b2e8a147b2ce6fd31d0-media-image184.png

Finally Click on Crate Application. You will get “Congratulations! The application has been created ” with the following screen.

Step 6: Setting In Bitbucket

In your project folder, Go to settings, Under PIPELINES: settings and click on Enable Pipelines

Go to settings, Under PIPELINES: Environment Variables add the follwing.

Variable Name Value

APPLICATION_NAME cdbitapp (Application name as mentioned in step 2)

DEPLOYMENT_GROUP_NAME cdbitappgroup ( As mentioned in step 2)

DEPLOYMENT_CONFIG CodeDeployDefault.OneAtATime(As mentioned in step 2)

S3_BUCKET cdbit123 (s3 bucket name)

AWS_DEFAULT_REGION us-east-1 (Avalibility zone of your instance)

AWS_ACCESS_KEY_ID XXXXXXXX

AWS_SECRET_ACCESS_KEY XXXXXXXX (Enable this with secured and add)

Step 7: Files reuired for Deployment Automation.

In bitbucket we need to add three file to your repositroy for deployment automation.

1) appspec.yml

version: 0.0 (mandatory)

os: linux or windows

files sections: source path( from where the source code need to copy) & destion path (To where the source code need to be placed.)

Permissions section: while copying files to remote server. With which user name the files need to copied similary like group and mode etc..

hooks section: which contains 5 different sections. If you want to run scripts after deployment we use ValidateService.

2) bitbucket-pipelines.yml

where we need to mention branch name. So that once the code is merged to that particular branch. Build we be automatically triggered using bitbucket pipeline.

3) codedeploy_deploy.py

which is used to communicate between AWS & bitbucket.

Before deploying the code to your destinatoin server. Bitbucket Pipeline Service Creates an Artifacts (nothing but the zip file which contains all your source code). Stores that artificates in S3 Bucket as mentioned under settings>piplines>Environmental Variables. from S3 bucket it will deploy to your server.