little-service is a single Docker container with everything needed for quick cloning and deployment to EBS, including:
- Django on Python, with support for MySQL connections
- Celery/Redis
- Support for HTTPS and secrets
- Identical development, testing, and production environments
- Built with rapid iteration, flexibility, and extensibility in mind
A longer description of the motivation is available here.
- Figure out Docker network optimization, with a container for MySQL for local development.
- Separate file location for persistent MySQL database for local development.
- Shell features, both at the container and application level.
- Smarter healthcheck to wait for database readiness on start.
- Front-end / integration tests.
- Django Admin.
- Test artifacts/reporting.
- Integration tests.
- API / login auth / general security.
- Create a local MySQL database:
mysqladmin -u root create little-service-db. - Build the web server and run it locally:
make
- Go to http://127.0.0.1:88/ - You should see the number under "Hello, World" increment with every refresh.
Code changes will automatically trigger Django's server restart.
docker exec -it $(docker ps -q) bash
ssh -i ~/.ssh/production.pem ec2-user@
source attach
- Go to CircleCI, click on "Projects" in the sidebar.
- Click "Add Projects".
- You should see the new repo in the list - this is based on Github. Click "Setup Project".
- Default OS is Linux, platform is 2.0, language is Python. Make these selections and click "Start building" at the bottom of the page.
- Then you should see your dummy unit test pass.
- Create an RDS instance, on the RDS dashboard. Add credentials to
config/environments/ebs.py. - The database needs a security group that allows traffic in and out, if it's in a VPC.
- There are also steps needed to make the RDS utf8mb4 to support Unicode, with instructions to be written.
- Go to EC2 Container service.
- Click "Create repository" button. Name your repo the name of your project.
- Click done.
- Now you should see the repo ARN and URI. This is where the Docker images go. The URI will look something like this:
###########.dkr.ecr.us-west-2.amazonaws.com/stats-service.
- Go to AWS CodePipeline, and click "Create pipeline".
- Call the pipeline the name of your project.
- Select Github as the source on the next page.
- It will allow you to connect to Github and choose your repository and branch.
- On the next page, select "AWS CodeBuild" as your Build provider.
- Configure your project. Select "Create a new build", use your project name.
- Environment/how to build. Select "Use an image managed by AWS CodeBuild", Operating System "Ubuntu", Runtime "Docker", Version "aws/codebuilder/docker:1.12.1", Build specification "Use the buildspec.yml in the source code root directory".
- AWS CodeBuild service role should be "Create a service role in your account". Name role something like
code-build-stats-service-role. - Under Advanced, it's really important to check "Privileged - Enable this flag if you want to build Docker images or want your builds to get elevated privileges". You probably don't need to change timeout. Compute type may vary depending on the project.
- Add following environment variables according to the URI from Elastic Container Service above:
name value type
IMAGE_REPO_NAME stats-service plaintext
AWS_ACCOUNT_ID ########### plaintext
IMAGE_TAG latest plaintext // this is not from the URI, just default
AWS_DEFAULT_REGION us-west-2 plaintext
- Now we can save the build project! After it's saved, we can do "Next Step". Choose "No Deployment" for now.
- AWS Service Role: there should be a default one (AWS-CodePipeline-Service).
- Click Create pipeline.
- Go to IAM, and find the role from step 8 in Roles. Under "Attach Policy", check "AmazonEC2ContainerRegistryPowerUser" and add it.
- Go to Elastic Beanstalk, and click "Create new application" on the top right.
- Create an environment for your new application.
- Choose Web server environment.
- Environment name example: "little_service-production", domain name example: "little_service".
- Platform is "preconfigured platform", "Docker."
- "Sample application" is fine.
- Then do "Configure more options."
- "Low cost" is fine.
- Create environment.
- You should be at All Applications > little_service > little_service-production. Wait a little bit for AWS to provision all the resources for you.
- Now you should see a dashboard with an Environment ID and a URL. If you go to that URL, you should see a template AWS page.
- Go back to AWS CodePipeline, and under Source and Build add stage "Deploy". Add an action with Action category "Deploy" and name "deploy". Deployment provider is Elastic Beanstalk. Choose your service from the dropdowns. Input artifacts can be default "MyAppBuild." Add action, save pipeline.
- To test it, click "Release Change." If you want to look at the progress, you can go to CodeBuild and select your project. And then click on the project under Build Run.
- Use https://letsencrypt.org/ as the CA.
wget https://dl.eff.org/certbot-autochmod +x certbot-auto./certbot-auto --no-bootstrap certonly- Use option 2, "Spin up a temporary webserver (standalone)", and input the service's domain name.
sudo aws s3 cp /etc/letsencrypt/live/little-service.us-west-2.elasticbeanstalk.com/fullchain.pem s3://service-keys/little-service/sudo aws s3 cp /etc/letsencrypt/live/little-service.us-west-2.elasticbeanstalk.com/privkey.pem s3://service-keys/little-service/- Redeploy from CodePipeline, and it should work.
- To acquire:
aws s3 cp s3://service-keys/little-service/ebs_secrets.py server/config/secrets/ebs_secrets.py. - To update:
aws s3 cp server/config/secrets/ebs_secrets.py s3://service-keys/little-service/ebs_secrets.py.
This is automatically pulled in by CodeBuild when building the container.
- Delete the Application from Elastic Beanstalk.
- Delete images from EC2 Container Service.