AWS Developer Associate (DVA-C01) Review Material – CI/CD

Leave a Comment / AWS Review Notes / By

CodeCommit

  • A fully managed source control service.
  • AWS Git
  • Supports 2 types of connections:
    1. HTTPS
      • Need IAM to generate credentials
    2. SSH
      • Need IAM to upload SSH keys
  • IAM users need to have a IAM policy.
  • If you are connecting to CodeCommit and AWS using federated access, an identity provider, or temporary credentials, or if you do not want to configure IAM users or Git credentials for IAM users, you can set up connections to CodeCommit repositories in one of two ways:
    1. Install and use git-remote-codecommit (recommended).
    2. Install and use the credential helper included in the AWS CLI.
  • Notifications
    • Can be sent to either:
      • SNS
      • AWS Chatbot Slack
  • Triggers
    • Can be sent to either
      • SNS
      • Lambda
    • Events are limited to operational event

CodeDeploy

  • A service that automates code deployments to any instance, including EC2 instances and instances running on-premises, Lambda and ECS
  • EC2 and On-premise deployment requires an Agent
  • Can deploy a nearly unlimited variety of application content, including:
    • Code
    • Serverless AWS Lambda functions
    • Web and configuration files
    • Executables
    • Packages
    • Scripts
    • Multimedia files
  • Concepts:
    • Application – simply a name or container used by Code Deploy to ensure that the correct revision, deployment configuration, and deployment group are referenced during a deployment. 
    • Deployment Configuration: a set of rules and success and failure conditions used by CodeDeploy during a deployment.
    • Deployment Group: contains settings and configurations used during the deployment. Each application deployment uses one of its deployment groups.
      • Use tags to identify who is in the group.
    • Revision: contains a version of the source files CodeDeploy will deploy to your instances or scripts CodeDeploy will run on your instances.
    • Deployment: the process, and the components involved in the process, of installing content on one or more instances.
      • In-place deployment:
        • If EC2 is in an ASG, the new EC2 will get the new version.
      • Blue/green deployment
        • If EC2 new ASG will be created.
    • IAM Role:
      • Require service role
      • EC2 service role for the Agent.
  • AppSpec File:
    • Is a YAML -formatted or JSON-formatted file used by CodeDeploy to manage deployment.
    • EC2/On-Prem:
      • must be a YAML-formatted file named appspec.yml
      • must be placed in the root of the directory structure of an application’s source code.
      • Structure:
        • version
        • os – the operating system value of the instance to which you deploy
        • files –  specifies the names of files that should be copied to the instance during the deployment’s Install event
        • permissions – specifies how special permissions, if any, should be applied to the files in the files section
        • hooks – (See AppSpec ‘hooks’ section.)
    • Lambda:
    • ECS:
  • Rollbacks are actually new deployment using the old version of the code
  • Notifications:
    • Events trigger notifications e.g. Started, Failed)
    • Targets can be:
      • SNS
      • AWS Chatbot

CodePipeline

  •  A fully managed continuous delivery service that helps automate release pipelines for fast and reliable application and infrastructure updates.
  • CodePipeline automates the build, test, and deploy phases of your release process every time there is a code change, based on the release model you define.
  • Requires an IAM role
  • Pipelines:
    • A workflow construct that describes how software changes go through a release process.
    • Stages:
      • Each pipeline is made up of a series of stages
      • A logical unit that isolates an environment and limits the number of concurrent changes in that environment.
      • Actions:
        • Each stage contains one or more actions.
        • If there are multiple actions the runOrder must be specified (actions can be sequential or parallel). Action group refers to a run order of one or more actions at the same level
        • Actions are performed on an artefacts
        • Valid actions are:
          1. source
          2. build
          3. test
          4. deploy
          5. approval
          6. invoke
    • Executions:
      • A set of changes released by a pipeline
      • Valid execution status:
        1. InProgress
        2. Stopping
        3. Stopped
        4. Succeeded
        5. Superseded
        6. Failed.
    • Transition:
      • The point where a pipeline execution moves to the next stage in the pipeline
      • Can be enabled/disabled
  • Notifications:
    • Events trigger notifications e.g. Started, Canceled, Failed)
    • Targets can be:
      • SNS
      • AWS Chatbot

CodeBuild

  • A fully managed build service that compiles source code, runs tests and produces software packages that are ready to deploy.
  • No need to provision, manage and scale your own build servers.
  • Build Project:
    • It is the main input to CodeBuild
    • Includes the following information:
      • How to run a build
      • Where to get the source code
      • Which build environment to use
      • Which build commands to run
      • Where to store the build output
    • Build Spec:
      • A collection of build commands and related settings, in YAML format, that CodeBuild uses to run a build.
      • Can be defined in the build project or included directly in the source code (default is buildspec.yml)
      • Contains the following:
        • version – Required.
        • run-as – Specifies a Linux user that runs commands. Optional
        • env – Custom environment variables. Optional.
        • proxy – Represent settings if you run your build in an explicit proxy server. Optional.
        • phases – Represents the commands CodeBuild runs during each phase of the build. Required.
        • reports – (See Reports)
        • artifacts –  Represents information about where CodeBuild can find the build output and how CodeBuild prepares it for uploading to the S3 output bucket. Optional.
        • cache – Represents information about where CodeBuild can prepare the files for uploading cache to an S3 cache bucket. Optional.
  • Build environment
    • Represents a combination of
      • operating system
      • programming language runtime
      • tools that CodeBuild uses to run a build.
    • A build environment contains a Docker image so need to specify the identifier of a Docker image in a supported repository type
  • Reports:
    • Can create reports in CodeBuild that contain details about tests that are run during builds such as unit tests, configuration tests, and functional tests.
    • report group contains test reports and specifies shared settings.
  • Any outputs stored in an S3 bucket
  • Logs can be stored in S3 or CloudWatch
  • CodeBuild scales automatically to meet peak build requests.
  • Notifications:
    • Events trigger notifications e.g. Started, Failed)
    • Targets can be:
      • SNS
      • AWS Chatbot

CodeStar

  • Enables users to quickly develop, build, and deploy applications on AWS.
  • It provides a unified user interface, enabling you to easily manage your software development activities in one place.

CodeArtifact

  • A fully managed artefact repository service.

X-Ray

  • Helps developers analyze and debug distributed applications in production or under development, such as those built using a microservices architecture.
  • It can understand how the application and its underlying services are performing so the root cause of performance issues and errors can be identified and troubleshoot.
  • It provides an end-to-end view of requests as they travel through your application, and shows a map of your application’s underlying components. 
  • AWS X-Ray receives data from services as segments. X-Ray then groups segments that have a common request into traces. X-Ray processes the traces to generate a service graph that provides a visual representation of your application.
  • Enabling X-Ray:
    • Code must be instrumented using SDK
    • X-Ray daemon must be installed on EC2, ECS as a container or sidecar or on a local machine.
      • If ECS uses Fargate then using a sidecar is the only option.
    • Lambda and other AWS services are already running the daemon
    • Services must have the right IAM to write to X-Ray
  • Concepts:
    • Segments – data sent to X-Ray that contain information about the work resource has done.
    • Subsegments – provide more granular timing information and details about downstream calls that your application made to fulfil the original request.
    • Service graph – a JSON document that contains information about the services and resources that make up your application
    • Traces – collects all the segments generated by a single request. A trace ID is used to track the path of a request through the application.
    • Sampling – a sampling algorithm to determine which requests get traced. Default to 1st request/sec and 5% of additional request.
    • Annotations –  simple key-value pairs that are indexed for use with filter expressions
    • Metadata – key-value pairs with values of any type, including objects and lists, but that are not indexed.
  • Instrumentation:

CodeGuru

Deployment Summary

Deployment TypeAWS ServiceNotes
Blue/Green(1) EC2 in ASG via CodeDeploy
(2) ECS		(2) via CodeDeploy
Canary(1) Lambda via SAM and CodeDeploy
(2) ElasticBeanStalk
(3) API Gateway		(1) E.g. 10% X Minutes. Traffic is shifted in two increments.
Immutable(1) ElasticBeanStalk
Rolling Update(1) ElasticBeanStalk
(2) ECS
Rolling with Additional Batch(1) ElasticBeanStalk
In-Place(1) EC2 in ASG via CodeDeploy
Linear(1) Lambda via SAM and CodeDeploy(1) E.g. 10% every X Minutes
All at once(1) Lambda via SAM and CodeDeploy
(2) ElasticBeanStalk

Leave a Comment

Your email address will not be published. Required fields are marked *