AWS Elastic BeanStalk
Elastic Beanstalk Deployment Blue / Green
- not directly a feature of elastic beanstalk -zero downtime and release facility -create new stage environment and deploy v2 there -new environment (green) can be validated independently and roll back if issues -Route 53 can be setup using weighted policies to redirect a little bit of traffic to stage env -using beanstalk "Swap URLs" when done with env test
Beanstalk Deployment Options for Updates
-All at once: fastest but downtime -Rolling: update few instances at a time then move to next once first is healthy -Rolling with addition batches: like rolling, but spins new instances to move the batch -Immutable: deploys to new instances in new ASG, once all done swaps all instances when everything is healthy
Elastic Beanstalk - Custom Platform
-Allow you to define following from scratch --OS --Additional softwares --scripts that beanstalk use on these platforms -Use case: app language is incompatible with Beanstalk and does not use Docker -To create your own platform: --define an AMI using Platform.yml --Build that platform using Packer software -Custom Platform vs Custom Image: --Custom image is to tweak existing platform(Python, NodeJS) --Custom Platform is to create an entirely new Beanstalk platform.
Components of BeanStalk
-Application: Your code -• Application version: each deployment gets assigned a version -• Environment name (dev, test, prod...): free naming
ElasticBeanstalk Cloning
-Clone an existing env -Useful to clone test version of existing app -All resources and configs are preserved --LB type and config --RDS DB type(Data is not preserved) --Env variable -After cloning you can change config Simply select the env and click on options to clone the env. Only couple of things like name, platform versions can be updated while cloning but then once it is cloned you can edit.
Elastic BeanStalk Migration: Decouple RDS
-Create snapsjot of RDS DB -Go to RDS console and protect RDS from deletion -Create new Elastic Beanstalk env without RDS and point your app to existing RDS -perform CNAME swap(blue/green or route 53 update) -Terminate the old env(RDS wont delete as delete protection is on) -Delete cloudformation stack
Elastic Beanstalk Overview
-Managed service --• Instance configuration / OS is handled by Beanstalk --• Deployment strategy is configurable but performed by Elastic Beanstalk --• Just the application code is the responsibility of the developer -• Three architecture models: --• Single Instance deployment: good for dev --• LB + ASG: great for production or pre-production web applications --• ASG only: great for non-web apps in production (workers, etc..)
Elastic BeanStalk - Multi Docker Container
-Muti Docker helps to run multiple containers per EC2 in EB -This will create: --ECS Cluster --EC2 instances, configured to use ECS Cluster --LB(in high availability mode) --Task definitions -Requires a config Dockerrun.aws.json(v2) at the root of source code -Dockerrun.aws.json(v2) is used to create Task Definition -Your docker image should be built and stored in ECR/DockerHub
RDS with BeanStalk
-RDS can be configured with BeanStalk which is good for dev an test -Not good for Prod as DB lifecycle gets tied to Beanstalk lifecycle -separate beanstalk and DB creation and provide our EB app with connection string
Elastic Beanstalk - Single Docker
-Run app on single docker container -either provide --Dockerfile: Elastic Beanstalk will build and run the docker container. --Dockerrun.aws.json(v1): Describe where already built Docker image is ---image ---Ports ---Volumes ---Logging BeanStalk is single Docker Container and does not have ECS
Elastic BeanStalk Migration: Load Balancer
After creating Elastic Beanstalk you cannot chamhe LB -To migrate: --Create new env with same config except LB(you cant clone as it will clone same LB type) --deploy app to new env --perform CNAME swap or route 53 update
Elastic BeanStalk Deployment Hands On
-Select the environment -Go to Configuration -Click Application Deployment -Here you will select either All at once, Rolling, Rolling batches, Immutable with % of instance or number of instances Once all this is done, now we can deploy a new version of the app. -You already have an app running, -You edit the code and zip it. -Click on Upload and Deploy in the environment. -You upload the zip file -It will ask what kind of deployment you want: All at once, Rolling, Rolling with Batch or Immutable -If you select immutable, you can see in the Events tab that it will create temporary ASG with that many instances and deploy the app there -then it will move instance in the first ASG. -Then deployment will complete -After this you can do Blue Green Deployment -Select the one environment(you have dev and prod) and swap the URL -Basically this is a CNAME operation(Route53 is involved) -Now Prod URL will start pointing to Dev and vice versa
Elastic BeanStalk Under the Hood
-Use Cloud Formation -CloudFormation is for creating other AWS resources -Define CloudFormation resources in .ebextensions to provision ElastiCache, S3 Bucket anything you want
Web Server vs Worker Env
-for any long tasks use Worker Env -Decoupling your app into 2 tiers -fro example: processing a video, generating a zip -you can define periodic tasks in a file cron.yml
BeanStalk Lifecycle Policy
-keep 1000 app versions -if not removed, new wont get deloyed -to phase out, have lifecycle Policy --based on time --based on space -current versions are not deleted -no option to delete source bundle in S3
How BeanStalk works
-you deploy the application version to environment and can promote application version to the next environment. -rollback feature to previous application version -full control over life cycle of environment
Elastic BeanStalk and HTTPS
BeanStalk with HTTPS: -Idea: Load SSL cert onto the LB -Can be done from Console(EB Console, LB Config) -Can be done with code: .ebextension/securelistener-alb.config -Certs can be provisioned using ACM or CLI -Must configure a security group rule to allow incoming port 443 BeanStalk redirect HTTP to HTTPS -Configure your instance to redirect HTTP to HTTPS -Or configure the ALB with a rule -Make sure health checks are not redirected
Things that are done behind Beanstalk
Check the ASG Check the Load Balancer Check the instances that are running Check S3 buckets Target group Security Group
elastic beanstalk environment
You Can create multiple envs for your app. Go to Application, Click Create Environment Select it as Web app Give name and platform info like NodeJS -You can Select more option 1. Software: Log storage in s3, XRay, CloudWatch Logs 2. Instance: EC2 details 3. Capacity: ASG is here 4. Load Balancer: 5: Rolling Updates 6. Security 7. Monitoring 8. Managed Updates 9. Notifications 10. Network 11. Database
ElasticBeanStalk CLI
called EB CLI ebcreate • ebstatus • ebhealth • ebevents • eblogs • ebopen • ebdeploy • ebconfig • ebterminate Useful when you automate deployment pipelines
Elastic beanstalk hands on
there are basically two things when you create elastic beanstalk app 1. Environment 2.Application
