[DOCKER] [AWS] How to automatically deploy a Web application created with Rails 6 to ECR / ECS using CircleCI ① Preparation [Container deployment]

We have succeeded in container-deploying the Rails application created by personal development using CircleCI, so I will write it here as a memorandum. (Also, as soon as the Readme etc. are ready, we will introduce the actual application in another article.)

Also, I am currently using windows10, and if you are a mac, please replace it as needed. However, I think that the other things are the same except that the installation method of aws-ecs-cli is different. (It took a little time to install on windows.)

Also, since the author dares to set the AWS console language in English, I think that it is easier to proceed with this article if you set it in English. (It is recommended because the name of the command in AWS CLI matches the English notation of the console.)

Target person

--People who have an AWS account --People who already have Rails apps that have been converted to Docker and want to take on the challenge of incorporating AWS and CI / CD tools into their infrastructure. --People who want to incorporate the above technology into their job hunting portfolio --People who are interested in AWS --People who are in trouble because there is no article on windows on mac

Prerequisite knowledge

--Basic knowledge about infrastructure such as VPC and subnet --Basic knowledge of CircleCI and Docker

Configuration aimed at in this article

Untitled Diagram-Copy of Page-1 (1).png

Aim for the above configuration.

To explain the actual flow in words,

① Push to Github (Only automatic test and Rubocop are executed except for the master branch.) (2) CircleCI detects push and starts building. ③ After passing RSpec and Rubocop, the docker image will be built and pushed to ECR. (4) Use the latest Docker image to update the ECS task definition (which almost defines how to start the docker container, like docker-compose.yml). ⑤ EC2 instance is started and deployment is completed.

Also, of course, the personally developed application that I actually created is SSL-enabled using Route53 and ACM, and I had a lot of trouble here, so I will write it again as a separate article. Be sure to do SSL because it is indispensable for actual operation.

environment

Preparation

In the preparation section, we will do four main things.

--Installing tools --Create an IAM user and grant execute permission (called a policy) --aws configure settings --Creating a key pair

Install the tool

Install the following two.

If you are using windows, you can install it by referring to this article. I was able to install it this way.

With these tools, you can create VPCs, subnets, clusters, push to ECR, redefine tasks, etc. from your terminal without having to mess around with the console.

Create IAM

Log in to the console, select service, search for IAM and click. スクリーンショット 2020-11-15 234007.png Click Users, then click Add user スクリーンショット 2020-11-15 234204.png Click Attach existing policies on the far right and attach the following two policies.

スクリーンショット 2020-11-15 234511.png If you can confirm that it is attached as set on the confirmation screen, click Create user スクリーンショット 2020-11-15 234545.png Then, the access key and secret key will be created on the next screen. I think that a button like download will be displayed in csv, so click it and save the information.

** It seems that there are cases where you accidentally pushed your secret access key to git and received millions of bills from Amazon, so be careful when handling it. ** **

Add policy (authorization)

Earlier, I added this policy, but this alone will cause an error around the authority when executing the ecs-cli command, so I will add it separately.

From the IAM console, select Policies and then Create Policies. Click the Json tab on the screen and enter the code below.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "iam:AttachRolePolicy",
                "iam:AddRoleToInstanceProfile",
                "iam:CreateInstanceProfile",
                "iam:CreateRole",
                "iam:DeleteInstanceProfile",
                "iam:DeleteRole",
                "iam:DetachRolePolicy",
                "iam:PassRole",
                "iam:RemoveRoleFromInstanceProfile",
                "ec2:DeleteInternetGateway",
                "ec2:DeleteSecurityGroup",
                "ec2:DeleteRouteTable"
            ],
            "Resource": "*"
        }
    ]
}

After entering, click Review policy. スクリーンショット 2020-11-16 014135.png Enter a name and description of your choice and click Create policy. スクリーンショット 2020-11-16 014335.png

Next, give the created IAM user the newly created policy in ↑. Click Users, then click Add permissions スクリーンショット 2020-11-16 015106.png Click Attach existing policies directly and select the policy you just created スクリーンショット 2020-11-16 015146.png On the confirmation screen, click Add permissions if you have selected the correct policy. スクリーンショット 2020-11-16 015207.png

Run "aws configure" in the terminal

Run aws configure in your terminal with the --profile option. When you execute it, you will be asked interactively, so enter it correctly one by one.

$ aws configure --profile Created user name

AWS Access Key ID #Access key when created
AWS Secret Access Key #Secret access key when created
Default region name # ap-northeast-1 
Default output format # json 

When you execute aws configure, the .aws directory is automatically generated under your home directory, and information such as access keys is stored there as shown below, so please check it. (May not be completely together)

~/.aws/credentials


[username]
aws_access_key_id=AKIAIOSFODNN7AJDIFK
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/gkjkAKJDKJ
[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

~/.aws/config


[profile username]
region = ap-northeast-1
output = json
[default]
region = ap-northeast-1
output = json

Creating a key pair

Next, we will create a key pair.

Select Service → EC2 Console → key pair → Create key pair and enter an appropriate key pair name. Select .pem as the file extension and click Create key pair. スクリーンショット 2020-11-16 022846.png

When completed, the .pem file will be downloaded automatically. Execute the following command to move to the ".ssh" directory and change the permissions.

$ mv Downloads/sample-app.pem .ssh/
$ chmod 600 ~/.ssh/sample-app.pem

** This completes the preparation! Thank you for your hard work! ** ** The continuation is (2) I am currently writing an article for infrastructure construction! We will post it here as soon as the creation is completed, so please continue to support us! (I think I can raise it tomorrow)

Thank you for reading to the end!

It's been a long article, so if you have any suggestions, such as mistakes in the description, I would appreciate it if you could comment.

Recommended Posts

[AWS] How to automatically deploy a Web application created with Rails 6 to ECR / ECS using CircleCI ① Preparation [Container deployment]
[Part 2] Automatically test and deploy WEB services created with Rails + Nuxt + MySQL + Docker with ECS / ECR / CircleCI to make them terraform
[For super beginners (more screenshots)] Automatically deploy to AWS ECR / ECS with Ruby2.6 x Rails6 x CircleCi [Hands-on format]
How to deploy a Rails application on AWS (article summary)
Automatically deploy a Web application developed in Java using Jenkins [Preparation]
[Part 1] WEB service created with Rails + Nuxt + MySQL + Docker is automatically tested and deployed with ECS / ECR / CircleCI and converted to terraform.
How to migrate a web application created in a local docker environment to AWS
How to deploy a container on AWS Lambda
Deploy Rails to ECS Fargate with AWS Copilot
[Part 1] How to deploy Docker containers and static files with CircleCI + ECS + ECR + CloudFront
[For beginners] Laravel Docker AWS (EC2) How to easily deploy a web application (PHP) from 0 (free) ①-Overview-
Automatically deploy a web application developed in Java using Jenkins [Spring Boot application]
[Java] Deploy a web application created with Eclipse + Maven + Ontology on Heroku
Deploy a Node.js application to an ECS instance using the Cloud Toolkit
How to deploy a system created with Java (Wicket-Spring boot) to an on-campus server
[Rails] How to create a graph using lazy_high_charts
[Docker] How to update using a container on Heroku and how to deal with Migrate Error
A story that stumbled when deploying a web application created with Spring Boot to EC2
How to deploy Java to AWS Lambda with Serverless Framework
[How to insert a video in haml with Rails]
How to check CircleCI code and automatically deploy to Heroku
How to get started with creating a Rails app
[Rails] How to install a decorator using gem draper
Deploy a Java application developed locally with the Cloud Toolkit to an Alibaba Cloud ECS instance
How to automatically generate ER diagram when migrating with Rails6
How to set environment variables when using Payjp with Rails
How to connect a container created later to an existing network
How to get inside a container running on AWS Fargate
How to deploy jQuery in your Rails app using Webpacker
I tried automatic deployment with CircleCI + Capistrano + AWS (EC2) + Rails
How to deploy a kotlin (java) app on AWS fargate
How to register as a customer with Square using Tomcat
For beginners! Automatic deployment with Rails6 + CircleCI + Capistrano + AWS (EC2)
How to build an environment with Docker, which is the minimum required to start a Rails application
AWS Elastic Beanstalk # 1 with Java starting from scratch-Building a Java web application environment using the EB CLI-
Deploy Rails apps to Azure App Service using Docker & Continuous Deployment
[Rails 6] How to create a dynamic form input screen using cocoon
How to automatically operate a screen created in Java on Windows
Automatically deploy Web applications developed in Java using Jenkins [Tomcat application]
How to publish an application using AWS (3) EC2 instance environment construction
How to run a job with docker login in AWS batch
[Rails] How to upload images to AWS S3 using Carrierwave and fog-aws
I tried to build a simple application using Dockder + Rails Scaffold
How to rename a model with foreign key constraints in Rails
[Rails] How to upload images to AWS S3 using refile and refile-s3
How to create a web server on an EC2 instance on AWS