CI/CD pipeline, AWS ElasticBeanstalk, and Amazon Certificate Manager
How to create a CI/CD pipeline using AWS ElasticBeanstalk, AWS CodePipeline and issuing SSL certificates by Amazon Certificate Manager
It’s an important factor in the production environment that nothing is broken and your application is highly available in the market with the least downtime. The concept of DevOps (Development and Operations) essentially includes the Continuous Integration (CI) and the Continuous Delivery (CD) pipeline. The pipeline assures that the changes which were made to your application get into production and helps the user to embrace the changes and ensures that you focus on the productivity of the application rather than managing servers.
This article will enable you to build a CI/CD pipeline using AWS Service CodePipeline and host your web app or any application using AWS ElasticBeanstalk.
The prerequisites for this are,
- A registered domain name, you can register a domain name with AWS service Route 53 or any other DNS provider like GoDaddy, Freenom, etc.
- A valid AWS account.
- A public GitHub repository. You need to create your application files and push them to GitHub repo.
Amazon Certificate Manager is a free service that is used to obtain SSL certificates for any particular domain and also for its subdomains. Before we move on, there is an option of shifting your domain name servers to AWS. To do that you simply have to go to Amazon Route 53 which can be found in the AWS Management Console. There click on Hosted Zones option(Figure 1), and then on Create Hosted Zone(Figure 2). You will be prompted to enter the domain name which you had bought or got it for free earlier(Figure 3). After a few seconds, you will get four new domain name servers(Figure 4), which you have to simply copy and paste in your domain name service providers(Like GoDaddy, Freenom) option saying Use your own DNS(Domain Name Servers, Figure 5 & 6). Below are some pictorial representations for your convenience. By doing this, the SSL certificate validation will take less time, and domain name management would be hassle-free.
Please Note:- If your AWS account is free tier eligible then it would cost you $0.50 per hosted zone for the first 25 hosted zones.
In the next step, you will receive your name servers. Simply copy and paste these server names in your Domain Name Service provider option stating Use your DNS (Domain Name Servers).
Click on the Manage Domain option. I am using the Freenom domain name provider.
It takes time for the changes to propagate in the system until then let’s move on.
4 steps to be followed for deploying the application:-
- Obtaining an SSL certificate for your domain and DNS validation.
- Configuring the certificate in AWS ElasticBeanstalk load balancers.
- Creating a Pipeline using AWS CodePipeline.
- Final Checks and Good to go!
1. Obtaining an SSL certificate for your domain and DNS validation.
Go to Amazon Certificate Manager. Under “Provision Certificate” click on Get Started. Make sure the option selected is “Request a public Certificate” and then click Request a certificate. Add the domain name for eg:- example.com and *.example.com for all of its subdomains(Figure 7) and click next. Select the DNS validation method because its the least cumbersome click next. Add tags if necessary. Review and then proceed. Now, there are two situations, if you have shifted your domain name servers to Amazon you will get an option saying “Create a Record Set”, you just have to proceed via this option else you need to manually copy the Name and the Values for creating a recordset.
Please Note:- For each requested domain name in the list there is a separate recordset that has to be added for DNS Validation.
After adding tags and reviewing click next and you will be provided with a recordset which you can either add automatically by clicking on “Create Record in Route 53” or enter it manually in your Route 53 hosted zone(Figure 8).
Usually, it takes half an hour, your SSL certificates will be issued as shown below.
2. Configuring the certificate in AWS ElasticBeanstalk load balancers.
Creating an ElasticBeanstalk application. For the demo purpose, I will be using a Node.js application, and the files are pushed to the online GitHub repo. Moving on, go to the AWS Management Console. In the services, click on AWS ElasticBeanstalk. Create an application(Figure 10). Fill in the details such as the Application Name and Application Tags if needed, it is a best practice to include tags. Under the Platform Section, choose Node.js leaving other fields as default. Select the Sample Application radio button under the Application Code section. Now, please don’t proceed by creating an application. There are some configurations we need to do. Click on Configure more options right beside the Create Application option(Fig. 11). Under the presets section choose the Custom Configuration radio option(Fig. 12) and scroll down to the load balancer section.
Application Load Balancer in one line would be routing HTTP and HTTPS traffic based on protocol, port, and route to environment processes. Under the Load balancer section click on edit, this will land you to a page similar to the underneath image(Figure 13).
After clicking on Add Listener, choose the HTTPS protocol and define the port as 443. Under the SSL certificate field choose the certificate which was issued using the ACM(Amazon Certificate Manager) for your domain.
Add the configuration. Leaving all other fields as default, click on Save. Finally, click on Create App. Wait for a couple of minutes until the resources are initialized. You will get an endpoint URL where you can see the sample Node.js application running successfully.
3. Creating a Pipeline using AWS CodePipeline.
Go back to the AWS Management Console and choose the AWS CodePipeline Service. Click on create a new pipeline. Fill in the name, keeping the Role Name field as it is. Click on next. In the Source Provider dropdown list choose GitHub since our files are in the GitHub repo. Connect to Github. After connecting successfully choose the repo where the files are stored. Choose the branch and click next. Skip the build stage as we are not building anything. Click next. Under the Deploy Provider list select the AWS ElasticBeanstalk service since our application is hosted there. Select the Application name and the environment name properly and click on next. Review it and finally click on Create pipeline.
This process has enabled us, any change in the GitHub repo, will automatically be deployed to the environment.
Quick Note:- Make sure you specify process.env.PORT at app.listen() as this will enable the app to run on the PORT specified by the environment.
4. Final Checks and Good to go!
Go to Route53, select your domain’s hosted zone, create a recordset, with one as example.com with A record, select Alias as Yes. Under the Alias Target select the Elastic Load Balancer(ELB) if you have multiple Load Balancers then make sure you select the right ELB. Click on Save Record Set. Repeat the same for www.example.com.
Now, we want people to be redirected to the HTTPS protocol when the client requests the HTTP protocol. To do that go to the EC2 dashboard. Click on Load Balancer in the left navigation panel. Select the load balancer initialized by AWS EBS(ElasticBeanStalk). Click on Listeners. Select the HTTP:80 listener ID and click edit. Under Default action(s) delete the existing action. Click on add action, select redirect to, mention the 443 port, and click on the tick below, leaving other values as it is. Click on Update on the right-hand corner and we are done!
Congratulations 👍! you have successfully deployed an application using AWS ElasticBeanstalk and created a CI/CD pipeline.
Do give a clap if this article helped you and comment if you faced any trouble in following the steps. Feedback is appreciated. Thank You!
