Processing flow of Code Deploy

The CodeDeploy agent for each instance polls CodeDeploy to decide what to retrieve from when specified Amazon S3 bucket or GitHub repository.

The CodeDeploy agent for each instance gets the target revision from the Amazon S3 bucket or GitHub repository and uses the appspec file procedure to deploy the content to the instance.

AWS CodeDeploy Error Handling

Can use the AWS CodeDeploy console, the AWS CLI, or the AWS CodeDeploy API to view details about deployment associated with an AWS account.


To view the deployment details using the AWS CLI, invoke the get-deployment command or the batch-get-deployments command to get a list of unique deploy IDs to use as input to the get-deployment and batch-get-deployments commands.

Is it better to acquire the execution log of codedeploy as devops thinking?

CodeDeploy Appspec.yml

AppSpec is the contents of the deployment process executed by AWS CodeDeploy. It is a file composed of YAML format that describes specific contents, what kind of things to handle in the deployment. In using CodeDeploy, it is very important to specify what are to be set in AppSpec.

The name of the AppSpec file must be appspec.yml and be placed in the root directory. If this requirement is not met, the deployment fails. Also, if there is an AppSpec file, you can make the deployment content including it into a compressed file in Zip.

file composition

version: 0.0
os: operating-system-name

start -> applicationstop -> downloadbundle -> beforeinstall -> install -> afterinstall -> applicationstart -> validateservice -> end

How to create Code deploy

CodeDeploy → Create role for EC2
Enable CodeDeploy to access the EC2
instance to be deployed, select “AWS service” and “CodeDeploy”

Open IAM Manager on the AWS console and select “role” link text below.

Search “CodeDeploy” with the role page and put checkbox.

Create role and review

create application

We can chose application type, in-place or green/blue.

AWS codedeploy

CodeDeploy is a managed service of AWS and can deploy source code and build artifacts for EC2 and on-premises servers and Lambda.

You can choose between in-place deployment and Blue / Green deployment to deploy to EC2 and on-premises servers.

You can select the source of the distribution from S3 and GitHub, but it will inevitably become s3 because the extension must be zip, tar, and tar.gz.

It is appsepec.yml that determines the rules for these deployment. Either type of appspeck.yml is required.

First of all, the content of the file being uploaded to s3 are as follows. Assume that sample.jar is already built and describes the command to start it.
├── appspec.yml
├── sample.jar

What is Blue / Green deployment?

Systems that take a method called Blue/Green deployment have increased.

In place: Reflect only the new revision application on the spot, leaving the instance intact.
Blue / Green: Build and replace a new instance for new revision applications.

And it can roughly classify the following three categories at the reflection speed with another axis different from the realization method.

All at once: Deploy all of them all at once with new revisions.
One by one: Deploy a new revision one by one.
Batch: Deploy a few new revisions(eg half)

There are people often thinking about Blue/Green deployment “only new instances of the revision are constructed by switching to the same number as it is now”, but this kind of deployment method is also called Red/Black deployment in recent years. This is just one way of “deployment at all at once in Blue/Green”

In place
– Merit
Since this method does not require additional instances at deployment, it is very effective in environments where it is not easy to create instances such as on-premises environments. Since it is enough to distribute only the application and restart or the like to the instance where hardware purchase, OS installation and various settings have already been completed, additional instance costs are not required at high speed.

– Demerit
One is tat remote operation is required. Remote operation is to operate on an instance that is running by way of ssh etc. In the case of using ssh, it is necessary to manage the key, so the construction of the instance becomes somewhat complicated, and the risk of opening a hole such as ssh etc. for the instance used in the production environment is reduced as much as possible from the very beginning it is safer to have it. Although we can alleviate this somewhat by using an agent type mechanism like AWS CodeDeploy, we do not change the risk of distributing files or executing arbitrary commands during operation.
Finally it is also difficult to roll back. Consistency is more likely to collapse when returning things that have changed once. “In Place”, there is the fact that you have to maintain two types of deployment, “deploy application” and “deploy under application”.

Blue/Green is not necessarily just switching before preparing the same scale in Blue/Green. The point is that it does not do anything for running, it creates a new revision on another instance and switches over the whole green/blue according to an arbitrary strategy.

– Merit
You can eliminate all the disadvantages of in place mentioned above. First of all, for remote operation, we do not make any changes to the running instance at deployment, so we do not need anything. Instances need not have any mechanisms related to deployment. This also simplifies the application development process.

Regarding consistency, if you create an instance image (Amazon Machine Image(AMI) for Amazon EC2) for each deployment as an extreme way of way of making it, you can guarantee that instances of the same revision are of exactly the same configuration. This is the method that Netflix is taking.

Rollback is very easy. Because Blue does not have any changes in deployment, you simply need to return traffic to Blue. Even after discarding Blue, restoration is also easy if you restart it from AMI of the past revision.

As described above, in Blue/Green deployment is carried out together with “deployment of application” with lower deployment, so for example, it is possible to realize OS updates and the like with exactly the same mechanism, the deployment process becomes one and maintenance also will be much easier.

– Demerit
For example, it is said that cost is high for making AMI for each deployment. Especially it takes time to rebuild from AMI when deploying minor fixes. This can be avoided to some extent by automating the creation of AMI and configuring a CI / CD pipeline that is already ready for deployment. Rather than creating an AMI for each deployemnt, you can keep the AMI of the basic configuration fixed so that you get the latest revision at instance startup, but in that case a breakdown of consistency similar to “In place” care should be taken as it can happen.

Also typically said is the cost of having to make extra instances. Although you wan to make a bit of modification you have to bother to set up an instance, trying all at once will double the cost temporarily, and that is certainly a waste.

AWS Code deploy

Code Deploy Merit
– Automatic deployment
– Minimize Downtime
– Unified management
– Easy to introduce

umm, somehow I do not understand well.

What is code deploy
It is a service that allows you to simultaneously deploy programs to multiple instances tagged by CodeDeploy for programs created by users.

– For multiple deployment objects, deployment speed can be adjusted one at a time, all at once, only half, etc.
– The deployment destination EC2 is automatically determined by an arbitrary tag
– Simply run aws-cli with the local deployment directory specified, zip it and push it to S3
– Just after post-deployment(permission change, Apache’s graceful etc) write in yml and put it in the directory to be deployed.

aws codedeployのログを見る

$ rpm -qa |grep -i codedeploy-agent


2018-09-24 10:54:17 INFO [codedeploy-agent(13919)]: Version file found in /opt/codedeploy-agent/.version with agent version OFFICIAL_1.0-1.1518_rpm.
2018-09-24 10:54:17 ERROR [codedeploy-agent(13919)]: InstanceAgent::Plugins::CodeDeployPlugin::CommandPoller: Missing credentials – please check if this instance was started with an IAM instance profile

Missing credentials

sudo service codedeploy-agent restart




ec2 インスタンス
# CodeDeployエージェント
chmod +x ./install
sudo ./install auto

# 実行
sudo service codedeploy-agent start


version: 0.0
os: linux
  - source: /
    destination: /home/ec2-user/dev/

code deployからアプリケーションの作成