How to use ElasticBeanstalk

How to use ElasticBeanstalk

AWS의 서비스를 이용하여 빌드부터 배포까지 자동화 하는 과정을 정리하였다.

Step 1. AWS beanstalk CLI 설치

pip를 통해 AWS ElasticBeanstalk CLI를 설치한다

$ pip install --upgrade awsebcli

Step 2. eb init

ElasticBeanstalk 초기환경 생성을 위해 리전 및 플랫폼 환경 초기화를 진행한다.

$ cd [path_to_project]
$ eb init

Select a default region
1) us-east-1 : US East (N. Virginia)
2) us-west-1 : US West (N. California)
3) us-west-2 : US West (Oregon)
4) eu-west-1 : EU (Ireland)
5) eu-central-1 : EU (Frankfurt)
6) ap-south-1 : Asia Pacific (Mumbai)
7) ap-southeast-1 : Asia Pacific (Singapore)
8) ap-southeast-2 : Asia Pacific (Sydney)
9) ap-northeast-1 : Asia Pacific (Tokyo)
**10) ap-northeast-2 : Asia Pacific (Seoul)**
11) sa-east-1 : South America (Sao Paulo)
12) cn-north-1 : China (Beijing)
13) cn-northwest-1 : China (Ningxia)
14) us-east-2 : US East (Ohio)
15) ca-central-1 : Canada (Central)
16) eu-west-2 : EU (London)
17) eu-west-3 : EU (Paris)
18) eu-north-1 : EU (Stockholm)
19) eu-south-1 : EU (Milano)
20) ap-east-1 : Asia Pacific (Hong Kong)
21) me-south-1 : Middle East (Bahrain)
22) af-south-1 : Africa (Cape Town)
(default is 3): 10

Enter Application Name
(default is "project_name"):

Application project has been created.
Select a platform.
1) .NET Core on Linux
2) .NET on Windows Server
3) Docker
4) GlassFish
5) Go
**6) Java**
7) Node.js
8) PHP
9) Packer
10) Python
11) Ruby
12) Tomcat
(make a selection): 6

Select a platform branch.
**1) Corretto 11 running on 64bit Amazon Linux 2**
2) Corretto 8 running on 64bit Amazon Linux 2
3) Java 8 running on 64bit Amazon Linux
4) Java 7 running on 64bit Amazon Linux
(default is 1): 1

Do you wish to continue with CodeCommit? (Y/n): n
Do you want to set up SSH for your instances?
(Y/n):

Select a keypair.
1) rocksea-eb
2) [ Create new KeyPair ]
(default is 2): 1

.elasticbeanstalk 디렉토리 생성 확인

$ ls -altr
total 120
-rw-r--r-- 1 rocksea staff 2622 10 28 2019 [README.md](http://readme.md/)
drwxr-xr-x 3 rocksea staff 96 10 28 2019 gradle
-rwxr-xr-x 1 rocksea staff 5305 10 28 2019 gradlew
-rw-r--r-- 1 rocksea staff 2269 10 28 2019 gradlew.bat
-rw-r--r-- 1 rocksea staff 100 10 28 2019 settings.gradle
drwxr-xr-x 4 rocksea staff 128 10 28 2019 src
drwxr-xr-x 4 rocksea staff 128 5 15 10:35 out
drwxr-xr-x 8 rocksea staff 256 6 19 15:06 .gradle
-rw-r--r-- 1 rocksea staff 7 6 22 14:51 .java-version
-rw-r--r-- 1 rocksea staff 6212 7 2 15:57 build.gradle
drwxr-xr-x 22 rocksea staff 704 7 7 14:35 ..
drwxr-xr-x 9 rocksea staff 288 7 9 14:41 build
-rw-r--r-- 1 rocksea staff 545 7 27 12:11 .gitignore
-rw-r--r-- 1 rocksea staff 94 8 4 16:52 appspec.yml
-rw-r--r-- 1 rocksea staff 511 8 6 11:51 buildspec.yml
-rw-r--r-- 1 rocksea staff 1076 8 6 14:49 bitbucket-pipelines.yml
drwxr-xr-x 10 rocksea staff 320 8 6 18:15 .idea
drwxr-xr-x 21 rocksea staff 672 8 7 14:24 .
drwxr-xr-x 3 rocksea staff 96 8 7 14:26 **.elasticbeanstalk**
drwxr-xr-x 15 rocksea staff 480 8 7 14:33 .git

.elasticbeanstalk/config.yml

branch-defaults:
  master:
    environment: null
    group_suffix: null
global:
  application_name: project_name
  branch: null
  default_ec2_keyname: rocksea-eb
  default_platform: Corretto 11 running on 64bit Amazon Linux 2
  default_region: ap-northeast-2
  include_git_submodules: true
  instance_profile: null
  platform_name: null
  platform_version: null
  profile: eb-cli
  repository: null
  sc: git
  workspace_type: Application

Step 3. buildspec.yml 파일 작성

[my-project-root]/buildspec.yml 파일을 아래와 같이 생성한다

buildspec.yml

version: 0.2

phases:
  install:
    runtime-versions:
      java: corretto11
  build:
    commands:
      - echo Build Starting on `date`
      - chmod +x ./gradlew
      - ./gradlew build -x test
  post_build:
    commands:
      - echo $(basename ./build/libs/*.jar)
      - pwd

artifacts:
  files:
    - build/libs/*.jar
    - .ebextensions/**/*
  discard-paths: yes

cache:
 paths:
    - '/root/.gradle/caches/**/*'

eb_codebuild_settings:
  CodeBuildServiceRole: codebuild-project_name-role
  ComputeType: BUILD_GENERAL1_SMALL
  Image: aws/codebuild/standard:4.0
  Timeout: 60

Step 4. IAM 권한 설정

권한설정 해줘야 할 것들이 꽤 많아서 계속 빌드 실패를 경험하였다. (403에러로인한 Access Deny, authorization failed 등등), IAM관리 콘솔의 역할에서 CodeBuildServiceRole 역할에 다양한 접근권한( Resources, Actions등)에 대한 Allow 설정을 해줘야 한다.

*Version: 2012-10-17은 상수값이므로 그대로 넣어주자.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Resource": [
                "*"
            ],
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ]
        },
        {
            "Effect": "Allow",
            "Resource": [
                "arn:aws:s3:::codepipeline-ap-northeast-2-*"
            ],
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:GetObjectVersion",
                "s3:GetBucketAcl",
                "s3:GetBucketLocation"
            ]
        },
        {
            "Effect": "Allow",
            "Resource": [
                "arn:aws:s3:::elasticbeanstalk-ap-northeast-2-",
                "arn:aws:s3:::elasticbeanstalk-ap-northeast-2-/*"
            ],
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:GetObjectVersion",
                "s3:GetBucketAcl",
                "s3:GetBucketLocation"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "codebuild:CreateReportGroup",
                "codebuild:CreateReport",
                "codebuild:UpdateReport",
                "codebuild:BatchPutTestCases",
                "codebuild:BatchPutCodeCoverages"
            ],
            "Resource": [
                "arn:aws:codebuild:ap-northeast-2::report-group/snm_booking_api-*"
            ]
        }
    ]
}

Step 5. CodeBuild 프로젝트 생성

CodeBuild의 경우 CodeCommit에 등록된 Repository 혹은 Github이나 Bitbucket등의 외부 소스저장소의 소스 빌드가 가능하다.

AWS의 [서비스 > CodeCommit > 빌드 > 시작하기]메뉴에 진입하여 빌드프로젝트를 생성한다.

 

Step 5. eb create

EB 어플리케이션 생성한다. 또한 DNS CNAME의 경우 sub-domain명으로 사용할 명칭을 등록하면된다.
(e.g. http://[CNAME prefix].ap-northeast-2.elasticbeanstalk.com/)
또한 Load Balancer는 L7인 application을 Default로 사용한다.

$ eb create
Enter Environment Name
(default is project_name): project_name
Enter DNS CNAME prefix
(default is project_name): myapi

Select a load balancer type
1) classic
2) application
3) network
(default is 2): 2

Would you like to enable Spot Fleet requests for this environment? (y/N):
Creating application version archive "app-c2e4".
Uploading snm_booking_api/app-c2e4-200810_105905.zip to S3. This may take a while.
Upload Complete.
--- Waiting for Application Versions to populate attributes ---
Found attributes for application version app-c2e4-200810_105905
You can find logs for the CodeBuild build here: https://console.aws.amazon.com/cloudwatch/home?region=ap-northeast-2
NOTE: The CodeBuild timeout is set to 60 minutes, so this operation may take upto '60' minutes to complete.
2020-08-10 01:59:36    INFO    Build in progress. Phase: QUEUED Status: SUCCEEDED
2020-08-10 01:59:36    INFO    Build in progress. Phase: PROVISIONING Status: SUCCEEDED
2020-08-10 01:59:37    INFO    Build in progress. Phase: DOWNLOAD_SOURCE Status: SUCCEEDED
2020-08-10 01:59:37    INFO    Build in progress. Phase: INSTALL Status: SUCCEEDED
2020-08-10 01:59:37    INFO    Build in progress. Phase: PRE_BUILD Status: SUCCEEDED
 -- Events -- (Ctrl+C will abort the deployment)
2020-08-10 02:03:38    INFO    Build in progress. Phase: BUILD Status: SUCCEEDED
2020-08-10 02:03:38    INFO    Build in progress. Phase: POST_BUILD Status: SUCCEEDED
2020-08-10 02:03:38    INFO    Build in progress. Phase: UPLOAD_ARTIFACTS Status: SUCCEEDED
2020-08-10 02:03:38    INFO    Build in progress. Phase: FINALIZING Status: SUCCEEDED
2020-08-10 02:03:38    INFO    Build in progress. Phase: COMPLETED
2020-08-10 02:03:38    INFO    Deleted CodeBuild project: arn:aws:codebuild:ap-northeast-2:project/Elastic-Beanstalk-project_name-app
2020-08-10 02:03:40    INFO    Finished processing application version app-c2e4 with status: PROCESSED.
                                 the deployment)
Environment details for: snm-booking-api
  Application name: snm_booking_api
  Region: ap-northeast-2
  Deployed Version: app-c2e4-200810_105905
  Environment ID: e-329jkjj3hq
  Platform: arn:aws:elasticbeanstalk:ap-northeast-2::platform/Corretto 11 running on 64bit Amazon Linux 2/3.1.0
  Tier: WebServer-Standard-1.0
  CNAME: bookingapi.ap-northeast-2.elasticbeanstalk.com
  Updated: 2020-08-10 02:03:44.433000+00:00
Printing Status:
2020-08-10 02:03:43    INFO    createEnvironment is starting.
2020-08-10 02:03:44    INFO    Using elasticbeanstalk-ap-northeast-2 as Amazon S3 storage bucket for environment data.
2020-08-10 02:04:11    INFO    Created target group named: arn:aws:elasticloadbalancing:ap-northeast-2
2020-08-10 02:04:11    INFO    Created security group named: sg-03db
2020-08-10 02:04:42    INFO    Created security group named: awseb-e-32
2020-08-10 02:04:42    INFO    Created Auto Scaling launch configuration named: awseb-e-32
2020-08-10 02:05:43    INFO    Created Auto Scaling group named: awseb-e-329jkjj3hq-stack-AWSEBAutoScalingGroup
2020-08-10 02:05:43    INFO    Waiting for EC2 instances to launch. This may take a few minutes.
2020-08-10 02:06:23    INFO    Instance deployment successfully generated a 'Procfile'.
2020-08-10 02:06:26    INFO    Instance deployment completed successfully.
2020-08-10 02:07:31    INFO    Successfully launched environment: project_name

EB 어플리케이션 및 환경 생성이 완료되면 CodeBuild가 진행되며, 완료 후 S3버킷에 .zip 파일로 압축되어 업로드된 결과물을 확인해 볼 수 있다.

Step 6. EB 어플리케이션 환경 구동 확인

eb create명령이 완료되면 아래와 같이 어플리케이션 환경이 생성된다. 이 환경을통해 배포, 재구동, JVM환경변수, Health Check, 모니터링, 인스턴스, Auto Scailing등의 설정을 할 수 있다.

최종확인

Step7. Route 53을 이용한 도메인 연결

ElasticBeanstalk서비스 환경에 접근 시 고정아이피로 (L4 VIP)제공받는게 아니라

http://xxxxxx.ap-northeast-2.elasticbeanstalk.com 형태의 URL로 제공되기때문에 AWS의 DNS서비스인 Route53을 이용하여 도메인 생성 후 A record값을 셋팅하여 DNS 라우팅 설정까지 마무리하였다.