Skip to content

psinghfmr/devops-aws-terraform

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.github/workflows
.github/workflows
 
 
app
app
 
 
proxy
proxy
 
 
scripts
scripts
 
 
.dockerignore
.dockerignore
 
 
.env.sample
.env.sample
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose-deploy.yml
docker-compose-deploy.yml
 
 
docker-compose.yml
docker-compose.yml
 
 
requirements.dev.txt
requirements.dev.txt
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

DevOps Deployment Automation with Terraform, AWS and Docker - Starter Code

This project contains the starter code for our course: DevOps Deployment Automation with Terraform, AWS and Docker.

It contains the code you should have by the end of our Build a Backend REST API with Python & Django REST Framework - Advanced course. We've created this snapshot, in-case we update the aforementioned course in the future.

Local Development

Running Project

This project runs using Docker. It should work consistently on Windows, macOS or Linux machines.

Follow the below steps to run a local development environment.

  1. Ensure you have the following installed:
  1. Clone the project, cd to it in Terminal/Command Prompt and run the following:
docker compose up
  1. Browse the project at http://127.0.0.1:8000/api/health-check/

Creating Superuser

To create a superuser to access the Django admin follow these steps.

  1. Run the below command and follow the in terminal instructions:
docker compose run --rm app sh -c "python manage.py createsuperuser"
  1. Browse the Django admin at [http://127.0.0.1:8000/admin] and login.

Clearing Storage

To clear all storage (including the database) and start fresh:

docker compose down --volumes
docker compose up

Course Documentation

This section contains supplementary documentation for the course steps.

AWS CLI

AWS CLI Authentication

This course uses aws-vault to authenticate with the AWS CLI in the terminal.

To authenticate:

aws-vault exec PROFILE --duration=8h

Replace PROFILE with the name of the profile.

To list profiles, run:

aws-vault list

Task Exec

ECS Exec is used for manually running commands directly on the running containers.

To get shell access to the ecs task:

aws ecs execute-command --region REGION --cluster CLUSTER_NAME --task TASK_ID --container CONTAINER_NAME --interactive --command "/bin/sh"

Replace the following values in the above command:

  • REGION: The AWS region where the ECS cluster is setup.
  • CLUSTER_NAME: The name of the ECS cluster.
  • TASK_ID: The ID of the running ECS task which you want to connect to.
  • CONTAINER_NAME: The name of the container to run the command on.

Terraform Commands

Below is a list of how to run the common commands via Docker Compose.

Note: The below commands should be run from ther infra/ directory of the project, and after authenticating with aws-vault.

To run any Terraform command through Docker, use the syntax below:

docker compose run --rm terraform -chdir=TF_DIR COMMAND

Where TF_DIR is the directory containing the Terraform (setup or deploy) and COMMAND is the Terraform command (e.g. plan).

Get outputs from the setup Terraform

docker compose run --rm terraform -chdir=setup output

The output name must be specified if sensitive = true in the output definition, like this:

docker compose run --rm terraform -chdir=setup output cd_user_access_key_secret

GitHub Actions Variables

This section lists the GitHub Actions variables which need to be configured on the GitHub project.

Note: This is only applicable if using GitHub Actions, if you're using GitLab, see GitLab CI/CD Variables below.

If using GitHub Actions, variables are set as either Variables (clear text and readable) or Secrets (values hidden in logs).

Variables:

  • AWS_ACCESS_KEY_ID: Access key for the CD AWS IAM user that is created by Terraform and output as cd_user_access_key_id.
  • AWS_ACCOUNT_ID: AWS Account ID taken from AWS directly.
  • DOCKERHUB_USER: Username for Docker Hub for avoiding Docker Pull rate limit issues.
  • ECR_REPO_APP: URL for the Docker repo containing the app image output by Terraform as ecr_repo_app.
  • ECR_REPO_PROXY: URL for the Docker repo containing the proxy image output by Terraform as ecr_repo_proxy.

Secrets:

  • AWS_SECRET_ACCESS_KEY: Secret key for AWS_ACCESS_KEY_ID set in variables, output by Terraform as cd_user_access_key_secret.
  • DOCKERHUB_TOKEN: Token created in DOCKERHUB_USER in Docker Hub.
  • TF_VAR_DB_PASSWORD: Password for the RDS database (make something up).
  • TF_VAR_DJANGO_SECRET_KEY: Secret key for the Django app (make something up).

GitLab CI/CD Variables

This section lists the GitLab CI/CD variables which must be configured to run jobs.

Note: This is only applicable if you are using GitLab CI/CD. If you are using GitHub Actions, see [#github-actions-variables](GitHub Actions Variables) above.

In GitLab CI/CD, all variables are set under Variables, and optionally set as masked (secrets hidden from output) and/or protected (restricted to protected branches).

Each variable and their state is listed below:

  • AWS_ACCESS_KEY_ID: Access key for the CD AWS IAM user that is created by Terraform and output as cd_user_access_key_id.
  • AWS_ACCOUNT_ID: AWS Account ID taken from AWS directly.
  • DOCKERHUB_USER: Username for Docker Hub for avoiding Docker Pull rate limit issues.
  • ECR_REPO_APP: URL for the Docker repo containing the app image output by Terraform as ecr_repo_app.
  • ECR_REPO_PROXY: URL for the Docker repo containing the proxy image output by Terraform as ecr_repo_proxy.
  • AWS_SECRET_ACCESS_KEY (Masked): Secret key for AWS_ACCESS_KEY_ID set in variables, output by Terraform as cd_user_access_key_secret.
  • DOCKERHUB_TOKEN (Masked): Token created in DOCKERHUB_USER in Docker Hub.
  • TF_VAR_db_password (Masked): Password for the RDS database (make something up).
  • TF_VAR_django_secret_key (Masked, Protected): Secret key for the Django app (make something up).

Section Notes and Resources

Software Requirements

Checking Each Dependency

Check docker is running:

docker --version

Check aws-vault installed:

aws-vault --version

Check AWS CLI:

aws --version

Check AWS CLI Systems Manager:

session-manager-plugin

Check docker compose:

docker compose --version

Configure Git:

git config --global user.email [email protected]
git config --global user.name "User Name" 
git config --global push.autoSetupRemote true

Other courses

Check out our courses on londonappdeveloper.com.

Or find them below:

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages