AWS Elastic Beanstalk Inplace/Rolling Blue/Green Deploy

Install and configure EB (Elastic Beanstalk) on local machine:

$ pip install awsebcli --upgrade --user

The pip is, actually, pip3 (alias pip=/usr/local/bin/pip3), and on my Mac, I had to set the path:

export PATH=$PATH:$HOME/Library/Python/3.7/bin

Create a working directory:

$ mkdir ~/Beanstalk
$ cd ~/Beanstalk

Initialize a Beanstalk project:

$ which eb
/Users/kihyuckhong/Library/Python/3.7/bin/eb

$ eb init

Select a default region
1) us-east-1 : US East (N. Virginia)
2) us-west-1 : US West (N. California)
3) us-west-2 : US West (Oregon)
4) eu-west-1 : EU (Ireland)
5) eu-central-1 : EU (Frankfurt)
6) ap-south-1 : Asia Pacific (Mumbai)
7) ap-southeast-1 : Asia Pacific (Singapore)
8) ap-southeast-2 : Asia Pacific (Sydney)
9) ap-northeast-1 : Asia Pacific (Tokyo)
10) ap-northeast-2 : Asia Pacific (Seoul)
11) sa-east-1 : South America (Sao Paulo)
12) cn-north-1 : China (Beijing)
13) cn-northwest-1 : China (Ningxia)
14) us-east-2 : US East (Ohio)
15) ca-central-1 : Canada (Central)
16) eu-west-2 : EU (London)
17) eu-west-3 : EU (Paris)
18) eu-north-1 : EU (Stockholm)
(default is 3): 1

Enter Application Name
(default is "Beanstalk"): my-bean
Application my-bean has been created.

Select a platform.
1) Node.js
2) PHP
3) Python
4) Ruby
5) Tomcat
6) IIS
7) Docker
8) Multi-container Docker
9) GlassFish
10) Go
11) Java
12) Packer
(default is 1): 2

Select a platform version.
1) PHP 7.2
2) PHP 7.1
3) PHP 7.0
4) PHP 5.6
5) PHP 5.5
6) PHP 5.4
(default is 1): 4
Do you want to set up SSH for your instances?
(Y/n): Y

Select a keypair.
1) ansible
2) ansible-nginx
3) autoscaling
4) bogo
5) einsteinish
6) kubernetes.useast1.dev.cruxlynx.com-d2:4d:28:76:90:aa:e3:80:52:74:5f:89:44:12:52:e7
7) testing-staging-key
8) ~/.ssh/einsteinish.pem
9) [ Create new KeyPair ]
(default is 8): 9

Type a keypair name.
(Default is aws-eb): 
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /Users/kihyuckhong/.ssh/aws-eb.
Your public key has been saved in /Users/kihyuckhong/.ssh/aws-eb.pub.
The key fingerprint is:
SHA256:97UDgAPj5i3QzYjRIstr64JupItsDnG5vbJaImOZzvc aws-eb
The key's randomart image is:
+---[RSA 2048]----+
|    ..o          |
|  . .=.* .       |
| . oo.= = .      |
|  o. + . . .     |
|. o.  o S . . .  |
| +=o   . . . o . |
|O=o..       . o  |
|%*o. .         . |
|O@+ooE           |
+----[SHA256]-----+
WARNING: Uploaded SSH public key for "aws-eb" into EC2 for region us-east-1.
$ 

Now the Beanstalk configuration for our app has been created in ~/Beanstalk/.elasticbeanstalk. Note that the "Beanstalk" is the directory we've created earlier as a working/app directory:

$ ls -la ~/Beanstalk/
total 8
drwxr-xr-x   4 kihyuckhong  staff   128 Jan 18 13:21 .
drwxr-xr-x+ 69 kihyuckhong  staff  2208 Jan 18 13:18 ..
drwxr-xr-x   3 kihyuckhong  staff    96 Jan 18 13:19 .elasticbeanstalk
-rw-r--r--   1 kihyuckhong  staff   108 Jan 18 13:21 .gitignore

Let's create a Elastic Beanstalk environment, and the following command will do deployment for us:

$ eb create --service-role aws-elasticbeanstalk-service-role
Enter Environment Name
(default is my-bean-dev): 
Enter DNS CNAME prefix
(default is my-bean-dev): myeb97531

Select a load balancer type
1) classic
2) application
3) network
(default is 2): 2
NOTE: The current directory does not contain any source code. Elastic Beanstalk is launching the sample application instead.
Do you want to download the sample application into the current directory?
(Y/n): Y
INFO: Downloading sample application to the current directory.
INFO: Download complete.
Environment details for: my-bean-dev
  Application name: my-bean
  Region: us-east-1
  Deployed Version: Sample Application
  Environment ID: e-ruwyw3gs3h
  Platform: arn:aws:elasticbeanstalk:us-east-1::platform/PHP 5.6 running on 64bit Amazon Linux/2.8.5
  Tier: WebServer-Standard-1.0
  CNAME: myeb97531.us-east-1.elasticbeanstalk.com
  Updated: 2019-01-18 21:53:42.464000+00:00
Printing Status:
2019-01-18 21:53:40    INFO    createEnvironment is starting.
2019-01-18 21:53:42    INFO    Using elasticbeanstalk-us-east-1-526262051452 as Amazon S3 storage bucket for environment data.

As we can see from the output, it started "createEnvironment". Because we answered 'Y' to "Do you want to download the sample application into the current directory?", we now have index.php and other files in our working/app directory:

$ ls
cron.yaml		index.php		logo_aws_reduced.gif	scheduled.php		styles.css

Check the status of the deployment:

$ eb status
Environment details for: my-bean-dev
  Application name: my-bean
  Region: us-east-1
  Deployed Version: Sample Application
  Environment ID: e-ruwyw3gs3h
  Platform: arn:aws:elasticbeanstalk:us-east-1::platform/PHP 5.6 running on 64bit Amazon Linux/2.8.5
  Tier: WebServer-Standard-1.0
  CNAME: myeb97531.us-east-1.elasticbeanstalk.com
  Updated: 2019-01-18 21:57:41.198000+00:00
  Status: Ready
  Health: Green

Click on the application:

Put the url into the browser:

Ref: Managing Elastic Beanstalk Environments with the EB CLI

We've deployed "v1" on one instance (not clear here, but we'll put explicit version in later deployments):

We can scale it up to 2:

$ eb scale 2
2019-01-18 22:36:39    INFO    Environment update is starting.

$ eb status
Environment details for: my-bean-dev
  Application name: my-bean
  Region: us-east-1
  Deployed Version: Sample Application
  Environment ID: e-ruwyw3gs3h
  Platform: arn:aws:elasticbeanstalk:us-east-1::platform/PHP 5.6 running on 64bit Amazon Linux/2.8.5
  Tier: WebServer-Standard-1.0
  CNAME: myeb97531.us-east-1.elasticbeanstalk.com
  Updated: 2019-01-18 22:36:39.383000+00:00
  Status: Updating
  Health: Green

Update the app? Well, let's just modify the "index.php" of the AWS sample php app.

<h1>Congratulations!</h1>
<h3>Version 1.1</h3>

Note that we added version info just below the "Congratulations!" line.

$ eb deploy
Creating application version archive "app-190118_174202".
Uploading my-bean/app-190118_174202.zip to S3. This may take a while.
Upload Complete.
2019-01-19 01:41:44    INFO    Environment update is starting.      
2019-01-19 01:41:48    INFO    Deploying new version to instance(s).
 -- Events -- (safe to Ctrl+C) Use "eb abort" to cancel the command.

Because AWS Elastic Beanstalk performs an in-place update when we update our application versions, our application can become unavailable to users for a short period of time.

We can avoid this downtime by performing a blue/green deployment, where we deploy the new version to a separate environment, and then swap CNAMEs of the two environments to redirect traffic to the new version instantly.

- Ref: Blue/Green Deployments with AWS Elastic Beanstalk

Before deploying a new app, let's modify the "index.php" one more time:

<h1>Congratulations!</h1>
<h3>Version 2.0</h3>

$ eb create new-eb --cname new-eb
Creating application version archive "app-190118_180804".
Uploading my-bean/app-190118_180804.zip to S3. This may take a while.
Upload Complete.
Environment details for: new-eb
  Application name: my-bean
  Region: us-east-1
  Deployed Version: app-190118_180804
  Environment ID: e-zzapwyicjy
  Platform: arn:aws:elasticbeanstalk:us-east-1::platform/PHP 5.6 running on 64bit Amazon Linux/2.8.5
  Tier: WebServer-Standard-1.0
  CNAME: new-eb.us-east-1.elasticbeanstalk.com
  Updated: 2019-01-19 02:08:09.567000+00:00
Printing Status:
2019-01-19 02:08:08    INFO    createEnvironment is starting.

$ eb status new-eb
Environment details for: new-eb
  Application name: my-bean
  Region: us-east-1
  Deployed Version: app-190118_180804
  Environment ID: e-zzapwyicjy
  Platform: arn:aws:elasticbeanstalk:us-east-1::platform/PHP 5.6 running on 64bit Amazon Linux/2.8.5
  Tier: WebServer-Standard-1.0
  CNAME: new-eb.us-east-1.elasticbeanstalk.com
  Updated: 2019-01-19 02:10:33.227000+00:00
  Status: Ready
  Health: Green

It's a Blue/Green deployment, we need to swaps the environment's CNAME with the CNAME of another environment, for example, the following command swaps the environment tmp-dev with the environment live-env:

$ eb swap tmp-dev --destination_name live-env

In our case, it should be like this:

$ eb swap new-eb --destination_name my-bean-dev
2019-01-19 02:22:38    INFO    swapEnvironmentCNAMEs is starting.
2019-01-19 02:22:38    INFO    Swapping CNAMEs for environments 'new-eb' and 'my-bean-dev'.
2019-01-19 02:22:40    INFO    'my-bean.us-east-1.elasticbeanstalk.com' now points to 'awseb-e-z-AWSEBLoa-WPER7OB2245F-753490447.us-east-1.elb.amazonaws.com'.
2019-01-19 02:22:40    INFO    Completed swapping CNAMEs for environments 'new-eb' and 'my-bean-dev'.                            

The equivalent console UI looks like this:

We can see it's been successfully updated to v 2.0 via Blue/Green!

AWS (Amazon Web Services)

1. AWS : EKS (Elastic Container Service for Kubernetes)
2. AWS : Creating a snapshot (cloning an image)
3. AWS : Attaching Amazon EBS volume to an instance
4. AWS : Adding swap space to an attached volume via mkswap and swapon
5. AWS : Creating an EC2 instance and attaching Amazon EBS volume to the instance using Python boto module with User data
6. AWS : Creating an instance to a new region by copying an AMI
7. AWS : S3 (Simple Storage Service) 1
8. AWS : S3 (Simple Storage Service) 2 - Creating and Deleting a Bucket
9. AWS : S3 (Simple Storage Service) 3 - Bucket Versioning
10. AWS : S3 (Simple Storage Service) 4 - Uploading a large file
11. AWS : S3 (Simple Storage Service) 5 - Uploading folders/files recursively
12. AWS : S3 (Simple Storage Service) 6 - Bucket Policy for File/Folder View/Download
13. AWS : S3 (Simple Storage Service) 7 - How to Copy or Move Objects from one region to another
14. AWS : S3 (Simple Storage Service) 8 - Archiving S3 Data to Glacier
15. AWS : Creating a CloudFront distribution with an Amazon S3 origin
16. AWS : Creating VPC with CloudFormation
17. AWS : WAF (Web Application Firewall) with preconfigured CloudFormation template and Web ACL for CloudFront distribution
18. AWS : CloudWatch & Logs with Lambda Function / S3
19. AWS : Lambda Serverless Computing with EC2, CloudWatch Alarm, SNS
20. AWS : Lambda and SNS - cross account
21. AWS : CLI (Command Line Interface)
22. AWS : CLI (ECS with ALB & autoscaling)
23. AWS : ECS with cloudformation and json task definition
24. AWS Application Load Balancer (ALB) and ECS with Flask app
25. AWS : Load Balancing with HAProxy (High Availability Proxy)
26. AWS : VirtualBox on EC2
27. AWS : NTP setup on EC2
28. AWS: jq with AWS
29. AWS & OpenSSL : Creating / Installing a Server SSL Certificate
30. AWS : OpenVPN Access Server 2 Install
31. AWS : VPC (Virtual Private Cloud) 1 - netmask, subnets, default gateway, and CIDR
32. AWS : VPC (Virtual Private Cloud) 2 - VPC Wizard
33. AWS : VPC (Virtual Private Cloud) 3 - VPC Wizard with NAT
34. DevOps / Sys Admin Q & A (VI) - AWS VPC setup (public/private subnets with NAT)
35. AWS - OpenVPN Protocols : PPTP, L2TP/IPsec, and OpenVPN
36. AWS : Autoscaling group (ASG)
37. AWS : Setting up Autoscaling Alarms and Notifications via CLI and Cloudformation
38. AWS : Adding a SSH User Account on Linux Instance
39. AWS : Windows Servers - Remote Desktop Connections using RDP
40. AWS : Scheduled stopping and starting an instance - python & cron
41. AWS : Detecting stopped instance and sending an alert email using Mandrill smtp
42. AWS : Elastic Beanstalk with NodeJS
43. AWS : Elastic Beanstalk Inplace/Rolling Blue/Green Deploy
44. AWS : Identity and Access Management (IAM) Roles for Amazon EC2
45. AWS : Identity and Access Management (IAM) Policies, sts AssumeRole, and delegate access across AWS accounts
46. AWS : Identity and Access Management (IAM) sts assume role via aws cli2
47. AWS : Creating IAM Roles and associating them with EC2 Instances in CloudFormation
48. AWS Identity and Access Management (IAM) Roles, SSO(Single Sign On), SAML(Security Assertion Markup Language), IdP(identity provider), STS(Security Token Service), and ADFS(Active Directory Federation Services)
49. AWS : Amazon Route 53
50. AWS : Amazon Route 53 - DNS (Domain Name Server) setup
51. AWS : Amazon Route 53 - subdomain setup and virtual host on Nginx
52. AWS Amazon Route 53 : Private Hosted Zone
53. AWS : SNS (Simple Notification Service) example with ELB and CloudWatch
54. AWS : Lambda with AWS CloudTrail
55. AWS : SQS (Simple Queue Service) with NodeJS and AWS SDK
56. AWS : Redshift data warehouse
57. AWS : CloudFormation
58. AWS : CloudFormation Bootstrap UserData/Metadata
59. AWS : CloudFormation - Creating an ASG with rolling update
60. AWS : Cloudformation Cross-stack reference
61. AWS : OpsWorks
62. AWS : Network Load Balancer (NLB) with Autoscaling group (ASG)
63. AWS CodeDeploy : Deploy an Application from GitHub
64. AWS EC2 Container Service (ECS)
65. AWS EC2 Container Service (ECS) II
66. AWS Hello World Lambda Function
67. AWS Lambda Function Q & A
68. AWS Node.js Lambda Function & API Gateway
69. AWS API Gateway endpoint invoking Lambda function
70. AWS API Gateway invoking Lambda function with Terraform
71. AWS API Gateway invoking Lambda function with Terraform - Lambda Container
72. Amazon Kinesis Streams
73. AWS: Kinesis Data Firehose with Lambda and ElasticSearch
74. Amazon DynamoDB
75. Amazon DynamoDB with Lambda and CloudWatch
76. Loading DynamoDB stream to AWS Elasticsearch service with Lambda
77. Amazon ML (Machine Learning)
78. Simple Systems Manager (SSM)
79. AWS : RDS Connecting to a DB Instance Running the SQL Server Database Engine
80. AWS : RDS Importing and Exporting SQL Server Data
81. AWS : RDS PostgreSQL & pgAdmin III
82. AWS : RDS PostgreSQL 2 - Creating/Deleting a Table
83. AWS : MySQL Replication : Master-slave
84. AWS : MySQL backup & restore
85. AWS RDS : Cross-Region Read Replicas for MySQL and Snapshots for PostgreSQL
86. AWS : Restoring Postgres on EC2 instance from S3 backup
87. AWS : Q & A
88. AWS : Security
89. AWS : Security groups vs. network ACLs
90. AWS : Scaling-Up
91. AWS : Networking
92. AWS : Single Sign-on (SSO) with Okta
93. AWS : JIT (Just-in-Time) with Okta