Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Deploy app on Elastic Beanstalk #223

Closed
wants to merge 25 commits into from
Closed

Deploy app on Elastic Beanstalk #223

wants to merge 25 commits into from

Conversation

stulacy
Copy link
Contributor

@stulacy stulacy commented Nov 17, 2023
edited
Loading

Currently the app is hosted in Lightsail, but Elastic Beanstalk offers several advantages:

  • Price is the main benefit, with a Lightsail container instance running with 1vCPU and 2GB RAM costing $40 vs $6.6 in EB (2vCPU but 1GB RAM)
  • EB makes it easy to have a separate Dev and Prod environment without needing to keep two entirely separate stacks with different container images
  • There's no need to store images in ECR as EB builds from docker-compose files during deployment
  • EB is a bare wrapper around EC2, so we can access the underlying EC2 instance if needed and it's easier to integrate with other AWS products, such as ACM
  • EB is fully describable within CloudFormation unlike Lightsail, so this PR closes Create infrastructure in CloudFormation #133 & Deploy GitHub action #134

Outstanding tasks:

  • Decide on the production environment specs
  • Sort SSL - might only be able to request the certificate in CloudFormation and will need to manually validate it and add to the instance. ACM certs can only be added to CloudFront or load balancers, I think the former would be more appropriate here, not least to help Cache static resources #202
  • Refactor the Deploy script. Currently there's 2 separate actions for dev and prod with nearly identical steps, the only difference being how the version string is generated. I imagine this is the type of thing that can be done with GitHub Environments

@stulacy
Housekeeping
d59b676
@stulacy
Working CF deployment, but 502 response
fcd0233
@stulacy
Working EBS deploy
61be3d0 
Outstanding features:
  - clean up the CF/deploy script so as to not need to
hardcode resource IDs/ARNs
  - Only use a single param file for the CF template
  - Add a second environment to use for dev
@stulacy
Parameterised deploy script, no more hardcoded resource ids
7044a48
@stulacy
First CI attempt
d3174e1
@stulacy
Dev branch deploys on push
1fbcb0d
@stulacy
Using AWS deploy cloudformation
23e784e 
NB: tags aren't working
@stulacy
Fixed tagging
52a72c9
@stulacy
Use more recent aws credentials
68af72d
@stulacy
Changed to prod bucket
b1d71d1
@stulacy
Removed debugging step
4b1981f
@stulacy
Giving eb role permission to read from bucket
c3bb0f3
@stulacy
Attempted CF fix 1
f69e7bf
@stulacy
Attempted CF fix 2
7d121f4
@stulacy
Attempted CF fix 3
30c236e
@stulacy
Added DB
dbbf82d 
Now the image is built by EB, it needs all the source files including
the DB.
@stulacy
Removed unnecessary policy
610a929
@stulacy
Attempt to remove more policies
284ae36
@stulacy
CloudFront distribution for dev
c2e2ac9
@stulacy
Add CloudFront to Dev env
1ef24c0
@stulacy
Copy link
Contributor Author

stulacy commented Dec 4, 2023

I haven't been able to get the SSL from CloudFront working yet for several reasons:

  • CloudFront doesn't natively support EBS apps
  • CloudFront can work with any custom URL, but EBS doesn't export URLs as CloudFormation resources, so you'd need to add a Lambda custom resource to get the URL
  • Furthermore, even when manually creating a CloudFront distribution in the AWS Console and passing it an EBS URL, it still doesn't work out of the box (returns 504)

Instead, there seem to be 2 solutions:

  1. Give up and use a load balancer which supports certificates directly from ACM. Estimate ~$20 per month so still half of what LightSail costs, but still an unnecessary resource for a low-traffic app
  2. Get an SSL cert manually and embed it directly into the app and configuring nginx to use it. Costs more developer time, need to keep cert out of repo etc...

Any thoughts @kilicomu ? I'm leaning towards the former as I'm not keen on spending much more time on this, although if you have any advice about how to sensitively bundle the SSL cert with the app for distribution then it might be worth exploring the second route

@stulacy
Made prod env load balanced
9f883c6
@stulacy
Removed VPC paths
c40c219 
This should force AWS to create a VPC for the app so that it is living
in its own VPC rather than the default one
@stulacy
Revert "Removed VPC paths"
03d19eb 
This reverts commit c40c219.
@stulacy
Revert "Add CloudFront to Dev env"
9242405 
This reverts commit 1ef24c0.
@stulacy
Revert "CloudFront distribution for dev"
b94d76a 
This reverts commit c2e2ac9.
@stulacy stulacy mentioned this pull request Jan 2, 2024
Open
@stulacy
Copy link
Contributor Author

stulacy commented Jul 24, 2024

Closing because App Runner has been identified as a more suitable deployment location

@stulacy stulacy closed this Jul 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Create infrastructure in CloudFormation
1 participant
@stulacy