Deployment and Provisioning
In this group of lectures we run a hands on deployment of the next iteration of the Pizza Time solution. The Pizza Time business has been a success. It needs to support more customers and wants to expand to meet a global market.
We define our new solution, then walk through a hands on deployment that extends our scalability, availability and fault tolerance.
Hi, and welcome to this lecture.
In this lecture we will learn how to use the CloudFormer tool.
Before we go to the demo, let's just put some context in here. We already have deployed our Web distribution, our Angular app in the Bucket, we configured the route 53 domain, I would say it's 50% configured, we have an Elastic Load Balancer, we have Auto Scaling groups with these two instances, we have a VPC in here, and we have the databases. We haven't really touched the databases, we'll deal with that in the next lecture.
But we still need to deploy things in this Sao Paulo region, and I don't know about you, but I don't want to go through the same process that we did to create an Elastic Load Balancer, to create an Auto Scaling group, and so on. So, let's use CloudFormation for that, because if you notice that structure will be exactly the same as this structure. So we can use the CloudFormer tool to generate a template for us, and we can later on adapt that template to run in the Sao Paulo region.
So let's go to the AWS console, and learn how to use the CloudFormer tool. Here at the AWS console in the Oregon region, we need to go to the CloudFormation console, and to use the CloudFormer tool, we actually need to launch a CloudFormation template, so we click in here to Launch CloudFormer, and we can click on Next, and we need to specify a password and a username here.
Remember, you must know that when you create any instance to run in web application, and this web application will have some IAM roles assigned to the instances, so these instances can read some information in our AWS account, so you should specify a username and password that has some level of security, because if someone gets their hands on this password, they can read a few information about your environment, and that might be a security issue. So I will use a stupid username and password in here, but don't do that in your environment, and I will use the Default VPC, I really don't care where AWS will launch this application.
Click on Next, I don't want to add any text, Next again, we need to mark this checkbox, because again this template will create some IAM resources, so it's time to click on Create. That will take a few minutes to launch, so you stop the video and get back once it's done.
So the creation was completed, if we select the stack, and click on Outputs, we can have access to the instance there is running, our CloudFormer tool. We need to proceed, because it uses a self-signing certificate, and in here we need to specify the password and username that we specified during the stack creation.
Okay, so now we need to specify the region that we want to read the information, so we will say that this is the Oregon region that we want to read, and we click on Create Template.
We can provide a description, this will be the pizza-time ec2 configuration, and we can filter the resource names. Since we used pizza-time for almost all the things that we created, so we can put that in here, and that will save us some time selecting the resources that we want to put in the CloudFormation template.
So first DNS, we don't want to migrate anything related to DNS, so we can click on continue. We do want to migrate some VPC resources. We need to make sure that we are using the right VPC, so if we pass the mouse through here, we can see the name of the VPC, that's the VPC that we want, the Pizza-time-oregon, we can click on Continue, and on VPC network, we need to select the things that are going to be inside our VPC. So these are just subnets, you can see that AWS kindly selected the things that we wanted, just because we specified a common name for all the resources that we created. So it was the pizza time VPC, pizza time ELB and so on, so AWS can take that VPC and see the resources inside that VPC, and pre-select that for us, so we don't need to select everything.
I'll click on Continue, VPC security, we just have the default acl, and our Route Tables, this is the private route table, the default route table, and the public route table. We definitely want those, Continue.
And on networking, we definitely want to select our pizza-time elb. We don't want to select the CloudFront Distribution, because the distribution is already global, we don't want to replicate that. On managed surfaces, we just want to select the Auto Scaling Group in here, it's already selected, so click on Continue.
We have the choice in here to leave this one marked, but since we are not really using this launch configuration, remember that we had problems with the security group inside the launch configuration and we created this launch configuration, the rightone, so we just want to select the rightone, let's keep things easier.
Click on Continue, we don't want to select any instances, because our instances are going to be already configured inside an Auto Scaling group, so we don't need to copy any configurations of any instances running our account. We don't care about the database right now, we are going to deal with the database in the next lecture, but we don't want to replicate that to the Sao Paulo region.
So click on Continue, Continue again, app services, we don't want to duplicate the SNS topic, we can click on Continue.
Under Security, we need to select the security groups that we want, so we need to select the pizza time ec2 security group, the rightone, we definitely want this. We need to select the elb security group, and we won't mess around with our RDS settings, so I would leave the rest unmarked.
Click on Continue, we want to have the same scaling policies, we still want to have the same scheduled actions in our auto scaling group, and we have the option to also copy the alarms, but since that's needed for the auto scaling policies, I will keep these selected.
And in here we have a summary of everything that you have selected, so you can check the results, click on Continue, and wait to receive your CloudFormation template.
We have this template, and in here we have two options. We can save this template in a bucket, we can select a bucket in here, or we can specify a template name, and save this template in there, or we can simply copy and paste the information that we are seeing here, and save it somewhere else.
How you do the final option where you copy and paste this template, and I want to change a few things in this template.
I copied the template, now I will paste it in here. And I just want to change a couple of things. CloudFormer is great, but it's really not enough when you have a certain level of automation. For example, the VPC name. The VPC name here is Pizza-time-Oregon, I don't want that because this VPC will be deployed on the Sao Paulo region, so instead I will call it pizza-time-sao-paulo.
And also, if we go all the way down to our launch configuration, you might not be able to see the problem in here, but the problem is remember that we configured some user data to our launch configuration, so that's not present in here. Also, amis are regional, so this ami identifier will not work in the Sao Paulo region, so I will change a few things in this template in order to make it work, and I will save it in our github repository if you want to deploy this same template in the Sao Paulo region. So pause the recording, change your few things, and get back once it's done.
So we took more than a few adjustments, I actually had to remove the scheduled actions, the scheduling policies, the alarm to trigger the scheduling policies, and the net gateway. The scheduled actions and the policies, I removed because the template generated wasn't really right so I'll have to correct a few things inside the template. So for the time's sake, I choose only to remove that, but we also have a net gateway in the Oregon region, and the net gateway is not available in the Sao Paulo region so that's why I had to remove the net gateway as well.
With the template I saved a final version of this template inside the scripts folder, you will be able to find this file in the Github repository. With this template, we can go in the CloudFormation console in the Sao Paulo region, and we can launch some resources.
In this case we are going to create a new VPC, and we are going to create an auto scaling group, a launch configuration, and an elastic load balancing. So we go here, create a new stack, we select the file that you want, and we click on Next.
Then as any other CloudFormation template, we have to provide a stack name, I'll call it pizza-time-sao-paulo, and I inserted the option to select the Instance Type for this template. I will use t2.micro just to demonstrate how to deploy this script, and we need to define a KeyPair name, in this case I already created a pizza-time-sao-paulo KeyPair, and I just need to select the KeyPair in here.
So click on Next, I don't want to add any text, and Create. That will take a few minutes to deploy, but we don't need to wait for the results. I already mentioned what we are going to deploy with this template, so we will continue configuring our application in the next section.
About the Author
Eric Magalhães has a strong background as a Systems Engineer for both Windows and Linux systems and, currently, work as a DevOps Consultant for Embratel. Lazy by nature, he is passionate about automation and anything that can make his job painless, thus his interest in topics like coding, configuration management, containers, CI/CD and cloud computing went from a hobby to an obsession. Currently, he holds multiple AWS certifications and, as a DevOps Consultant, helps clients to understand and implement the DevOps culture in their environments, besides that, he play a key role in the company developing pieces of automation using tools such as Ansible, Chef, Packer, Jenkins and Docker.