I have been using AWS Code deploy from the past 3 months. Every thing went nice. And suddenly When I want to deploy code to EC2 servers today. I am getting this strange error (after it is trying to deploy for more than 20 Minutes).
The overall deployment failed because too many individual instances failed deployment, too few healthy instances are available for deployment, or some instances in your deployment group are experiencing problems. (Error code: HEALTH_CONSTRAINTS)
I don't understand what happened.I have not messed any thing with AWS at all,I just tried to deploy code as I always do. What could be the reason?
Before starting the deployment, make sure to check the deployment group to see if there is any healthy instance listed.
2 potential reasons could be possible here :
You might have missed to install the Code Deploy Agent on your EC2 instance(s) for which the below set of commands will help you to install
sudo yum update
sudo yum install aws-cli
cd /home/ec2-user
aws s3 cp s3://aws-codedeploy-us-east-1/latest/install . --region
us-east-1
chmod +x ./install
sudo ./install auto
Please make sure above set of commands depend on the platform you are using, if you are using Amazon's Linux AMI its good to go, for other platforms it may vary.
There might be error in your appspec.yml, if that is the case then you may be able to see that error in which lifecycle event the error is there. To identify that, go to the deployments => select one of the deployments which got failed => go to events => here you will see the error => clicking on that error will display the reason.
If you want to understand in detail how it works, kindly go through my blog here
Please let me know if it doesn't fix your problem.
Related
I am trying to deploy my machine learning model with sam for couple of days and I am getting this error:
botocore.exceptions.NoCredentialsError: Unable to locate credentials
I am also make sure that my aws config is fine
the "aws s3 ls" command works fine with me any help will be useful thanks in advance
I've read through this issue which seems to have been deployed in v1.53: SAM Accelerate issue
Reading that seemed to imply that it might be worth trying
sam deploy --guided --profile mark
--profile mark is the new part and mark is just the name of the profile.
I'm using v1.53 but still have to pass in the profile to avoid the problem you're having and I was having, so they may not have fixed the issue as well as intended, but at least the --profile seems to solve it for me.
If you are using Linux, this error can be caused by a misalignment between a docker root installation and user-level AWS credentials.
Amazon documentation recommends adding credentials using the aws configure command without sudo. However, when you install docker on Linux, it requires a root-level installation. This ultimately results in the user being forced to use sudo for the SAM CLI build and deploy commands, which leads to the error.
There are two different solutions that will fix the issue:
Allow non-root users to manage docker. If you use this method, you will not need to use sudo for your SAM CLI commands. This fix can be accomplished by using the following commands:
sudo groupadd docker
sudo usermod -aG docker $USER
OR
Use sudo aws configure to add AWS credentials to root. This fix requires you to continue using sudo for your SAM CLI commands.
I am trying to deploy to EC2 using Bitbucket Pipelines and AWS CodeDeploy. I have everything setup so that the upload step for the CodeDeploy Agent works as it should, it's just that when I try running the statement in the deploy step, my script.sh /usr/local/bin/docker-compose -f /home/ec2-user/my-app/docker-compose.yml run --rm composer install fails.
Everything else works and if I remove this step, it deploys successfully. If I try to execute this command manually it also works and the container for this runs and then exits as it should. I've checked permissions, changed my IAM setup and done everything I can think of before coming here.
So after a LONG time searching, running countless pipeline deployments and hammering my build minutes for weeks on end, I finally got to the bottom of the problem and am hoping this may help anyone with the same problem.
It was a permissions issue that was failing to run execute commands such as docker-compose run. With AWS Code Deploy, we run the scripts for the life cycle hooks in appspec.yml, usually as root. However, the AWSCodeDeployRole needs full permissions - in my case this was for EC2 so was missing the AmazonEC2FullAccess policy that needs to be attached to the AWSCodeDeployRole. Also add ec2.amazonaws.com to the JSON trust policy, this is what worked for me...2 months later!
I am currently migrating my config management on AWS to Terraform to make it more pluggable. What I like is the possibility to manage rolling updates to an Autoscaling Group where Terraform waits until the new instances are in service before it destroys the old infrastructure.
This works fine with the "bare" infrastructure. But I ran into a problem when update the actual app instances.
The code is deployed via AWS CodeDeploy and I can tell Terraform to use the generated name of the new Autoscaling Group as deployment target but it doesn't deploy the code to the new instances on startup. When I manually select "deploy changes to the deployment group" the deployment starts successfully.
Any ideas how to automate this step?
https://www.terraform.io/docs/provisioners/local-exec.html might be able to do this. Couple assumptions
You've got something like aws-cli installed where you're running terraform.
You've got your dependencies setup so that your CodeDeploy step would be one of the last things executed. If that's not the case you can play with depends_on https://www.terraform.io/intro/getting-started/dependencies.html#implicit-and-explicit-dependencies
Once your code has been posted, you would just add a
resource "something" "some_name" {
# Whatever config you've setup for the resource
provisioner "local-exec" {
command = "aws deploy create-deployment"
}
}
FYI the aws deploy create-deployment command is not complete, so you'll have to play with that in your environment till you've got the values needed to trigger the rollout but hopefully this is enough to get you started.
You can trigger the deployment directly in your user-data in the
resource "aws_launch_configuration" "my-application" {
name = "my-application"
...
user_data = "${data.template_file.node-init.rendered}"
}
data "template_file" "node-init" {
template = "${file("${path.module}/node-init.yaml")}"
}
Content of my node-init.yaml, following recommendations of this documentation: https://aws.amazon.com/premiumsupport/knowledge-center/codedeploy-agent-launch-configuration/
write_files:
- path: /root/configure.sh
content: |
#!/usr/bin/env bash
REGION=$(curl 169.254.169.254/latest/meta-data/placement/availability-zone/ | sed 's/[a-z]$//')
yum update -y
yum install ruby wget -y
cd /home/ec2-user
wget https://aws-codedeploy-$REGION.s3.amazonaws.com/latest/install
chmod +x ./install
./install auto
# Add the following line for your node to update itself
aws deploy create-deployment --application-name=<my-application> --region=ap-southeast-2 --deployment-group-name=<my-deployment-group> --update-outdated-instances-only
runcmd:
- bash /root/configure.sh
In this implementation the node is responsible for triggering the deployment itself. This is working perfectly so far for me but can result in deployment fails if the ASG is creating several instances at the same time (in that case the failed instances will be terminated quickly because not healthy).
Of course, you need to add the sufficient permissions to the role associated to your nodes to trigger the deployment.
This is still a workaround and if someone knows solution behaving the same way as cfn-init, I am interested.
I've set up an auto scaling group behind a load balancer and i've created applications in codedeploy, that are deployed on each server.
Actually we have 5 applications, but two of these, are laravel based apps so there's the need to install all composer stuff and npm modules before deployment.
Unfortunately this leads to a deployment that lasts more than 5 minutes and codedeploy sets the deployment as failed and the instance is terminated.
Does anyone have any idea or suggestion on how to solve this issue ?
These are commands that take long time
sudo -H -u $WANTUSER /usr/local/bin/composer update -d "/var/www/mydomain.com/orderform/designer/Designer_php"
sudo -H -u $WANTUSER /usr/bin/npm --prefix
/var/www/mydomain.com/orderform/designer/Designer_php install
In your CodeDeploy hook definition, you need to increase the timeout value.
This is an extension of my last question considering I've decided to deploy a Docker container onto a ton of EC2's. I've set up a repository and a user with full rights, and I added the correct keys to my aws cli configuration. When I try to run the docker login command that comes up after running the "aws ecr get-login" command, it gives me a failed with status: 403 forbidden error. I have absolutely no clue what's going on, and I've spent the past 2 days trying to fix this error... Any ideas?
I would suggest to check the security group of the EC2 Instance
To allow access via SSH you have to apply the following settings for the Security Group of the EC2 Instance:
Security Groups