Assignment #04

Packer & AMIs CourseNana.COM

Building Custom Application AMI using Packer

• Use Amazon Linux 2 as your source image to create a custom AMI using Packer. • All AMIs you build should be private. 0 Only you can deploy EC2 instances from it. • All AMI builds should happen in your dev AWS account and shared with your demo account. • AMI builds should be set up to run in your default VPC. • The AMI should include everything needed to run your application and the application binary itself. For e.g., if you are using Tomcat to run your Java web application, your AMI must have Java & Tomcat installed. You should also make sure the Tomcat service will start up when an instance is launched. If you are using Python, make sure you have the right version of python and the libraries you need to be installed in the AMI. • The packer template should be stored in the same repo as the web application. • For this assignment only, install MySQL or PostgreSQL locally in the AMI. Continuous Integration: Add New GitHub Actions Workflow for Web App CourseNana.COM

1. When a pull request is merged, a GitHub Actions workflow should be triggered to do the following:
2. Run the unit test.
3. Build the application artifact (war, jar, zip, etc.).
4. Build the AMI with application dependencies and set up the application by copying the application artifacts and the configuration files.
5. Configure the application to start automatically when VM is launched.

   Infrastructure as Code w/ Terraform

   In this assignment, you will update the Terraform template to add the following resources to the stack. CourseNana.COM

   VPC & Networking

The EC2 instance must be launched in the VPC created by your Terraform template. You cannot launch the EC2 instance in the default VPC. CourseNana.COM

App Security Group

• Create an EC2 security group for your EC2 instances that will host web applications. • Add ingress rule to allow TCP traffic on ports j, (80j, ' 443 , and port on which your application runs from anywhere in the world. • This security group will be referred to as the (application security group. CourseNana.COM

EC2 Instance

Create an EC2 instance with the following specifications. For any parameter not provided in the table below, you may go with default values. The EC2 instance should belong to the VPC you have created. • Application security group should be attached to this EC2 instance. • Make sure the EBS volumes are terminated when EC2 instances are terminated. Parameter Value Amazon Machine Image (AMI) Your custom AMI Instance Type t2.micro Protect against accidental termination No Root Volume Size 50 Root Volume Type General Purpose SSD (GP2) CourseNana.COM

Bootstrapping Database

• The application is expected to automatically bootstrap the database at startup. o Bootstrapping creates the schema, tables, indexes, sequences, etc., or updates them if their definition has changed. o The database cannot be set up manually by running SQL scripts. o It is highly recommended that you use ORM frameworks such as Hibernate (for java), SQLAlchemy (for python), and Sequelize (for Node.js). CourseNana.COM

Setup Autorun Using Systemd

Note: Systemd is optional. You may use any other tools to setup autorun. • Running Your Node.js App With Systemd (https://nodesource.com/blog/running-your-node-js¬app-with-systemd-part-1/) • How To Setup Autorun a Python Script UsingSystemd1(iffps://tecadmin.net/setup-autorun¬python-script-usingstemd/). • Understanding Systemd Units and Unit Files (https://www.digitalocean.com/community/tutorials/understanding-systemd-units-and-unit-files) 2/23/23, 12:20 AM Assignment #04 CourseNana.COM

Submission

The assignment will be considered late if commits are made to the main branch after the due date. CourseNana.COM

1. All work for this assignment must be done on the feature branch in your fork and merged to the main' when you are dev complete.
2. The feature and branches must be in sync.
3. Submit your code from all repositories in this assignment. Read the instructions carefully to create your zip file.
4. Create a folder with the naming convention firstname_lastname_neuid
5. In the firstname_lastname_neuid clone all of your GitHub (organization) repositories with the git clone command. It is important that you clone the repos so that your commit history and branches are preserved.
6. Once you have cloned all of your repositories, you will create a zip of the firstnamelastname_neuida## directory. The zip file should be firstname_lastname_neuid_a_ltit.zip where ## is the assignment number.
7. Now unzip the zip file in some other directory and confirm the content of the zip files.
8. Upload the Zip to this assignment.
9. You are allowed to resubmit. If you think there may be an issue with the ZIP file, feel free to submit it again. Only the latest will be used for grading.

   Grading Guidelines

   The following guidelines are for information only. They are subject to change at the discretion of the instructor and TA. A 10% penalty will be imposed if the application crashes due to unhandled exceptions/errors. Previous Assignment Objectives • TAs must verify that students have resolved all open issues from the previous assignment(s). Git Repository Content Check (10% Penalty) • Check the repository for any IDE-specific files. IDE configuration files must not be in the repository. o Verify their .gitignore configuration. • Check the repository for build artifacts such as .class , .jar , files and build), (node_modules directory. None of these should be checked into the repository. • Check for dependencies. Dependencies from the Maven repository or npm should not be committed to the git repository. Pre-requisite for Demo (5% Penalty) • Delete all VPCs and AM's you may have created in your demo AWS account. 2/23/23, 12:20 AM Assignment #04 CourseNana.COM

   Building Custom Application AMI using Packer (40%)

   • Verify students are using Amazon Linux 2 as the source image for building AMI. o Note: The source AMI id may be different than the one listed on the assignment page. o The builder used is amazon-ebs. • The shell provisioner(s) does the following: o Upgrade the OS packages. o Install all the application prerequisites, middleware, and runtime. o Install MySQL or PostgreSQL. o Update permission and file ownership on the copied application artifacts. • The file provisioner(s) is running a shell script to do the following: o Copy the application artifact to the right location. o Copy the application configuration file to the right location. CourseNana.COM

   Cl/CD (20%)

   • AMI template should be validated in the pull request status check. o Ask the student to raise PR with the invalid template. o PR status check should fail and block merge. o AMI should not be built during the PR check. • The application artifact is built for copying to AMI. • AMI is built when PR is merged. • AMI is automatically shared with the DEMO account. The AWS account id is provided in the Packer template. CourseNana.COM

   Bootstrapping Database, App Demo using AMI & Infrastructure as Code w/ Terraform (40%)

   • Once the AMI is built and available in the DEMO AWS account, students will deploy the infrastructure using Terraform which will create the networking resources and launch the EC2 instance in the newly created VPC. o EC2 instance should not be in DEFAULT VPC. • Validate Terraform template does not have hard-coded values. AMI id should be passed as a parameter to stack. Networking resources should be referenced within the Terraform template. • Application endpoints from Al & A2 should work once the instance is ready. Students cannot SSH into the instance to set up a database or start the application. • Reboot the EC2 instance and validate the application is running automatically on reboot. CourseNana.COM

For Demo: Deploying Application by Launching the AMI

1. To demo a properly built AMI, launch the EC2 instance with the custom AMI using the Terraform template.
2. The application should work when the EC2 instance is in a "running" state.
3. No manual start/stop commands should be required and no SSHing.