This project contains the starter code for our course: DevOps Deployment Automation with Terraform, AWS and Docker.
It contains the code you should have by the end of our Build a Backend REST API with Python & Django REST Framework - Advanced course. We've created this snapshot, in-case we update the aforementioned course in the future.
This project runs using Docker. It should work consistently on Windows, macOS or Linux machines.
Follow the below steps to run a local development environment.
- Ensure you have the following installed:
- Clone the project,
cdto it in Terminal/Command Prompt and run the following:
docker compose up- Browse the project at http://127.0.0.1:8000/api/health-check/
To create a superuser to access the Django admin follow these steps.
- Run the below command and follow the in terminal instructions:
docker compose run --rm app sh -c "python manage.py createsuperuser"- Browse the Django admin at [http://127.0.0.1:8000/admin] and login.
To clear all storage (including the database) and start fresh:
docker compose down --volumes
docker compose upThis section contains supplementary documentation for the course steps.
This course uses aws-vault to authenticate with the AWS CLI in the terminal.
To authenticate:
aws-vault exec PROFILE --duration=8h
Replace PROFILE with the name of the profile.
To list profiles, run:
aws-vault list
ECS Exec is used for manually running commands directly on the running containers.
To get shell access to the ecs task:
aws ecs execute-command --region REGION --cluster CLUSTER_NAME --task TASK_ID --container CONTAINER_NAME --interactive --command "/bin/sh"
Replace the following values in the above command:
REGION: The AWS region where the ECS cluster is setup.CLUSTER_NAME: The name of the ECS cluster.TASK_ID: The ID of the running ECS task which you want to connect to.CONTAINER_NAME: The name of the container to run the command on.
Below is a list of how to run the common commands via Docker Compose.
Note: The below commands should be run from ther
infra/directory of the project, and after authenticating withaws-vault.
To run any Terraform command through Docker, use the syntax below:
docker compose run --rm terraform -chdir=TF_DIR COMMAND
Where TF_DIR is the directory containing the Terraform (setup or deploy) and COMMAND is the Terraform command (e.g. plan).
docker compose run --rm terraform -chdir=setup output
The output name must be specified if sensitive = true in the output definition, like this:
docker compose run --rm terraform -chdir=setup output cd_user_access_key_secret
This section lists the GitHub Actions variables which need to be configured on the GitHub project.
Note: This is only applicable if using GitHub Actions, if you're using GitLab, see GitLab CI/CD Variables below.
If using GitHub Actions, variables are set as either Variables (clear text and readable) or Secrets (values hidden in logs).
Variables:
AWS_ACCESS_KEY_ID: Access key for the CD AWS IAM user that is created by Terraform and output ascd_user_access_key_id.AWS_ACCOUNT_ID: AWS Account ID taken from AWS directly.DOCKERHUB_USER: Username for Docker Hub for avoiding Docker Pull rate limit issues.ECR_REPO_APP: URL for the Docker repo containing the app image output by Terraform asecr_repo_app.ECR_REPO_PROXY: URL for the Docker repo containing the proxy image output by Terraform asecr_repo_proxy.
Secrets:
AWS_SECRET_ACCESS_KEY: Secret key forAWS_ACCESS_KEY_IDset in variables, output by Terraform ascd_user_access_key_secret.DOCKERHUB_TOKEN: Token created inDOCKERHUB_USERin Docker Hub.TF_VAR_DB_PASSWORD: Password for the RDS database (make something up).TF_VAR_DJANGO_SECRET_KEY: Secret key for the Django app (make something up).
This section lists the GitLab CI/CD variables which must be configured to run jobs.
Note: This is only applicable if you are using GitLab CI/CD. If you are using GitHub Actions, see [#github-actions-variables](GitHub Actions Variables) above.
In GitLab CI/CD, all variables are set under Variables, and optionally set as masked (secrets hidden from output) and/or protected (restricted to protected branches).
Each variable and their state is listed below:
AWS_ACCESS_KEY_ID: Access key for the CD AWS IAM user that is created by Terraform and output ascd_user_access_key_id.AWS_ACCOUNT_ID: AWS Account ID taken from AWS directly.DOCKERHUB_USER: Username for Docker Hub for avoiding Docker Pull rate limit issues.ECR_REPO_APP: URL for the Docker repo containing the app image output by Terraform asecr_repo_app.ECR_REPO_PROXY: URL for the Docker repo containing the proxy image output by Terraform asecr_repo_proxy.AWS_SECRET_ACCESS_KEY(Masked): Secret key forAWS_ACCESS_KEY_IDset in variables, output by Terraform ascd_user_access_key_secret.DOCKERHUB_TOKEN(Masked): Token created inDOCKERHUB_USERin Docker Hub.TF_VAR_db_password(Masked): Password for the RDS database (make something up).TF_VAR_django_secret_key(Masked, Protected): Secret key for the Django app (make something up).
Check docker is running:
docker --versionCheck aws-vault installed:
aws-vault --versionCheck AWS CLI:
aws --versionCheck AWS CLI Systems Manager:
session-manager-pluginCheck docker compose:
docker compose --versionConfigure Git:
git config --global user.email email@example.com
git config --global user.name "User Name"
git config --global push.autoSetupRemote trueCheck out our courses on londonappdeveloper.com.
Or find them below: