Now if you want to pull this local, as you might now need to do some changes, and push to AWS instance later, you need to make sure to clone the repo local from GitHub
Pull the image local in your machine (or from GitHub or from Docker Hub ) and tag it.
docker pull cr3w/simple-website:latest
docker tag cr3w/simple-website:latest 693505164922.dkr.ecr.us-east-2.amazonaws.com/simple-website:latest
We need to make sure here that when we push new image versions on Docker Hub to have the latest tag as ECR is listening the "latest" tag to get the most up to date version.
You can always revert previous image with pushing older versions example Tag=1.0.0
This will revert the Docker image to ECR which then will push the image to AWS and will revert the updates have made sure once we make an update to GitHub, we also update the docker hub.
Also we need to make sure that we have already created Role with permission: `AmazonEC2ContainerRegistryReadOnly` for our instances to be able to ready the Docker ECR images.
We define that in our cloudformation.yml file we add the IamInstanceProfile property to our AWS::AutoScaling::LaunchConfiguration
Improvements of the cloudformation.yml can be tracked here this is only for testing purposes do not use in production.
Watchtower is an application that will monitor our running Docker containers and watch for changes to the images that those containers were originally started from. If watchtower detects that an image has changed, it will automatically restart the container using the new image.
Troubleshooting Watchtower:
sudo docker logs --follow watchtower
Resources:
Actions
What this is doing?
We push the cloudformation.yml file, that creates 2 Load Balanced EC2 Instances with HA ( High Availability) the actions/changes logged into a GitHub repo, that using GitHub Actions and we have the control of the YAML template, it can be used later on with Ansible or Terraform.
We can provide access to the GitHub Organization to Dev Ops and other Engineers by using Zero Trust Security model ( continues authentication ), and SSO authentication methods using Okta, Azure or other type of IdPs.
We maintain a repo, on GitHub, that Developers can PR ( Pull Request) code changes, once approved will get pushed in to main repo, by using GitHub Actions, we communicate with the Docker Hub (failover if ECR not available), where we host our docker app, once there is a new version from GitHub, creates a new version on Docker Hub and we send a copy also to our Elastic Container Registry, which then automatically change the content in the AWS EC2 instances by using ECR
We have the ability to transform the whole project and migrate it on K8s ( Kubernetes) very easily, and create a fail-over scenarios in case of a region failures on AWS or migration to other services.
LB apps:
To Do
Created a very simple Docker image --> this image exists for failover and just updates with GitHub actions on every PR.
Once we make an update to the version ( local, or by a PR to GitHub --> [needs and approval], we push the change to GitHub, and with GitHub actions ()
we push the new version to the Docker Hub -->
will use AWS Elastic Container Registry as a main source for now. Will have to create a new repo ( region us-east-02
we create a new ( private ) repo
This is a Global configuration created here:
Finally we will use watchtower in Docker: to track updates on our ECR image, and pull it to the EC2 instances.
