Elixir with Phoenix

We're doing it again. Avoiding actual work by playing around with Elixir using the Phoenix framework and I love it. Now, can we get it deployed in a reasonable way so that projects we work on can be shown off to the world?

Building it locally Easy enough to get it running with the instructions from Elixir and Phoenix

Problems with Postgres install and running

postgresql install ubuntu sudo su - postgres pg_ctlcluster 11 main start Getting default postgres running required the pg_ctlcluster Finally running local db, not my strong suit Package it up for deployment

Add Distillery {:distillery, "~> 2.0"}

Hex Package Manager for the BEAM ecosystem

About Six Colors AB

Hex was started as an open-source project early 2014, it is still an open-source project but today it is operated by the Swedish limited company “Six Colors AB”. The company was founded in 2018 by the creator of Hex, Eric Meadows-Jönsson, Six Colors supports the development of Hex and operates all services required to run Hex.

By charging for private packages we can fund free open-source development and run reliable services for both paying customers and the open-source community.

Get it out there

Setup a VM on Azure

tyBasic Ubuntu VM 1 CPU, 1GB RAM $ 8 bucks a month

Setup the Postgres

CPU 1 & 5GB Storage $ 27 Bucks a month! OK…now what? I can ssh into the VM 👍

Probably need to get the postgres creds into the prod build for my app?

set the env vars to be able to run MIX_ENV=prod mix release $ mix deps.get --only prod $ MIX_ENV=prod mix compile $ npm run deploy --prefix assets $ mix phx.digest

npm run deploy --prefix assets && MIX_ENV=prod mix do phx.digest, release --env=prod

Let’s try this without an Nginx proxy 🤷‍♀️

Port Forwarding with iptables Tried Ubuntu ufw. But it wasn’t enabled on the VM by default, So I went with port forwarding iptable style

Getting the DB connection is a struggle

How do I do mix ecto.create for prod? Since, you know, there isn’t any mix? Ecto Migrations edeliver writeup from plataformatec Attaching to /home/meowAdmin/hello-meow/var/erl_pipes/[email protected]/erlang.pipe.1 (^D to exit) iex([email protected])1> path = Application.app_dir(:hello_meow, "priv/repo/migrations") "/home/meowAdmin/hello-meow/lib/hello_meow-0.1.0/priv/repo/migrations" iex([email protected])2> Ecto.Migrator.run(HelloMeow.Repo, path, :up, all: true) 22:08:49.855 [info] Already up [] iex([email protected])3> OH SHIT IT’S ALIVE Continuous Delivery

One option

Digital Ocean Option

AWS Option

Next Try

Let’s go with the AWS option, and we’re going to roughly follow a couple guides to get what we what. And what’s that?

1. Continuous Deployment 1. Whatever I git commit to Master is built and deployed to the running instance. Whether that’s a hot upgrade, or a deploy and drain of an EC2. Whatever, I’m not too concerned with the details at this point. I want to be able to build locally, test it out, and then trigger a deploy by doing what I already do, a git commit and / or merge 2. Wanta be able to rollback easily. That might be aws cli, or even a click on the aws console. Either would be fine, I have no idea how this will work in practice with automatic build and deploy yet. 3. Build fail if tests fail.

Elixir on AWS

or this one Elixir w/ Docker on AWS

AWS install cli and get signed in.

setup ssh for code commit config cli with AMI account Be sure to have permissions for our new AMI user to cloudformation (this might be hairy) Skipping cloudformation bc 😱

Get the project up on git up

Create the RDS postgresql and get the address, username, and password,

Create an encrypted S3 bucket for secrets

Spin up 2 EC2 instances of the default linux and ssh into them with the *.pem that you download from the console

not sure how with a PEM ? yeah me either aws ec2 ssh
turns out you can just the PEM in the ssh command

ssh into ec2 instance and install codedeploy mmmmmmm. with a list of 8 commands ?

ummmm, ok 🤷‍♀️ codedeploy agent install
rando site for install package by s3 region wget https://aws-codedeploy-us-east-2.s3.us-east-2.amazonaws.com/latest/install is your agent running ? sudo service codedeploy-agent status at this point I haven’t seen codedeploy in action, but i have the agent running. Repeat on the 2nd instance

That seemed to be the easy part. I’ve now got code deploy agent running on my instances, Now it appears I need an appspec.yaml oh boy do I love YAML files.

Have YAML file slowly try and refine uploaded secrets to secure S3 bucket with no public access. Scripts pull them down and export them before build

Current cycle:

Update code config git push get commit hash run codedeploy READ ERRORS

Now on 8 failed deploys

Then it occurs to me. Even if I get it running.

THERE IS NO ELIXIR / ERLANG ON THE VM 😡

So over to codebuild as a product.

deploying to aws from hex:distillery

Mess with codebuildfor a couple hours

Realize that pipeline is really what I want and that some options aren’t available unless you start from there

Build a pipeline

detour from aws to CircleCI for another couple hours

Even within a project I will bounce when I hit a wall, rather than taking a 10 minute break and coming back to it. I was trying to be super good at time tracking, but it’s gone out the window for this project.

Got it building and testing on CircleCI, then aws orbs showed up when I went to figure out how to get the build from the CI to S3 so finally get it to the EC2 instances to run

That seems like a real chore, using the same aws-cli that I was using in the aws interface !!!!

Back to aws 😭

At least there is gobs of documentations and help articles

Cool I like VPC (Virtual Private Cloud)

loadbalancers need 2 subnets in different available zones

both need to have an internet gateway ? which means the routing table for both public subnets created need to have internet gateway … i think

ok. got past that step. now

AWS Certificate Manager (ACM) is the preferred tool to provision and store server certificates. If you previously stored a server certificate using IAM, you can deploy it to your load balancer. Learn more about HTTPS listeners and certificate management.

so many steps

ok. so have a cert for the domain.

Use NameServe from aws to populate the ‘nameserve’ on hover.

Now. Now we can set up the loadbalancer with a target ‘group’

Remember we need to actually deploy the code from S3 to the EC2.

Need to ssh in and install codedeploy again

had to swipe ec2 instances and start again

Need Blue/Green so 2 ? 🤷‍♀️

Also remember there is no codedeploy agent on the ec2’s anymore

AND they are not publicly accessible so I can’t ssh into them and run the commands

so that leads me to AWS System Manger 🤦‍♂️

after fighting with AIM to get the ec2’s to show up, I might have out outdated agent to get to the instance, to run what I need ?

The version of SSM Agent on the instance supports Session Manager, but the instance is not configured for use with AWS Systems Manager. Verify that the IAM instance profile attached to the instance includes the required permissions. Learn more

I didn’t even know what a bastion instance was