Python project: DevOps Blue/Green Deployment using VS Code | Developer PowerShell

 


Blue/Green Deployment with AWS Lambda 

This hands on DevOps project uses two versions of a Lambda function for blue/green deployment. An alias is used to switch traffic between them. An alias is a pointer which directs traffic between two version. 

This project assumes an AWS account has already been created, and permissions have been granted to access/manage Lambda, IAM, and awscli if one is not root when accessing the AWS console and services. 

VS Code is the IDE being used with a virtual environment and PowerShell for the terminal.


Step 1: Set up the virtual enironment.

The most important commands in working with your virtual environment are:

  • Create your virtual environment

py -m venv env

  • Activate your virtual environment

env\Scripts\activate


TODO: It's also a good idea to update pip using the following command:

py -m pip install --upgrade pip

 Go to View > select Command Palette > Select Python Interpreter > (env:venv)





Configure credentials to set up aws cli with account credentials.

aws configure
    • Enter the account access key.
    • Enter the account secret key.
    • Enter the region.
    • Enter the output format (i.e., json).



Confirm the credentials provided.
 
aws configure list
                   



Confirm that Python is installed 
 
python --version





Step 5: Install the Python extension for VS Code.




Use pip to install boto3.
 
pip install boto3



Confirm boto3 has been successfully installed.

pip show boto3




Step 8: Create an IAM role with the AWSLambdaBasicExecutionRole policy.
Click on the button, 'Create role'.
 


Step 8a:Select trusted entity > Trusted entity type > AWS service




Step 8b:
Select trusted entity > Use case > Service or use case > Lambda
Use case > Make certain the radio button labeled "Lambda" is selected.




Step 8c:  Click 'Next'.




Step 8d: Click on the check box next to the AWSLambdaBasicExecutionRole to attach the Permissions Policy to the role.





Scroll to the bottom and click, "Next".




Step 8e: 
Under 'Name, review, and create' > 
Role details > Role name -> `devops-lambda-execution-role`.
**NOTE: The 'Description' is pre-populated by default. Leave this as it is.




8f: Step 1: Select trusted entities.
Trust policy - Review the trust policy and leave it as it is.



8g: Add permissions.
The 'AWSLambdaBasicExecutionRole' should be listed under the Permissions policy summary. 



8h: Add tags. 
Tags are an essential part of the creation of any AWS resource and play a part in upholding the pillars for the Well-Architected Framework:
  • Asset tracking and allocation to specific departments, projects, or teams. 
  • Efficiently manage and locate assets within complex cloud environments.
  • Help to enforce securite policies and regulatory compliance. 
Click on 'Create role'.




Step 8h:
Confirmation screen to show that the Lambda Role has been created.




Step 9:
Search for the devops-lambda-execution-role on the IAM Role dashboard > 
Click on the devops-lambda-execution-role hyperlinked in blue.





TODO: Copy the Role ARN to be used in the 'User Data' script.


Create two Lambda function versions.

Step 1. Write a simple Python Lambda function and save it as lambda_blue.py and lambda_green.py.

Example:
lambda_blue.py


def lambda_handler(event, context):
    return {
        'statusCode': 200,
        'body': 'Hello from Blue version!'
    }



Example:
lambda_green.py


def lambda_handler(event, context):
            return {
                'statusCode': 200,
                'body': 'Hello from Green version!'
            }


Zip the two files:

#  zip lambda_blue.zip lambda_blue.py





# zip lambda_green.zip lambda_green.py



Zip the two files using the PowerShell
The 'powershell' term must be used before the command.

# powershell Compress-Archive -Path lambda_blue.py -DestinationPath lambda_blue.zip  


  

# powershell Compress-Archive -Path lambda_green.py -DestinationPath lambda_green.zip

 

Zipped files using PowerShell





Create the Python Deployment script.

  • Create a new project folder.
  • Open the project folder in Visual Studio Code.
  • Click the plus sign to create a file and name it, 'blue_green_deployment.py'.

Code base for blue_green_deployment.py



Execute the script.

Prior to executing the script, ensure that the following files are all contained in the same directory:
  • lambda_blue.zip
  • lambda_green.zip
  • blue_green_deployment.py


NEXT

Upload the .zip files to the Lambda function and use an alias and versioning to switch in-between the blue and green version.

To do this programmatically via the command line:

PowerShell command to upload the deployment packages to AWS Lambda.

$zipFilePath = "lambda_blue.zip";
$zipFileBytes = [System.IO.File]::ReadAllBytes($zipFilePath)






After uploading the .zip file, publish a new version.

aws lambda publish-version --function-name YourLambdaFunctionName


NOTE the version number.




Repeat the process to upload the lambda_green.zip file.

$zipFilePath = "lambda_green.zip";
$zipFileBytes = [System.IO.File]::ReadAllBytes($zipFilePath)
                              



Confirm the .zip files have successfully been uploaded. 
Goto the AWS console > Lambda service > Code tab


After uploading the .zip file, publish a new version.


# aws lambda publish-version --function-name YourLambdaFunctionName
    
            


NOTE the version number.

                     



Run the script.

# python blue_green_deployment.py 
  
             

The script shall deploy the Blue version of the Lambda function.       

                                      




Next, the script waits for user confirmation to deploy the Green version.



The script shall then deploy the Green version of the Lambda function.



Review the functions created from the terminal on the AWS Console.




Create Aliases

Create an alias for the Blue version.

aws lambda create-alias --function-name YourLambdaFunctionName --name Blue --function-version <#>
                                         



Create an alias for the Green version.

aws lambda create-alias --function-name YourLambdaFunctionName --name Green --function-version <#>
                                         


Test the Blue version and invoke the function using the "Blue" alias:
Note: The ExecutionVersion listed in the output is the same version as the "FunctionVersion" when the aws lambda create-alias --function-name YourLambdaFunctionName --name Blue --function-version <#>  was run in an earlier step.

aws lambda invoke --function-name BlueGreenLambda:Blue response.json



Test the Green version and invoke the function using the "Green" alias:
Note: The ExecutionVersion listed in the output is the same version as the "FunctionVersion" when the aws lambda create-alias --function-name YourLambdaFunctionName --name Green --function-version <#>  was run in an earlier step.

aws lambda invoke --function-name BlueGreenLambda:Green response.json


Switched from Green back to Blue to test the alias 'live'.

aws lambda update-alias --function-name BlueGreenLambda --name live --function-version 17



























Comments

Post a Comment

Popular posts from this blog

C++ script - Script to learn map library | struct | transform a vector of keys

Image
 Note: I would appreciate your support of this blog by going to the link below to "Buy me a pizza" so that I may continue to provide educational scripts, resources and general tech stuff. 🍕 Thank you. https://www.buymeacoffee.com/infosec_coder --------------------------------------------------------------------------------------  With this script, you will use the following: - Header file - Implementation file - structure (struct) - boolean variable - class - map and vector - which are part of C++'s STL (standard template library) This program was created using Visual Studio for the IDE. To view an image below clearly, you may right click > open image in new tab> in the new tab, your cursor will turn into a crosshair symbol > left click > will zoom in on script. ------------------------------------------------------------------------------------ I. Screenshot of output II. Language.h  III. Language.cpp IV. main.cpp
Read more

Developer's Arsenal: How HashiCorp unites cloud securite and upholds the AWS Well-Architected Framework when implementing Policy as Code using Sentinel One.

Image
This summary highlights the compelling impact of Sentinel One on Infrastructure as Code (IaC) by: automating policies ensuring seamless adherence to infrastructure requirements (aka AWS Well-Architected Framework) significantly slashing response times for developers throughout the code submission process This blog post references the following video on Sentinel One by HashiCorp.: Video: Introduction to Sentinel, Policy as Code Framework (hashicorp.com) Armon Dadgar's discussion on policy as code, with a focus on HashiCorp's Sentinel, offers valuable insights for cloud architects, especially in the context of adhering to industry best practices like the AWS Well-Architected Framework. Sentinel is designed to be a high-level language for non-programming experts to author the policies. Dadgar begins by emphasising the benefits of infrastructure as code, aligning the principles advocated by the AWS Well-Architected Framework. By integrating the Terraform Enterprise, Sentinel One en...
Read more

Python script (2024): Learn how to manage secure storage in AWS using S3 lifecycle configurations.

Image
  Quick overview of how to set up and run a .py program within Visual Studio Code using a virtual environment. This was made in Visual Studio Code within a virtual environment. The most important commands in working with your virtual environment are: 1. Create your virtual environment > py -m venv env 2. Activate your virtual environment > env\Scripts\activate ** It's also a good idea to update pip using the following command: > py -m pip install --upgrade pip 3. Go to View > select Command Palette > Select Python Interpreter > (env:venv) 4. Ensure you are using the PowerShell terminal or you may do a split terminal if you need to run a few Linux commands (WSL) as part of the project. A split terminal is not necessary for this project. 5. Run your application > py main.py ===================================================== Screenshot of output ===================================================== Next, import the correct libraries  boto3 is the Amazon W...
Read more