1
00:00:00,480 --> 00:00:08,340
So we need to know how to use on premise instances for code deploy and the high level we need to configure

2
00:00:08,340 --> 00:00:11,490
on each on premise instance that could deploy agents.

3
00:00:11,490 --> 00:00:16,260
Register it and then we'll have the option to tie it on premise instances.

4
00:00:16,260 --> 00:00:21,810
So you need to remember that tagging on premise instances is something that's only available for code

5
00:00:21,820 --> 00:00:22,780
at this point.

6
00:00:22,800 --> 00:00:27,390
And then we'll be able to deploy application revisions directly to the on premise instances.

7
00:00:27,390 --> 00:00:33,600
So to do it to register an on premise instance the documentation gives us three ways and they can be

8
00:00:33,870 --> 00:00:37,550
be grouped into two different kinds.

9
00:00:37,560 --> 00:00:39,620
One is when we use an ATM user.

10
00:00:39,610 --> 00:00:41,530
HRN to authenticate request.

11
00:00:41,670 --> 00:00:46,950
And so we'll have to create an I.M. user for each on premise instance that we create.

12
00:00:46,950 --> 00:00:49,940
So that works for a small number of instances.

13
00:00:49,950 --> 00:00:52,280
The other option is to use an AM role.

14
00:00:52,280 --> 00:00:57,170
HRN to authenticate request and they will use the s t s security token service.

15
00:00:57,300 --> 00:01:05,460
And this is used to register large numbers of on premise instances but it is more painful to do so you

16
00:01:05,460 --> 00:01:10,560
need to remember that the second one is definitely the most secure and you need to remember the steps

17
00:01:10,560 --> 00:01:11,220
at a high level.

18
00:01:11,370 --> 00:01:16,680
But for this hands on we'll do this one where we create an I am user Aaron and you'll see that's complicated

19
00:01:16,740 --> 00:01:17,600
enough.

20
00:01:17,790 --> 00:01:21,190
Now we'll use the register on premise instance API call.

21
00:01:21,360 --> 00:01:26,690
We'll use the second tutorial then because it is the same API call that we'll use for it or for est.

22
00:01:26,700 --> 00:01:27,940
Yes OK.

23
00:01:28,140 --> 00:01:31,260
So let's go ahead and create and choose the second link.

24
00:01:31,410 --> 00:01:37,290
So use the resistor on premise instance commands using an I.M. user Aaron to register and on premise

25
00:01:37,320 --> 00:01:38,370
instance.

26
00:01:38,370 --> 00:01:42,210
So the first thing we have to do is to create an on premise instance.

27
00:01:42,210 --> 00:01:44,430
And because I expect you not you haven't on premise.

28
00:01:44,430 --> 00:01:49,800
Instance what we'll do is that we'll create an easy to instance but we'll just call it on premise.

29
00:01:49,800 --> 00:01:55,520
So this one isn't easy to instance a two to micro and we're not going to give it any role.

30
00:01:55,580 --> 00:01:55,910
Okay.

31
00:01:55,920 --> 00:01:57,750
Because we don't want to fake it.

32
00:01:57,750 --> 00:02:02,990
We want to make sure it's like a VM that has nothing in us on it and we'll click on add storage tags

33
00:02:03,390 --> 00:02:07,110
and for a name I will say it's on premise.

34
00:02:07,500 --> 00:02:13,370
And for the environments maybe we'll call it on premise as well.

35
00:02:13,400 --> 00:02:13,800
OK.

36
00:02:13,920 --> 00:02:18,780
Security Group wise we'll just leave it as is for Port 22 and actually we'll just attach the one we

37
00:02:18,780 --> 00:02:24,190
had from before and launch launch and yes I have that keep our lunch instances.

38
00:02:24,710 --> 00:02:25,160
OK.

39
00:02:25,350 --> 00:02:30,930
So that instance is the instance we will use and this is our fake on premise instance that we'll register

40
00:02:31,200 --> 00:02:32,640
using this tutorial.

41
00:02:32,640 --> 00:02:33,090
OK.

42
00:02:33,270 --> 00:02:37,890
First thing we have to do is to create an AM user for the on premise instance.

43
00:02:37,890 --> 00:02:41,690
So for this we need to create a resource.

44
00:02:41,730 --> 00:02:44,340
Let's go to I am in here.

45
00:02:44,520 --> 00:02:45,330
OK.

46
00:02:45,690 --> 00:02:52,320
And we'll go ahead and create a user so add user and they recommend us to identify by a name that's

47
00:02:52,320 --> 00:02:53,700
going to be explicit.

48
00:02:53,790 --> 00:03:00,060
So we'll use the user name could the poor user on prem and remember you need to create one I am user

49
00:03:00,180 --> 00:03:06,540
per on premise instance and for this we'll just give it programmatic access such as we have an access

50
00:03:06,540 --> 00:03:12,630
key and a secret access key available to us next for permissions we'll look at what the permissions

51
00:03:12,630 --> 00:03:18,990
are assigned and they recommend that we give it the S three permissions to read from it that makes a

52
00:03:18,990 --> 00:03:19,650
lot of sense right.

53
00:03:19,650 --> 00:03:24,910
We want are easy to our on premise instance to be able to fetch files from S3.

54
00:03:25,380 --> 00:03:34,800
So as such we will go ahead and go to IEM and we will just attach directly policies and we'll go for

55
00:03:34,800 --> 00:03:37,230
S3 read only.

56
00:03:37,340 --> 00:03:43,140
OK next for tags we won't add any tech to it click on review and create that user.

57
00:03:43,170 --> 00:03:48,990
So here is our user the code the poor user on prem and we have an access key idea and a secret access

58
00:03:48,990 --> 00:03:50,550
key and I'll just keep this in this tab for now.

59
00:03:51,320 --> 00:03:51,530
OK.

60
00:03:51,540 --> 00:03:54,780
So we don't step two then we get the IAM credentials.

61
00:03:54,780 --> 00:04:01,200
So this is what we have in this open tab so we'll keep it as is excellence and then we scroll down and

62
00:04:01,200 --> 00:04:06,050
we need to add a configuration file to the on premise instance.

63
00:04:06,180 --> 00:04:12,900
So we need to create a file named code deploy that's on premise document and we need to create it at

64
00:04:12,900 --> 00:04:14,320
this location.

65
00:04:14,460 --> 00:04:15,480
So let's do it.

66
00:04:15,510 --> 00:04:23,460
We'll just create this file and so let's do it right now we've got two instances right click connect

67
00:04:23,850 --> 00:04:27,150
using that easy to instance connect and connect to it

68
00:04:30,510 --> 00:04:36,540
and we need to create this file called Easy TTC could deploy agent conf and then within it we need to

69
00:04:36,540 --> 00:04:38,660
create this could deploy on premise.

70
00:04:38,660 --> 00:04:49,100
So let's go here and click sudo nano and then the found them is going to be com start on premise document.

71
00:04:49,680 --> 00:04:51,960
And I'm not even sure this will work.

72
00:04:52,180 --> 00:04:54,460
Let's see you see the directory doesn't exist.

73
00:04:54,460 --> 00:04:56,740
So we need to first create that directory.

74
00:04:56,740 --> 00:05:05,350
So why don't we do pseudo make directory and then we'll just specify the entire directory.

75
00:05:05,350 --> 00:05:11,690
So excellence accepts here I will do minus p so that it creates older directories in between.

76
00:05:11,700 --> 00:05:14,230
So Major minus p excellence.

77
00:05:14,380 --> 00:05:20,460
And now we are able to clear the screen and use the I know to create our file.

78
00:05:20,710 --> 00:05:21,610
Okay.

79
00:05:21,830 --> 00:05:25,080
Now within our file we need to specify the following.

80
00:05:25,160 --> 00:05:32,360
So we'll paste this and there is the secret access key the access secret key and this is not real key

81
00:05:32,360 --> 00:05:35,730
really really well for this unfortunately.

82
00:05:35,750 --> 00:05:37,150
So let's try to use VDI.

83
00:05:37,250 --> 00:05:47,570
See if that works better clear sudo and we'll use VDI for them and hopefully that works better so one

84
00:05:47,580 --> 00:05:48,440
two three.

85
00:05:48,450 --> 00:05:55,750
Then we have the access key idea so let's do it and we'll copy this one from AM.

86
00:05:55,830 --> 00:05:58,470
So here is the one we want to copy.

87
00:05:58,710 --> 00:06:08,040
Then we need to copy the secret access key so let's paste the one that we get from here and I'll just

88
00:06:08,040 --> 00:06:11,010
copy this and paste it.

89
00:06:11,010 --> 00:06:20,880
Then we need to have the I am user HRN So we need to get that user Aaron from here so let's close this.

90
00:06:20,880 --> 00:06:25,980
Click on this user and here the full HRN So I'm going to paste this in here.

91
00:06:26,160 --> 00:06:34,060
And finally we need the region and the region for me is you w 1.

92
00:06:34,240 --> 00:06:34,920
Okay we got it.

93
00:06:34,920 --> 00:06:36,110
I'm saving this file.

94
00:06:36,570 --> 00:06:39,970
So this file has been written and this step is over.

95
00:06:40,080 --> 00:06:40,950
Let's keep on going.

96
00:06:41,850 --> 00:06:44,590
And now we need to install and configure the address you like.

97
00:06:45,030 --> 00:06:50,310
So thankfully the ABC light is already installed on my easy to instance because it runs Amazon Linux

98
00:06:50,310 --> 00:06:50,890
too.

99
00:06:51,120 --> 00:06:56,150
But we need to configure it so we'll just do a double us.

100
00:06:56,220 --> 00:07:03,870
So I'll clear the screen a W US configure and in here I will enter the same uh uh things we had from

101
00:07:03,870 --> 00:07:04,230
before.

102
00:07:04,230 --> 00:07:06,780
So the access code you except I don't have them.

103
00:07:06,780 --> 00:07:10,360
So let me get them from that could the play agent file.

104
00:07:10,370 --> 00:07:16,020
Okay so now we configure the access key is all the way here.

105
00:07:16,020 --> 00:07:18,880
So let me just copy this entirely.

106
00:07:19,080 --> 00:07:19,820
Okay.

107
00:07:19,920 --> 00:07:23,490
The Secret Access Key is in here.

108
00:07:23,730 --> 00:07:29,800
Excellence and the region name for default easy U.S. one and the other from it.

109
00:07:29,800 --> 00:07:30,750
Jason Okay.

110
00:07:30,810 --> 00:07:32,800
So now we've configured that as you like.

111
00:07:33,030 --> 00:07:33,870
Good.

112
00:07:33,870 --> 00:07:37,840
Now we need to set the of this region environment variable.

113
00:07:38,100 --> 00:07:42,140
But I don't think we have to do it now because we've set up all these Virginia identifiers.

114
00:07:42,420 --> 00:07:45,540
Then we need to install the code deploy agents.

115
00:07:45,540 --> 00:07:49,050
So let's go and install that could deploy agents.

116
00:07:49,050 --> 00:07:51,300
So all these commands right here we have to run them.

117
00:07:51,300 --> 00:08:00,960
So I'll just paste them in here and this will run the installation for me.

118
00:08:01,080 --> 00:08:05,820
And then finally we need to register the on premise instances with code deploy.

119
00:08:06,270 --> 00:08:11,030
And for this we can use the address light and run this command right here.

120
00:08:11,040 --> 00:08:17,550
So we'll call the register on premise instances which is this command right here.

121
00:08:17,580 --> 00:08:19,410
So let's try it out.

122
00:08:19,500 --> 00:08:25,710
So the trick here is that this command has to be run not from the easy to the on premise instance itself

123
00:08:25,980 --> 00:08:27,870
but from our own CLIA.

124
00:08:27,890 --> 00:08:29,720
So I'll have it here.

125
00:08:29,730 --> 00:08:35,380
So we need to register the on premise instance we need to give an instance name we'll use this asset

126
00:08:35,400 --> 00:08:36,890
tag whatever name they give it.

127
00:08:36,900 --> 00:08:38,530
So it's it's a pretty funny name.

128
00:08:38,670 --> 00:08:43,430
And then for the I am user Aaron we need to give the area that we've just created.

129
00:08:43,440 --> 00:08:46,160
So let me get that from my web browser.

130
00:08:46,170 --> 00:08:49,780
So in here I will say the I am engine console.

131
00:08:49,860 --> 00:08:50,440
I'll copy this.

132
00:08:50,440 --> 00:08:56,290
HRN pace this and then you make sure that it's the right profile I'm using.

133
00:08:56,520 --> 00:09:03,150
So it must have ups and the region I mean is you w one they should do it.

134
00:09:03,280 --> 00:09:03,670
Okay.

135
00:09:03,690 --> 00:09:04,860
This command has succeeded.

136
00:09:04,860 --> 00:09:13,200
So now my instance basically have registered on could deploy the instance named here and the associated

137
00:09:13,500 --> 00:09:14,240
user.

138
00:09:14,330 --> 00:09:14,620
Right.

139
00:09:15,410 --> 00:09:17,310
Okay we're almost done.

140
00:09:17,310 --> 00:09:21,970
And then we need to tag the on premise instance so we can either use the satellite or they could deploy

141
00:09:21,970 --> 00:09:22,820
a console.

142
00:09:22,950 --> 00:09:28,050
So let's go to could deploy and we can refresh this on premise instance page and here we go.

143
00:09:28,290 --> 00:09:32,460
We can see that our instance has been registered in here.

144
00:09:32,460 --> 00:09:38,190
And so I should be able if I click on it to add tags to it for example I could say that your name is

145
00:09:38,820 --> 00:09:41,520
on premise and we get that many times.

146
00:09:41,520 --> 00:09:46,770
Environments would be developments and submit this.

147
00:09:46,770 --> 00:09:48,920
And here we go our instance has been tagged.

148
00:09:48,930 --> 00:09:50,920
So this is excellent.

149
00:09:50,970 --> 00:09:55,140
And then finally we can deploy application revisions to the on premise instance.

150
00:09:55,140 --> 00:09:57,050
So we're ready to create a first deployment.

151
00:09:57,050 --> 00:10:04,140
So how about we do this we'll create an in our application a new deployment group I'll call this one

152
00:10:04,980 --> 00:10:11,220
on premise instances and it's in place it's going to use on premise instances.

153
00:10:11,310 --> 00:10:16,790
And here we can use the environments to be development.

154
00:10:16,790 --> 00:10:17,930
I think that's the one that I had.

155
00:10:18,610 --> 00:10:19,780
Okay.

156
00:10:19,820 --> 00:10:26,910
And then disable load balancing and click on Click on Create the Fleming group.

157
00:10:26,970 --> 00:10:27,430
Here we go.

158
00:10:27,990 --> 00:10:31,140
So we have created a deployment group for on premise instance.

159
00:10:31,140 --> 00:10:34,750
And finally I should be able to create a deployment to it.

160
00:10:34,800 --> 00:10:41,430
So on premise instances here is the last revision I want to publish to it and click on it deployments.

161
00:10:42,090 --> 00:10:42,870
And here we go.

162
00:10:42,870 --> 00:10:46,860
The deployment has been created and hopefully it's going to be successful.

163
00:10:46,920 --> 00:10:48,090
So it's in progress.

164
00:10:48,090 --> 00:10:50,900
It's installing the application on our instances.

165
00:10:51,150 --> 00:10:53,730
And by the end of it it should be all ready to go.

166
00:10:54,210 --> 00:10:59,890
So the thing I want you to remember out of it is that we have run a lot of different steps.

167
00:11:00,030 --> 00:11:02,760
And the takeaway is that we have eleven steps.

168
00:11:02,760 --> 00:11:09,180
But the major points in here is that we have to use an IBM user credential for each on premise instance.

169
00:11:09,180 --> 00:11:13,680
So this is fine for a small number of on premise instances but it doesn't work at scale.

170
00:11:14,160 --> 00:11:18,410
So at scale you need to look at this other tutorial and we're not going to do it.

171
00:11:18,420 --> 00:11:25,140
It's a bit more tricky but you need to use an I am session Aaron and use the SDF service to refresh

172
00:11:25,170 --> 00:11:26,550
temporary credentials.

173
00:11:26,670 --> 00:11:30,370
And this allows for more automation but also for more security.

174
00:11:30,370 --> 00:11:34,040
And so these are all the steps and we're not going to do them and it's just pretty painful to do.

175
00:11:34,380 --> 00:11:41,160
But what I'm into remember out of this is that yes in this case we can use an I am role instead of I

176
00:11:41,160 --> 00:11:45,270
am user to register our on premise instances.

177
00:11:45,270 --> 00:11:50,730
The other thing I need to remember is that in code deploy when we went to our on premise instances and

178
00:11:50,730 --> 00:11:54,180
we register them we had to tag them correctly.

179
00:11:54,180 --> 00:11:58,940
So we had to add them for example a name tag an environment tag such as.

180
00:11:58,940 --> 00:12:05,280
Now the deployment groups in could deploy could appropriately get them and understand how they worked.

181
00:12:05,700 --> 00:12:06,610
So that's it.

182
00:12:06,750 --> 00:12:08,970
And I'm not even sure this is actually working right now.

183
00:12:09,030 --> 00:12:13,440
I probably missed a missed something which is probably fine is still in progress.

184
00:12:13,440 --> 00:12:17,640
So it's probably not working very fine but I hope you get the idea of it.

185
00:12:17,690 --> 00:12:20,410
I probably just messed up my configuration file to be honest.

186
00:12:20,730 --> 00:12:27,600
But the idea is that for on premise instances we setup could deploy agents to use a specific I am user

187
00:12:28,020 --> 00:12:32,470
register the instances target them appropriately and we should be ready to go.

188
00:12:32,490 --> 00:12:33,010
So that's it.

189
00:12:33,030 --> 00:12:35,270
I hope you liked it and I will see you in the next lecture.