Ship it!

Ship it!

Deploy to AWS EC2 instances using GitLab CI/CD pipelines.

So, recently, I’ve been trying to deploy a private repository from GitLab CI/CD pipelines. I couldn’t find an easy way to deploy docker images to EC2 instances. So, I made a workaround of my own using a crazy simple tool we all know of, the SSH.

Through this tutorial, I’m gonna be assuming that you have a working EC2 instance with sudo access to the shell and you already have a docker-compose file ready to set off to production.

Setting up EC2 instance

SSH into your instance and install docker and docker-compose on it. There are numerous tutorials available online on how to install them. So, I’m not gonna cover that here.

Once you’ve got them setup, choose a location to place your docker-compose.yml file. Preferably somewhere in /opt/<your_app_name> . So, now, try deploying the compose file directly using docker-compose up -d . Once you’re sure that works, let’s move on to the next step.

Generate an SSH RSA private/public key pair, that we’re going to use to login from GitLab CI runner and run the deploy script. To generate the key pair, we’ll use ssh-keygen.

$ ssh-keygen -t rsa -b 4096 -f privkey

Now, you should have two files, privkey and in your current working directory. Paste the contents of privkey as is (without extra spaces) into ~/.ssh/authorized_keys on the EC2 instance. Copy the contents of , we’ll be using that later from the gitlab CI.

Setting up GitLab CI/CD job

I’m gonna show an opinionated GitLab CI configuration file, which we’ll be using to build and deploy the images from master branch of the repository.

GitLab CI Configuration.

Now, we use the GitLab CI preferences pane, where we’ll setup a few environment variables listed below.

  • DEPLOY_PRIVATE_KEY: The contents of which we generated earlier.
  • DEPLOY_SERVER_IP : The IP address of the EC2 instance.
  • DEPLOY_HOST : The username of the EC2 instance, eg. ubuntu , if you use a ubuntu base image for setting up EC2 instance.

Make sure that you’ve turned on the protected flag in the variables section for each of the variables to set them only on protected branches like master.

From the GitLab CI configuration file, you can see that there is a script .ci/ on the repository which we’ll be using to run for deployments. It can be something like this.

# .ci/

#!/usr/bin/env bash
set -x -e -o pipefail


# Early checks
which docker
which docker-compose
id -nG | grep "$DOCKER_GROUP_NAME"

# Start deployment
docker-compose pull
docker-compose up -d

That’s it, you’re done setting up CD with GitLab.