We want 3 project apps:

• client
• server
• worker

as 3 containers.

Create Dockerfile.dev file in each of the app folders.

Build each app in dev env to test it:

docker build -f Dockerfile.dev .
docker run ID

Create docker-compose.yml file in the project root DIR.

Setup environment variables with docker.

Environment variables are created in the runtime, not stored in an docker image.

Create default.conf which adds configuration rules to Nginx.

Allow WebSocket connections in nginx conf.

Create production Dockerfile file.

Create .travis.yml file.

Push your docker images to your docker hub repos.

Create new AWS Elastic Beanstalk instance via AWS dashboard with single container deployment (choose multi-docker in settings.)

Create Dockerrun.aws.json.

Pull your docker hub images with Elastic Beanstalk AWS in Dockerrun.aws.json.

Dockerfile/docker-compose.yml stores the info how to build an image from services.

Dockerrun.aws.json stores container/tasks definitions - instructions on how to run a single container (instance of an image).

Example: in digitalocean.com

or

You get it (one default) in each of very specific different regions in EB AWS.

In dev env we had Redis and Postgres containers. In prod env we are going to use:

• AWS ElastiCache instead of Redis
• AWS Relational Database Service (RDS)

in Elastic Beanstalk (EB) instance.

• Super easy to scale
• Built in logging + maintenance
• Probably better security than what we can do
• Easier to migrate off of EB with

• Automatically creates and maintains Redis instances for you, you dont have to be a Redis specialist

• Automatically creates and maintains Postgres instances for you
• Automated backups and rollbacks

Configure in the same region where EB has been created.

Create database in Amazon RDS, type PostgreSQL. Fill in:

• DB instance identifier
• Master username
• Master password

Key names need to be equal to your docker-compose.yml api.environment config. Values can be different than set up in docker-compose.yml.

Create Redis database cluster in Amazon ElastiCache (Cluster Mode disabled). Change Node type to t2 cache.t2.micro (low performance, the cheapest) and Number of replicas to 0. Check subnets. Save with default VPC region number.

To get services (EB, RDS, ElastiCache) connect with each other we need to create a security group (firewall rules) in AWS, which is: allow any traffic from any other AWS service that has this security group.

Create a new Security Group from VPC service dashboard. Save with default VPC region number. Edit Inbound Rule for this group. Rule type: Custom TCP Rule, Port Range 5432-6379, Source Custom - just created security Group ID.

Now apply the security group ID to each of 3 services: EB, RDS, ElastiCache:

• In Redis AWS:Modify:VPC Security Groups.
• In Amazon RDS:AWS Modify:Network & Security:Security group:Apply immediately.
• In Elastic Beanstalk Service:Configuration:instances:Modify:EC2 security groups

We already set them up for Redis and Postgres in AWS services. Go to Elastic Beanstalk Service:Configuration:Software:Modify:Environment properties. These values are not hidden... (wtf).

We add key names with URL endpoints values:

• REDIS_HOST - Open ElastiCache in a new tab:Redis:Description:Primary Endpoint, use this (without a port)
• REDIS_PORT - the port from above
• PGHOST - Open RDS AWS in a new tab:Connect(ivity):Endpoint, use this
• PGPORT - Open RDS AWS in a new tab:Connect(ivity):Port, use this
• PGDATABASE - use values set in RDS section
• PGPASSWORD - use values set in RDS section
• PGUSER - use values set in RDS section

The only file that counts here to be send ver to EB is docker-composer.yml.

Specify deploy section in .travis.yml with

• provider: elasticbeanstalk
• region - you will find region in your aws domain subdomain
• app - it is the Elastic Beanstalk instance name.
• env - it is the Elastic Beanstalk instance env name, ends with -env
• bucket_name - it is Amazon S3 bucket, go to AWS S3, find bucker name
• bucket_path - same as app

Generate $AWS_ACCESS_KEY and AWS_SECRET_KEY on IAM AWS dashboard:Users:Add User:Check Programmatic access:Permissions:Attach existing policies directly:Filter beanstalk:You can check everything or Provides full access to AWS Elastic Beanstalk:Create user without a permissions boundary:No tags:Create User

Copy Access key ID and Secret access key.

Generate access_key_id and secret_access_key environment variables on Travis-CI dashboard:[project]:More options:Settings:Environment Variables

Create AWS_ACCESS_KEY key with Access key ID value.

Create AWS_SECRET_KEY key with Secret access key value.

DO NOT DISPLAY VALUE IN BUILD LOG.

• Check logs in EB

to not get charged.

We need to clean:

• Elastic Beanstalk - AWS Elastic Beanstalk dashboard:[project]:Actions:Delete application
• ElastiCache - AWS ElastiCache dashboard:Redis:[project]:Delete
• RDS - AWS RDS dashboard:[project]:Modify:Deletion protection:Uncheck, then AWS RDS dashboard:[project]:Actions:Delete

Security groups do not have to be deleted, but here is the way:

AWS VPC dashboard:Security Groups:check ALL groups connected to your app (leave the default):Actions:Delete

If not successful, try in a few minutes again.

If still not successful, remove Security Group Inbound Rules, then attempt to delete Security Group.

IAM dashboard:Users:Delete

• Based on udemy course.