Automating Infrastructure Deployment with AWS CDK and CTO.ai

Using the AWS Cloud Development Kit (CDK) and CTO.ai's operational platform, businesses can significantly deploy their infrastructure deployment processes. This blog post explores into how AWS CDK and CTO.ai can be integrated to automate infrastructure deployment, focusing on a practical implementation using an ops.yaml file.

AWS CDK is a software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. It provides developers with the expressive power of programming languages for defining reusable cloud components.

Benefits of AWS CDK:

  • Code-based Infrastructure: Define infrastructure using familiar programming languages.
  • Reusable Components: Create custom cloud components that can be reused across projects.
  • AWS Integration: Seamless integration with AWS services.

The Role of CTO.ai in Automation

CTO.ai is a platform that facilitates the automation of DevOps workflows. It simplifies the orchestration of complex CI/CD pipelines and integrates smoothly with various cloud services, including AWS.

Advantages of CTO.ai

  • Simplified Workflows: Using advanced CI/CD pipelines templates.
  • Integration Friendly: Offers easy integration with cloud services.
  • Enhanced Collaboration: Enables teams to collaborate effectively on DevOps processes.

Implementing Automation with ops.yaml

The ops.yaml file is a cornerstone in automating infrastructure deployment. It defines the necessary commands and configurations for setting up, deploying, and managing cloud infrastructure using AWS CDK and CTO.ai.

Key Components of ops.yaml:

  • Setup AWS EKS EC2 ASG CDK: This command sets up the environment for AWS Elastic Kubernetes Service (EKS) with EC2 Auto Scaling Groups (ASG) using the CDK. It configures the stack type and AWS region, along with AWS credentials.
  • Deploy and Manage AWS Infrastructure: The deploy command is used to roll out the defined infrastructure to the specified environment (development, staging, production). Similarly, the destroy command tears down the environment when needed.
  • SSH and Tunneling Commands: These commands facilitate secure SSH connections to the bastion host and establish tunneling for secure data transmission.
  • Vault Management: The vault command is crucial for managing and securing environment-specific secrets and configurations.

Installation

The AWS EKS EC2 ASG Auto scaling Workflow is open source on GitHub, and you can install it by cloning the repository.

git clone https://github.com/workflows-sh/aws-eks-ec2-asg-cdk.git

cd aws-eks-ec2-asg-cdk

Create Secret from Settings

  • Back in your CTO.ai dashboard, create your secrets by selecting Settings and Secrets.

Secrets are encrypted environment variables that CTO.ai utilizes within your workflow to build and run your application and deployments.

You will create four secrets:

  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_ACCOUNT_NUMBER
  • GITHUB_TOKEN
  • To create your AWS SECRET KEY AND ACCESS KEY . Log into your AWS Account, select the Identity and Access Management (IAM) dashboard, create a new user, copy the Access Key ID and Secret access key and paste it in your secret dashboard on CTO.ai.
  • Your AWS ACCOUNT NUMBER can be gotten from your User ID on the top right corner in your AWS Console.

Generate GitHub Token

Generate your GITHUB_TOKEN from Github by going to Settings → Developer settings → Personal access tokens → Generate new token on your Github profile.

  • Back in your CTO.ai Secrets dashboard create your secret key/value pairs.

Run and Setup the Infrastructure

Back in your AWS EKS EC2 ASG workflow, build and set up your infrastructure using the ops run -b . command. This will provision your AWS-EKS EC2 ASG stacks using Cloud Formation.

  • select setup an environment

The process will build your Docker image and start loading up your EKS EC2 ASG Auto scaling stack.

  • Enter the name if your environment. You can use dev as the name of your environment. You can also use Prod or Stage, depending on what you want.
  • Enter the name of your application repo you created, which is sample-app and hit enter
  • Enter the name of the GitHub branch you want to use
  • Your workflow will start deploying and creating your resources on AWS using CloudFormation
  • You can see the deployment process and how your AWS EC2 and Elastic Kubernetes Service workflow is been deployed

Example Usage:


The example below is gotten from our CDK AWS EC2 ASK workflow here: To deploy your infrastructure to your AWS environment run the ops build . command in your terminal.

version: "1"
commands:
  - name: setup-aws-eks-ec2-asg-cdk:0.1.5
    run: ./node_modules/.bin/ts-node /ops/src/setup.ts
    description: "setup an environment"
    env:
      static:
        - STACK_TYPE=aws-eks-ec2-asg-cdk
        - AWS_REGION=us-west-1
      secrets:
        - AWS_ACCESS_KEY_ID
        - AWS_SECRET_ACCESS_KEY
        - AWS_ACCOUNT_NUMBER
      configs:
        - DEV_AWS_EKS_EC2_ASG_CDK_STATE
        - STG_AWS_EKS_EC2_ASG_CDK_STATE
        - PRD_AWS_EKS_EC2_ASG_CDK_STATE
  - name: deploy-aws-eks-ec2-asg-cdk:0.1.5
    run: ./node_modules/.bin/ts-node /ops/src/deploy.ts
    description: "deploy to an environment"
    env:
      static:
        - STACK_TYPE=aws-eks-ec2-asg-cdk
        - AWS_REGION=us-west-1
      secrets:
        - AWS_ACCESS_KEY_ID
        - AWS_SECRET_ACCESS_KEY
        - AWS_ACCOUNT_NUMBER
      configs:
        - DEV_AWS_EKS_EC2_ASG_CDK_STATE
        - STG_AWS_EKS_EC2_ASG_CDK_STATE
        - PRD_AWS_EKS_EC2_ASG_CDK_STATE
  - name: destroy-aws-eks-ec2-asg-cdk:0.1.3
    run: ./node_modules/.bin/ts-node /ops/src/destroy.ts
    description: "destroy an environment"
    env:
      static:
        - STACK_TYPE=aws-eks-ec2-asg-cdk
        - AWS_REGION=us-west-1
      secrets:
        - AWS_ACCESS_KEY_ID
        - AWS_SECRET_ACCESS_KEY
        - AWS_ACCOUNT_NUMBER
  - name: ssh-aws-eks-ec2-asg-cdk:0.1.0
    run: ./node_modules/.bin/ts-node /ops/src/ssh.ts
    description: "connect to bastion with ssh"
    env:
      static:
        - STACK_TYPE=aws-eks-ec2-asg-cdk
        - AWS_REGION=us-west-1
      secrets:
        - AWS_ACCESS_KEY_ID
        - AWS_SECRET_ACCESS_KEY
        - AWS_ACCOUNT_NUMBER
  - name: tunnel-aws-eks-ec2-asg-cdk:0.1.0
    run: ./node_modules/.bin/ts-node /ops/src/tunnel.ts
    description: "connect to bastion with ssh"
    env:
      static:
        - STACK_TYPE=aws-eks-ec2-asg-cdk
        - AWS_REGION=us-west-1
      secrets:
        - AWS_ACCESS_KEY_ID
        - AWS_SECRET_ACCESS_KEY
        - AWS_ACCOUNT_NUMBER
  - name: vault-aws-eks-ec2-asg-cdk:0.1.1
    run: ./node_modules/.bin/ts-node /ops/src/vault.ts
    description: "manage secrets vault"
    env:
      static:
        - STACK_TYPE=aws-eks-ec2-asg-cdk
        - AWS_REGION=us-west-1
      secrets:
        - AWS_ACCESS_KEY_ID
        - AWS_SECRET_ACCESS_KEY
        - AWS_ACCOUNT_NUMBER
      configs:
        - DEV_AWS_EKS_EC2_ASG_CDK_STATE
        - STG_AWS_EKS_EC2_ASG_CDK_STATE
        - PRD_AWS_EKS_EC2_ASG_CDK_STATE
    help:
      usage: ops run vault <sub-cmd> <--key> <--value>
      arguments: 
        init: 'init the environments vault'
        set: 'set a key in the enviroment vault'
        ls: 'list keys in the environment vault'
        rm: ' remove a specific key in the environment vault'
        destroy: 'destroy the environment vault'

Each command in the ops.yaml file is tailored to handle specific aspects of the infrastructure lifecycle, from setup to destruction, ensuring an efficient and automated process.


Conclusion

The integration of AWS CDK with CTO.ai offers a powerful combination for automating infrastructure deployment. By defining infrastructure as code and using CTO.ai operational workflows, organizations can achieve greater efficiency, consistency, and reliability in their cloud operations. The ops.yaml file provides a clear, manageable, and scalable approach to infrastructure automation.