Dummy Questions About Setting Up Git on Amazon Cloud Ec2

Add GitHub ssh keys to ec2 instance

Since you mention that you'd use Secret Manager in a Google Cloud, it seems reasonable to suggest the AWS Secrets Manager service.

Set your private key as a Secret, and grant access to it with an IAM role attached to the EC2 instance. Then install the AWS CLI package before building the AMI, and you can use it to fetch the secret on first boot with a User Data script.

AWS - Keeping AMIs updated

Given that anything (almost) can be automated using the AWS using the API; it would again fall down to the specific use case at hand.

At the outset, people would recommend having a base AMI with necessary packages installed and configured and have init script which would download the the source code is always the latest. The very important factor which needs to be counted here is the time taken to checkout or pull the code and configure the instance and make it ready to put to work. If that time period is very big - then it would be a bad idea to use that strategy for auto-scaling. As the warm up time combined with auto-scaling & cloud watch's statistics would result in a different reality [may be / may be not - but the probability is not zero]. This is when you might consider baking a new AMI frequently. This would enable you to minimize the time taken for the instance to prepare themselves for the war against the traffic.

I would recommend measuring and seeing which every is convenient and cost effective. It costs real money to pull down the down the instance and relaunch using the AMI; however thats the tradeoff you need to make.

While, I have answered little open ended; coz. the question is also little.

People have started using Chef, Ansible, Puppet which performs configuration management. These tools add a different level of automation altogether; you want to explore that option as well. A similar approach is using the Docker or other containers.

Related Topics