Monthly Archives: April 2021

How to set up AWS Copilot on Windows Subsystem for Linux

Posted on by

AWS Copilot is an open source command line interface that makes it easy for developers to buildrelease, and operate production ready containerized microservices on Amazon ECS and AWS Fargate. AWS Copilot provides a simple declarative set of commands, including examples and guided experiences built in to help customers deploy quickly. After writing your application code, Copilot automates each step in the deployment lifecycle including pushing to a registry, creating a task definition, and creating a cluster.

Default application types are provided for new applications based upon AWS best practices to increase developer productivity and simplify running containers in the cloud. All you need to spin up production ready services is AWS Copilot, an AWS account, and your code.

You can install AWS Copilot on Linux, Mac OS and Windows 10. The detailed instructions for the installation is available here.

If you want to natively run AWS Copilot on Windows 10, there is an .exe file for installation in the above mentioned link. In this post, i will walkthrough on how to set up AWS Copilot on Windows Subsystem for Linux (WSL2.

Step1 – Install WSL2 on Windows 10.

I breifly convered this in one of my other post. You can refer this official documentation for details

Step 2 – Install Docker Desktop on Windows by leveraging WSL2 backend

Again, i briefly covered this in one of my previous post. You can refer this official documentation for details.

Step 3 – Install build essential package on WSL2 distro

sudo apt install build-essential

Step 4 – Install and configure AWS CLI on WSL2 distro

sudo apt install awscli

Step 5 – Install Docker on WSL2 Distro

sudo apt install docker.io

Step 6 – Ensure Docker engine on Windows 10 host leverages WSL2 Distro

Step 7 – Install AWS Copilot on WSL2 distro

curl -Lo copilot https://github.com/aws/copilot-cli/releases/latest/download/copilot-linux && chmod +x copilot && sudo mv copilot /usr/local/bin/copilot && copilot --help

Step 8 – Containerize and run a sample micro-service

git clone https://github.com/aws-samples/aws-copilot-sample-service.git

cd aws-copilot-sample-service

copilot init

Copilot would interact with you with guided questions to initialize the configuration for the micro-service.

copilot svc deploy

Copilot will set up the following resources in your AWS account.

  • A VPC
  • Subnets/Security Groups
  • Application Load Balancer
  • Amazon ECR Repositories
  • ECS Cluster & Service running on AWS Fargate

Once the deployment is complete, you should see this public load balanced service up and running.

This completes the steps for setting up AWS Copilot on Windows Subsytem for Linux.

Install Docker Desktop on Windows 10 using WSL2 backend

Posted on by

Nowadays, Docker is the most widely used container runtime for building and running containerized applications/micro-services. The Docker Desktop for Windows is a compelling package that comes with Docker Engine, Docker CLI client, Docker Compose, Notary, Kubernetes and CredentialHelper. In Windows 10, you can install Docker Desktop for Windows and run containers in two modes – Windows Containers mode and Linux Container mode.

I followed the steps in this article to get going. There are two options for setting up Docker on Windows – one using WSL2 back-end and other using hyper-v backend.

In this post, i’m leveraging WSL2 back-end. For leveraging WSL2 backend, Linux kernel update package needs to be installed. Download and run the Docker Desktop install after meeting all the pre-requisistes in the above mentioned article. For setting up WSL2 on Windows 10, you can refer my other blog post.

After successful installation of Docker Desktop for Windows, Log out and Log in back.

The Docker is started automated.

Now I can pull a container image from Powershell terminal.

I can also run the same image from WSL2 terminal.

Thus WSL2 provides seamless integration with Windows 10.

Install WSL2 on Windows 10

Posted on by

I’m a big fan of Windows Subsystem for Linux on Windows 10. I use WSL terminal as the default shell for lot of software development activities. I followed the following steps mentioned in this article Install WSL on Windows 10 | Microsoft Docs to install WSL2 on my Windows 10 (OS Build 19042.928).

Step 1 – Enable the Windows Subsystem for Linux

dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart

Step 2 – Enable Virtual Machine feature

Enable Virtual Machine Platform (an optional feature) before installing WSL2.

dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart

If you have hyper-v enabled, disable that. If you don’t disable hyper-v, you won’t be able to install Linux Kernel update package in step 3.

Restart the machine to complete the installation of WSL.

Step 3 – Linux Kernel update paxckage

Download and run the following Linux Kernel update package.

https://wslstorestorage.blob.core.windows.net/wslblob/wsl_update_x64.msi

If you have hyper-v windows feature enabled, you won’t be able to install this package.

Step 4 – Set WSL 2 as default version

wsl --set-default-version 2

Step 6 – Install required Linux Distro.

In this case, i’m installing Ubuntu 20.0.4 by navigating to WSL store.

This completes the installation of WSL2 on Windows 10.

Access denied while accessing ELB using role “arn:aws:iam::role/aws-elasticbeanstalk-service-role

Posted on by 
I got this error message when I tried to deploy a java sprint application using Elastic beanstalk.

When i analyze this further, it shows that the IAM policy associated with the Service Role is missing the following actions.

"elasticloadbalancing:DescribeLoadBalancers",
                "elasticloadbalancing:DescribeTargetHealth",

The IAM associated with the service role had the following configuration.

    “Version”: “2012-10-17”,

{

    “Statement”: [

        {

            “Effect”: “Allow”,

            “Action”: [

                “elasticloadbalancing:DescribeInstanceHealth”,

                “ec2:DescribeInstances”,

                “ec2:DescribeInstanceStatus”,

                “ec2:GetConsoleOutput”,

                “ec2:AssociateAddress”,

                “ec2:DescribeAddresses”,

                “ec2:DescribeSecurityGroups”,

                “sqs:GetQueueAttributes”,

                “sqs:GetQueueUrl”,

                “autoscaling:DescribeAutoScalingGroups”,

                “autoscaling:DescribeAutoScalingInstances”,

                “autoscaling:DescribeScalingActivities”,

                “autoscaling:DescribeNotificationConfigurations”

            ],

            “Resource”: [

                “*”

            ]

        }

    ]

}

To give some background, this is an auto-created Service Role. This was created by Visual Studio 2019 when i used Elastic Beanstalk for .NET applications.

The fix for this is to associate the IAM Policy ‘arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth’ with Service Role

https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts-roles-service.html

This turns the Elastic Beanstalk environment health to green.