CDK Deployment of Docker Image with CodeBuild
In many CDK deployments, a local Docker build can be done to create assets. For example, when deploying a Python Lambda with Requirements you can use a bundling to install dependencies before the Function is zipped and uploaded. This can cause issues if the CPU of the machine doing the deploy is different from the Architecture of the Function. If the CPU of the machine doing the deploy is an Intel based machine, but the Function is
ARM_64 the Function will not work. The same applies to Fargate containers. In this demo, you will see how to deploy a Fargate container without having to worry about the CPU of the deploying machine using AWS CodeBuild.
In this demo, we are trying to build a CDK deployed Fargate container that is accessed through a Cloudfront Distribution and Application LoadBalancer using a custom Docker build.
In order to do this, we must build a Docker image. We want to use an
ARM_64 cpuArchitecture for this image, but do not want to require the CDK to be deployed from a machine with an
ARM_64 CPU. Therefore, we will use CodeBuild to build the image.
The first step to deploying this image is to create the ECS infrastructure. Much of this is covered here in more detail.
The biggest difference is that we will initialize this ECS cluster with a container that we will not be using for long.
The container that we are adding here is only a placeholder until we can build and deploy our actual image. To do this, we will use an
ARM_64 nginx image. When the ECS service is created, this image will be used for the Task created.
Building the Image
Uploading and building the image is a multi-step process that will take local code and deploy it to our Fargate Service.
The first step to deploying this image is to upload the local
Dockerfile and associated code.
This will zip the contents of the
dockerExample directory and upload to the CDK assets bucket.
In order to build the image, we will use an AWS CodePipeline with this bucket and key as the source.
Now, whenever this key is updated, the AWS CodePipeline will trigger. This pipeline is only three steps - source, build, and deploy:
The build portion of this pipeline is the most complex but can be broken down to a few key steps:
- Using the source key (the uploaded Zip file)
docker buildcommand is executed
- This image is pushed to an ECR repository
imagedefinitions.jsonfile is created with this information
This will use a
LinuxArmBuildImage to create the Docker image, ensuring us that an
ARM_64 CPU will be used when the image is created regardless of the CPU of the machine doing the CDK deployment.
Finally, we will use this image to deploy to the Fargate service previously created.
public.ecr.aws/nginx/nginx:latest-arm64v8 image that was originally used will be replaced with the newly built image that has been uploaded to an ECR repository.
In a deployment like this, the CodePipeline will only be triggered when the source code for the Docker image is changed. If you need to rebuild the image for any reason, you will need to manually run the CodePipeline.
This demo is available here: https://github.com/schuettc/cdk-docker-codebuild
To test this for yourself, simply clone this repo and deploy the CDK:
To remove these resources: