We had some trouble installing CodeDeploy agent on Ubuntu 20.04 LTS.
The pre-existing system was linked to AWS Systems Manager and had SSM agent running.
Following guidelines, we installed the agent using Systems Manager (succesfully), and ran the registration command on the on-premises server. This started to give errors like 'EC2 instances not supported'.
We then tried to manually register to CodeDeploy using an IAM user. The server turned up in CodeDeploy's on premises server, but we had no success deploying! ('No hosts found in resource group')
It turned out that the server had a service running responding to GET 169.254.169.254 (which is a service on EC2 returning instance meta information).
After:
- removing SSM agent and deregistering the instance with systems manager
- completely removing remnants of the previous CodeDeploy agent
- blocking the instance metadata service with an IP Tables firewall rule (which we later added to crontab @reboot)
- reinstalling codedeploy agent using the recommended, non-system agent procedure
- registering the instance
We got it working. Here are some command line notes. Unknown at this point is wether it was actually required to uninstall systems manager, or that blocking the metadata service (so the AWS agents do not think it is an ec2 instance instead of an on-premises instance) would be enough.
[SERVER] Purge remnants of previous code deploy install:
sudo apt-get purge codedeploy-agent
[SERVER] Block instance metadata service:
# add this to root crontab @reboot ...
sudo iptables -A OUTPUT -d 169.254.169.254 -j REJECT
# to enable again: sudo iptables -D OUTPUT -d 169.254.169.254 -j REJECT
[SERVER] Install CodeDeploy agent:
# https://docs.aws.amazon.com/codedeploy/latest/userguide/codedeploy-agent-operations-install-ubuntu.html
cd ~
mkdir codedeploy-install && cd codedeploy-install
wget https://aws-codedeploy-eu-central-1.s3.eu-central-1.amazonaws.com/latest/install
chmod +x ./install
sudo ./install auto > /tmp/logfile
sudo service codedeploy-agent status
[SOMEWHERE] Get a codedeploy config file for the instance (adequate permissions required):
aws deploy register --instance-name myinstancename --region eu-central-1
# result: a codedeploy.onpremises.yml with credentials to put on the server
[SERVER] Set up codedeploy agent with the new config file:
aws deploy install --config-file codedeploy.onpremises.yml
# OR
cp codedeploy.onpremises.yml /etc/codedeploy-agent/conf/
# THEN
systemctl restart codedeploy-agent
[SERVER] Verify running
systemctl status codedeploy-agent