Deploying to AWS with Phing

After a recent switch to Amazon Web Services, I thought updating my Phing build XML would be a straightforward task. It wasn’t. There weren’t a lot of resources out there for this particular scenario so I decided to write this blog piece.

AWS comes with good security out of the box. This is obviously a good thing but it does require a bit more thought when setting up your Phing build file.

Filesync
During the process of setting up your micro instance, you will be prompted to create an SSH private key which you can download. Put this file somewhere safe and ensure you update the permissions.

chmod 644 mykey.pem
All deployment will be done using the ec2-user user. So to save frustration ensure that this user has the write permissions on your target directory (on your target box).

Where my file sync previously prompted for a password the identityfile parameter automatically connects to instance.

<filesync
sourcedir="${source.path}"
destinationdir="${target.user}@${target.host}:${target.path}"
verbose="true"
checksum="true"
excludeFile="${exclude.file}"
identityfile="${source.identityFile}" />
SCP/SSH
You would think this would be the same as filesync. Unfortunately not. This requires you to create a public key using your private key. From the private key location run the following.

ssh-keygen -f mykey.pem -y > mykey.pub
Now in your build XML add these parameters

<scp
username="${target.user}"
privkeyfile="${source.identityFile}"
pubkeyfile="${source.pubIdentityFile}"
host="${target.host}"
todir="${target.path}/mytargetpath"
autocreate="true"
file="${source.path}/local.txt" />
You should be good to go. Hope this is useful.