2.1.4.6. Configuring Deployment Agents (CodeDeploy Agent)

2.1.4.6. Configuring Deployment Agents (CodeDeploy Agent)

The CodeDeploy agent is a background process that runs on EC2 instances and on-premises servers, polling CodeDeploy for deployment instructions. Without it, CodeDeploy has no way to reach your instances.

Installation methods:

# Amazon Linux 2 / RHEL
sudo yum install -y ruby wget
wget https://aws-codedeploy-us-east-1.s3.us-east-1.amazonaws.com/latest/install
chmod +x ./install
sudo ./install auto

Bake into AMI (recommended): Include the agent in your EC2 Image Builder recipe or Packer template. This ensures every instance launched by Auto Scaling already has the agent running.

Install via user data (alternative): Add the installation script to the ASG launch template's user data. Downside: adds 30-60 seconds to instance startup.

Install via Systems Manager: Use SSM Distributor to push the CodeDeploy agent to existing instances. Best for retrofitting existing fleets.

Agent configuration (/etc/codedeploy-agent/conf/codedeployagent.yml):

• :max_revisions: — Number of deployment bundles to keep locally (default 5). Increase if rollback history is important.
• :root_dir: — Where deployment files are stored locally.
• :verbose: — Enable for troubleshooting, disable in production.

Agent logging: Agent logs are stored at /var/log/aws/codedeploy-agent/codedeploy-agent.log. Deployment lifecycle hook outputs go to /opt/codedeploy-agent/deployment-root/<deployment-group-id>/<deployment-id>/logs/scripts.log.

Exam Trap: The agent needs outbound internet access to communicate with the CodeDeploy service endpoint. In private subnets, configure a VPC endpoint for CodeDeploy (com.amazonaws.<region>.codedeploy) or a NAT Gateway. A common deployment failure pattern: new instances launch in a private subnet, the agent installs via AMI, but can't reach CodeDeploy because there's no endpoint.