In this project, we’ll build and deploy a Java application on Amazon Elastic Kubernetes Service (EKS) with a continuous integration and continuous deployment (CI/CD) pipeline using AWS services. Each AWS component contributes to a reliable DevOps workflow, making this guide useful for DevOps engineers looking to build scalable solutions on AWS.
Table of Contents
- Project Overview
- Prerequisites
- Architecture Diagram
- Setting Up the GitHub Repository
- Creating the Amazon ECR Repository
- Setting Up the Amazon EKS Cluster
- Building and Configuring the CI/CD Pipeline
- Integrating Security and Notification Services
- Conclusion
Project Overview
This project aims to automate the build, test, and deployment pipeline for a Java-based microservices application. Leveraging AWS services, we’ll ensure a reliable and secure pipeline from code commit to production deployment. Here’s a summary of the AWS services we’ll be using:
- GitHub: Source code repository
- AWS CodeBuild: For building and testing the application
- AWS CodePipeline: To orchestrate CI/CD
- Amazon Elastic Container Registry (ECR): For container image storage
- Amazon Elastic Kubernetes Service (EKS): For deployment of the application
- Amazon CodeGuru: For code quality analysis
- AWS Security Hub: To monitor security vulnerabilities
- Amazon SNS: For notifications
Prerequisites
To start, you need the following:
- AWS Account with permissions for ECR, EKS, CodePipeline, CodeBuild, Security Hub, and SNS.
- GitHub Repository for the source code.
- Java Application (preferably a microservices app) with a Dockerfile for containerization.
- Docker Installed for local containerization tasks.
Architecture Diagram
Below is an example architecture diagram that represents the CI/CD pipeline and deployment environment on AWS:
Setting Up the GitHub Repository
Step 1: Create Your GitHub Repository
-
Create a Repository:
- Sign in to GitHub, create a new repository, and upload your Java application source code.
-
Add a Dockerfile:
- Include a Dockerfile in the root directory of your project to define the container environment for your Java application.
Sample Dockerfile:
FROM openjdk:11-jdk
WORKDIR /app
COPY . /app
RUN ./gradlew build
CMD ["java", "-jar", "build/libs/your-app.jar"]
-
Integrate GitHub with AWS CodePipeline:
- Navigate to AWS CodePipeline and create a new pipeline.
- For the source provider, select GitHub and authorize AWS to access your repository.
- Choose the branch to monitor for changes (e.g., main).
-
Create a GitHub Webhook:
- In GitHub, go to Settings > Webhooks and set up a webhook for the repository. This allows CodePipeline to trigger automatically on any push to the repository.
Creating the Amazon ECR Repository
Amazon Elastic Container Registry (ECR) is a fully managed container registry. We will store Docker images of the Java application here.
- Create an Amazon ECR Repository:
aws ecr create-repository --repository-name my-java-app --region <your-region>
-
Authenticate Docker with ECR:
- Use the following command to log in to your ECR registry:
aws ecr get-login-password --region <your-region> | docker login --username AWS --password-stdin <account-id>.dkr.ecr.<region>.amazonaws.com
-
Build, Tag, and Push Docker Image:
- Build the Docker Image:
docker build -t my-java-app .
-
Tag the Image:
docker tag my-java-app:latest <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
-
Push the Image to ECR:
docker push <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
Setting Up the Amazon EKS Cluster
Amazon Elastic Kubernetes Service (EKS) provides a managed Kubernetes cluster on AWS, which we will use to deploy and manage our application containers.
Step 1: Create an EKS Cluster
- Create an EKS Cluster:
aws eks create-cluster --name my-eks-cluster --region <your-region> --kubernetes-version 1.21 --role-arn <eks-role-arn>
-
Set Up Worker Nodes:
- Use EKS Console or CLI to set up worker nodes (node groups) for your cluster to run the application pods.
-
Update kubeconfig:
- Update your local Kubernetes configuration to interact with the EKS cluster.
aws eks update-kubeconfig --region <your-region> --name my-eks-cluster
Step 2: Deploy the Java Application on EKS
-
Create Kubernetes Deployment YAML:
- Define a
deployment.yaml
file to specify the number of replicas, Docker image, and other configurations for the Java application.
- Define a
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-java-app
spec:
replicas: 3
selector:
matchLabels:
app: my-java-app
template:
metadata:
labels:
app: my-java-app
spec:
containers:
- name: my-java-app
image: <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
ports:
- containerPort: 8080
- Deploy to EKS:
kubectl apply -f deployment.yaml
-
Create a LoadBalancer Service:
- Expose the application with a load balancer for external access.
apiVersion: v1
kind: Service
metadata:
name: my-java-app-service
spec:
type: LoadBalancer
selector:
app: my-java-app
ports:
- protocol: TCP
port: 80
targetPort: 8080
- Deploy Service:
kubectl apply -f service.yaml
Building and Configuring the CI/CD Pipeline
Step 1: Set Up CodePipeline
-
Create CodePipeline Pipeline:
- Go to AWS CodePipeline and set up the stages:
- Source (GitHub)
- Build (CodeBuild)
- Deploy (EKS)
- Go to AWS CodePipeline and set up the stages:
-
Configure AWS CodeBuild:
- Define a
buildspec.yml
for CodeBuild to build the Docker image and push it to ECR.
- Define a
version: 0.2
phases:
install:
runtime-versions:
java: corretto11
build:
commands:
- echo Building the Docker image...
- docker build -t my-java-app .
- docker tag my-java-app:latest <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
- docker push <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
-
Set Up Deploy Stage in CodePipeline:
- Integrate EKS with CodePipeline to automate deployments.
Step 2: Automate Quality and Security Checks
-
Amazon CodeGuru:
- Integrate CodeGuru Reviewer with GitHub to perform code quality checks on every commit.
-
AWS Security Hub:
- Enable Security Hub to monitor security vulnerabilities across AWS resources.
-
Amazon SNS Notifications:
- Set up SNS for notifications on build or deployment failures, or security alerts:
aws sns create-topic --name my-devops-notifications
aws sns subscribe --topic-arn arn:aws:sns:<region>:<account-id>:my-devops-notifications --protocol email --notification-endpoint <your-email>
-
EventBridge Rules for Automation:
- Create EventBridge rules to trigger specific actions (like SNS notifications) based on CodePipeline or Security Hub events.
Conclusion
This end-to-end project provides a complete DevOps solution for building and deploying Java applications on AWS. By using Code
Pipeline for CI/CD, ECR for container storage, and EKS for deployment, we ensure scalable and reliable operations. Additionally, CodeGuru, Security Hub, and SNS help maintain code quality, security, and real-time alerts, making this setup robust and enterprise-ready.
👤 Author
Join Our Telegram Community || Follow me on GitHub for more DevOps content!