Deployment Contributors:
Project Manager: Brittney Jones
Chief Architect: Belinda Dunu
System Administrator: Brittney Jones
- Deployment Overview
- Infrastructure Overview
- Jenkins Server Setup
- EKS Server Setup
- Jenkins CI/CD Pipeline
- Testing and Deployment
- Benefits Achieved
- Issues Faced
- System Diagram
- Optimizations
- Conclusion
In this deployment, we launched a 2-tier(Django python and React) e-commerce application using Terraform infrastructure as code (IAC) for provisioning resources on AWS and Jenkins for CI/CD automation. We chose this approach in order to enhance consistency, collaboration, security, and ease of maintenance compared to manual deployments.
- Custom VPC with 10.0.0.0/16 CIDR block
- Provides isolation and security for the application
- 2 public subnets in separate availability zones
- Public subnets allow internet access for Jenkins, Agent servers and frontend servers
- 2 private subnets in separate availability zones
- Servers for the backend of the app will be placed here
- Internet gateway attached to VPC
- Enables public subnet internet connectivity
- NAT gateway attached to VPC
- Enables private subnet internet connectivity
- 3 Ubuntu 18.04 t2.medium EC2 instances
- Separate instances for Jenkins manager and Jenkins agent isolation
- Security groups restricting access
- Jenkins Security Group opens ports 22 and 8080
- Jenkins Agent Security Group opens ports 22
- EKS Cluster
- 2 Nodes on Amazon Linux t2.medium EC2 instances
- Launched Ubuntu EC2 instance in the public subnet
- Installed Jenkins and created an admin user account
- Dedicated server for CI/CD automation
- Enhanced security with user access controls
- Generated SSH key pair and copied the public key to the app server
- Allows SSH access from Jenkins without a password
- To create the cluster run
eksctl create cluster cluster01 --vpc-private-subnets="your-subnets" --vpc-public-subnets="your-subnets"--without-nodegroup
- After the cluster creates run:
eksctl create nodegroup --cluster cluster01 --node-private-networking --node-type t2.medium --nodes 2
-
Created GitHub-integrated multibranch pipeline
-
Automates build and deploy for all branches
-
Jenkinsfile containerizes the application, logs into Dockerhub, pushes the image to Dockerhub. Then using the Kubernetes manifest files, deploys the application onto an EKS Cluster.
-
Lastly a notification is sent to a Slack channel, letting the channel know if the pipeline completed successfully or failed, using a Python Script.
- Updated files in a separate Git branch
- Simulated code change to test pipeline
- Ran build on a new branch using Jenkinsfile
- Validated updated app functionality
- Merged branch to trigger production deploy to master
- Jenkinsfile deploys latest merged code on the master branch, which deploys the application
- Collaboration through infrastructure as code
- Security via isolated environments and access controls
- Maintainability with automated CI/CD deployments
- Consistency by defining infrastructure and deployments in code
- Observability into our cluster through container insights on Cloudwatch
- Issue: After deploying frontend and backend, then navigating to the application we got a 500 error indicating that it was a server error with the backend.
- Resolution: There was a typo in the backend service.yaml, which was fixed then redeployed and the application worked successfully.
- Issue: When trying to create the EKS Cluster through the CLI, AWS returned the following error:
Error: checking AWS STS access - cannot get role ARN for current session: operation error STS: GetCallerIdentity:
- Resolution: We had to authenticate through AWS using
aws configure
- Congifure a Jenkins agent for automated infrastructure provisioning using Terraform
- Set Up Cloud Watch Alarms to be notified when certain thresholds are crossed such as CPU, Memory and when/if nodes, pods or the cluster go offline.
- Add testing for the frontend and backend of the application
- Combine the Kubernetes deployment and service files to include both the frontend and backend
This project demonstrated using Terraform IAC and Jenkins CI/CD to deploy a 2-tier e-commerce application on AWS EKS. Some key benefits include improved availability through load balancing, automated software deployment, security, consistency, and maintainability of the deployment process. Proactively managing dependencies, resources, connectivity, and configurations is critical for smooth deployments. For future deployments, integrating Terraform with Jenkins, improving observability, and implementing backup/DR(disaster recovery) would further optimize the deployment architecture.