In this project, we’ll build and deploy a Java application on Amazon Elastic Kubernetes Service (EKS) with a continuous integration and continuous deployment (CI/CD) pipeline using AWS services. Each AWS component contributes to a reliable DevOps workflow, making this guide useful for DevOps engineers looking to build scalable solutions on AWS.

Table of Contents

1. Project Overview
2. Prerequisites
3. Architecture Diagram
4. Setting Up the GitHub Repository
5. Creating the Amazon ECR Repository
6. Setting Up the Amazon EKS Cluster
7. Building and Configuring the CI/CD Pipeline
8. Integrating Security and Notification Services
9. Conclusion

Project Overview

This project aims to automate the build, test, and deployment pipeline for a Java-based microservices application. Leveraging AWS services, we’ll ensure a reliable and secure pipeline from code commit to production deployment. Here’s a summary of the AWS services we’ll be using:

• GitHub: Source code repository
• AWS CodeBuild: For building and testing the application
• AWS CodePipeline: To orchestrate CI/CD
• Amazon Elastic Container Registry (ECR): For container image storage
• Amazon Elastic Kubernetes Service (EKS): For deployment of the application
• Amazon CodeGuru: For code quality analysis
• AWS Security Hub: To monitor security vulnerabilities
• Amazon SNS: For notifications

Prerequisites

To start, you need the following:

1. AWS Account with permissions for ECR, EKS, CodePipeline, CodeBuild, Security Hub, and SNS.
2. GitHub Repository for the source code.
3. Java Application (preferably a microservices app) with a Dockerfile for containerization.
4. Docker Installed for local containerization tasks.

Architecture Diagram

Below is an example architecture diagram that represents the CI/CD pipeline and deployment environment on AWS:

Setting Up the GitHub Repository

Step 1: Create Your GitHub Repository

1. Create a Repository:

   • Sign in to GitHub, create a new repository, and upload your Java application source code.

2. Add a Dockerfile:

   • Include a Dockerfile in the root directory of your project to define the container environment for your Java application.

3. Sample Dockerfile:
   

   FROM openjdk:11-jdk
   WORKDIR /app
   COPY . /app
   RUN ./gradlew build
   CMD ["java", "-jar", "build/libs/your-app.jar"]

1. Integrate GitHub with AWS CodePipeline:

   • Navigate to AWS CodePipeline and create a new pipeline.
   • For the source provider, select GitHub and authorize AWS to access your repository.
   • Choose the branch to monitor for changes (e.g., main).

2. Create a GitHub Webhook:

   • In GitHub, go to Settings > Webhooks and set up a webhook for the repository. This allows CodePipeline to trigger automatically on any push to the repository.

Creating the Amazon ECR Repository

Amazon Elastic Container Registry (ECR) is a fully managed container registry. We will store Docker images of the Java application here.

1. Create an Amazon ECR Repository:

   aws ecr create-repository --repository-name my-java-app --region <your-region>

1. Authenticate Docker with ECR:

   • Use the following command to log in to your ECR registry:

    aws ecr get-login-password --region <your-region> | docker login --username AWS --password-stdin <account-id>.dkr.ecr.<region>.amazonaws.com
   

2. Build, Tag, and Push Docker Image:

   • Build the Docker Image:

    docker build -t my-java-app .
   

• Tag the Image:
  

   docker tag my-java-app:latest <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
  

• Push the Image to ECR:
  

   docker push <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
  

Setting Up the Amazon EKS Cluster

Amazon Elastic Kubernetes Service (EKS) provides a managed Kubernetes cluster on AWS, which we will use to deploy and manage our application containers.

Step 1: Create an EKS Cluster

1. Create an EKS Cluster:

   aws eks create-cluster --name my-eks-cluster --region <your-region> --kubernetes-version 1.21 --role-arn <eks-role-arn>

1. Set Up Worker Nodes:

   • Use EKS Console or CLI to set up worker nodes (node groups) for your cluster to run the application pods.

2. Update kubeconfig:

   • Update your local Kubernetes configuration to interact with the EKS cluster.

    aws eks update-kubeconfig --region <your-region> --name my-eks-cluster
   

Step 2: Deploy the Java Application on EKS

1. Create Kubernetes Deployment YAML:
   • Define a deployment.yaml file to specify the number of replicas, Docker image, and other configurations for the Java application.

   apiVersion: apps/v1
   kind: Deployment
   metadata:
     name: my-java-app
   spec:
     replicas: 3
     selector:
       matchLabels:
         app: my-java-app
     template:
       metadata:
         labels:
           app: my-java-app
       spec:
         containers:
         - name: my-java-app
           image: <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
           ports:
           - containerPort: 8080

1. Deploy to EKS:

   kubectl apply -f deployment.yaml

1. Create a LoadBalancer Service:
   • Expose the application with a load balancer for external access.

   apiVersion: v1
   kind: Service
   metadata:
     name: my-java-app-service
   spec:
     type: LoadBalancer
     selector:
       app: my-java-app
     ports:
       - protocol: TCP
         port: 80
         targetPort: 8080

1. Deploy Service:

   kubectl apply -f service.yaml

Building and Configuring the CI/CD Pipeline

Step 1: Set Up CodePipeline

1. Create CodePipeline Pipeline:

   • Go to AWS CodePipeline and set up the stages:
     • Source (GitHub)
     • Build (CodeBuild)
     • Deploy (EKS)

2. Configure AWS CodeBuild:

   • Define a buildspec.yml for CodeBuild to build the Docker image and push it to ECR.

   version: 0.2
   phases:
     install:
       runtime-versions:
         java: corretto11
     build:
       commands:
         - echo Building the Docker image...
         - docker build -t my-java-app .
         - docker tag my-java-app:latest <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
         - docker push <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest

1. Set Up Deploy Stage in CodePipeline:
   • Integrate EKS with CodePipeline to automate deployments.

Step 2: Automate Quality and Security Checks

1. Amazon CodeGuru:

   • Integrate CodeGuru Reviewer with GitHub to perform code quality checks on every commit.

2. AWS Security Hub:

   • Enable Security Hub to monitor security vulnerabilities across AWS resources.

3. Amazon SNS Notifications:

   • Set up SNS for notifications on build or deployment failures, or security alerts:

   aws sns create-topic --name my-devops-notifications
   aws sns subscribe --topic-arn arn:aws:sns:<region>:<account-id>:my-devops-notifications --protocol email --notification-endpoint <your-email>

1. EventBridge Rules for Automation:
   • Create EventBridge rules to trigger specific actions (like SNS notifications) based on CodePipeline or Security Hub events.

Conclusion

This end-to-end project provides a complete DevOps solution for building and deploying Java applications on AWS. By using Code

Pipeline for CI/CD, ECR for container storage, and EKS for deployment, we ensure scalable and reliable operations. Additionally, CodeGuru, Security Hub, and SNS help maintain code quality, security, and real-time alerts, making this setup robust and enterprise-ready.

👤 Author

Join Our Telegram Community || Follow me on GitHub for more DevOps content!