DEV Community

Cover image for End-to-End AWS DevOps Project: Automate Java Application Build and Deployment on Amazon EKS
H A R S H H A A for ProDevOpsGuy Tech Community

Posted on • Edited on

End-to-End AWS DevOps Project: Automate Java Application Build and Deployment on Amazon EKS

In this project, we’ll build and deploy a Java application on Amazon Elastic Kubernetes Service (EKS) with a continuous integration and continuous deployment (CI/CD) pipeline using AWS services. Each AWS component contributes to a reliable DevOps workflow, making this guide useful for DevOps engineers looking to build scalable solutions on AWS.

Table of Contents

  1. Project Overview
  2. Prerequisites
  3. Architecture Diagram
  4. Setting Up the GitHub Repository
  5. Creating the Amazon ECR Repository
  6. Setting Up the Amazon EKS Cluster
  7. Building and Configuring the CI/CD Pipeline
  8. Integrating Security and Notification Services
  9. Conclusion

Project Overview

This project aims to automate the build, test, and deployment pipeline for a Java-based microservices application. Leveraging AWS services, we’ll ensure a reliable and secure pipeline from code commit to production deployment. Here’s a summary of the AWS services we’ll be using:

  • GitHub: Source code repository
  • AWS CodeBuild: For building and testing the application
  • AWS CodePipeline: To orchestrate CI/CD
  • Amazon Elastic Container Registry (ECR): For container image storage
  • Amazon Elastic Kubernetes Service (EKS): For deployment of the application
  • Amazon CodeGuru: For code quality analysis
  • AWS Security Hub: To monitor security vulnerabilities
  • Amazon SNS: For notifications

Prerequisites

To start, you need the following:

  1. AWS Account with permissions for ECR, EKS, CodePipeline, CodeBuild, Security Hub, and SNS.
  2. GitHub Repository for the source code.
  3. Java Application (preferably a microservices app) with a Dockerfile for containerization.
  4. Docker Installed for local containerization tasks.

Architecture Diagram

Below is an example architecture diagram that represents the CI/CD pipeline and deployment environment on AWS:

Image description


Setting Up the GitHub Repository

Step 1: Create Your GitHub Repository

  1. Create a Repository:

    • Sign in to GitHub, create a new repository, and upload your Java application source code.
  2. Add a Dockerfile:

    • Include a Dockerfile in the root directory of your project to define the container environment for your Java application.
  3. Sample Dockerfile:

   FROM openjdk:11-jdk
   WORKDIR /app
   COPY . /app
   RUN ./gradlew build
   CMD ["java", "-jar", "build/libs/your-app.jar"]
Enter fullscreen mode Exit fullscreen mode
  1. Integrate GitHub with AWS CodePipeline:

    • Navigate to AWS CodePipeline and create a new pipeline.
    • For the source provider, select GitHub and authorize AWS to access your repository.
    • Choose the branch to monitor for changes (e.g., main).
  2. Create a GitHub Webhook:

    • In GitHub, go to Settings > Webhooks and set up a webhook for the repository. This allows CodePipeline to trigger automatically on any push to the repository.

Creating the Amazon ECR Repository

Amazon Elastic Container Registry (ECR) is a fully managed container registry. We will store Docker images of the Java application here.

  1. Create an Amazon ECR Repository:
   aws ecr create-repository --repository-name my-java-app --region <your-region>
Enter fullscreen mode Exit fullscreen mode
  1. Authenticate Docker with ECR:

    • Use the following command to log in to your ECR registry:
     aws ecr get-login-password --region <your-region> | docker login --username AWS --password-stdin <account-id>.dkr.ecr.<region>.amazonaws.com
    
  2. Build, Tag, and Push Docker Image:

    • Build the Docker Image:
     docker build -t my-java-app .
    
  • Tag the Image:

     docker tag my-java-app:latest <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
    
  • Push the Image to ECR:

     docker push <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
    

Setting Up the Amazon EKS Cluster

Amazon Elastic Kubernetes Service (EKS) provides a managed Kubernetes cluster on AWS, which we will use to deploy and manage our application containers.

Step 1: Create an EKS Cluster

  1. Create an EKS Cluster:
   aws eks create-cluster --name my-eks-cluster --region <your-region> --kubernetes-version 1.21 --role-arn <eks-role-arn>
Enter fullscreen mode Exit fullscreen mode
  1. Set Up Worker Nodes:

    • Use EKS Console or CLI to set up worker nodes (node groups) for your cluster to run the application pods.
  2. Update kubeconfig:

    • Update your local Kubernetes configuration to interact with the EKS cluster.
     aws eks update-kubeconfig --region <your-region> --name my-eks-cluster
    

Step 2: Deploy the Java Application on EKS

  1. Create Kubernetes Deployment YAML:
    • Define a deployment.yaml file to specify the number of replicas, Docker image, and other configurations for the Java application.
   apiVersion: apps/v1
   kind: Deployment
   metadata:
     name: my-java-app
   spec:
     replicas: 3
     selector:
       matchLabels:
         app: my-java-app
     template:
       metadata:
         labels:
           app: my-java-app
       spec:
         containers:
         - name: my-java-app
           image: <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
           ports:
           - containerPort: 8080
Enter fullscreen mode Exit fullscreen mode
  1. Deploy to EKS:
   kubectl apply -f deployment.yaml
Enter fullscreen mode Exit fullscreen mode
  1. Create a LoadBalancer Service:
    • Expose the application with a load balancer for external access.
   apiVersion: v1
   kind: Service
   metadata:
     name: my-java-app-service
   spec:
     type: LoadBalancer
     selector:
       app: my-java-app
     ports:
       - protocol: TCP
         port: 80
         targetPort: 8080
Enter fullscreen mode Exit fullscreen mode
  1. Deploy Service:
   kubectl apply -f service.yaml
Enter fullscreen mode Exit fullscreen mode

Building and Configuring the CI/CD Pipeline

Step 1: Set Up CodePipeline

  1. Create CodePipeline Pipeline:

    • Go to AWS CodePipeline and set up the stages:
      • Source (GitHub)
      • Build (CodeBuild)
      • Deploy (EKS)
  2. Configure AWS CodeBuild:

    • Define a buildspec.yml for CodeBuild to build the Docker image and push it to ECR.
   version: 0.2
   phases:
     install:
       runtime-versions:
         java: corretto11
     build:
       commands:
         - echo Building the Docker image...
         - docker build -t my-java-app .
         - docker tag my-java-app:latest <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
         - docker push <account-id>.dkr.ecr.<region>.amazonaws.com/my-java-app:latest
Enter fullscreen mode Exit fullscreen mode
  1. Set Up Deploy Stage in CodePipeline:
    • Integrate EKS with CodePipeline to automate deployments.

Step 2: Automate Quality and Security Checks

  1. Amazon CodeGuru:

    • Integrate CodeGuru Reviewer with GitHub to perform code quality checks on every commit.
  2. AWS Security Hub:

    • Enable Security Hub to monitor security vulnerabilities across AWS resources.
  3. Amazon SNS Notifications:

    • Set up SNS for notifications on build or deployment failures, or security alerts:
   aws sns create-topic --name my-devops-notifications
   aws sns subscribe --topic-arn arn:aws:sns:<region>:<account-id>:my-devops-notifications --protocol email --notification-endpoint <your-email>
Enter fullscreen mode Exit fullscreen mode
  1. EventBridge Rules for Automation:
    • Create EventBridge rules to trigger specific actions (like SNS notifications) based on CodePipeline or Security Hub events.

Conclusion

This end-to-end project provides a complete DevOps solution for building and deploying Java applications on AWS. By using Code

Pipeline for CI/CD, ECR for container storage, and EKS for deployment, we ensure scalable and reliable operations. Additionally, CodeGuru, Security Hub, and SNS help maintain code quality, security, and real-time alerts, making this setup robust and enterprise-ready.

👤 Author

banner

Join Our Telegram Community || Follow me on GitHub for more DevOps content!

Top comments (7)

Collapse
 
dstringvc profile image
Dan Stringfellow

AWS Code Commit is not available to new users. How about a revision to this article showing an alternative source code repo?

Collapse
 
notharshhaa profile image
H A R S H H A A • Edited
Collapse
 
comradin profile image
Marcus Franke

Hi, Like Dan pointed out, AWS discontinued the CodeCommit service for new users.

I am not sure if one can create new repositories in existing accounts or if you can only use already existing repositories.

We maintain only two repositories in CodeCommit and it's not a very good experience.

CodeBuild can be hooked up with GitHub, to trigger runs on changes.

Please update this guide for new users. Otherwise they could fail already in the first step.

Collapse
 
notharshhaa profile image
H A R S H H A A

Thank you @comradin for bringing this to my attention. As of July 25, 2024, AWS has closed new customer access to AWS CodeCommit. Existing customers can continue to use the service, but no new features will be introduced.

For new users, I recommend using GitHub as an alternative source code repository. GitHub integrates seamlessly with AWS CodeBuild and CodePipeline, allowing you to trigger builds and deployments based on repository changes.

To set up GitHub with AWS CodeBuild:

  1. Create a GitHub Repository: If you don't have one, create a new repository on GitHub to host your code.

  2. Connect GitHub to AWS CodeBuild: In the AWS Management Console, navigate to CodeBuild and create a new project. Under "Source," select "GitHub" and authorize AWS to access your GitHub account.

  3. Configure Build Settings: Define your build environment, commands, and artifacts as needed.

  4. Set Up Webhooks: In your GitHub repository settings, add a webhook to notify AWS CodeBuild of code changes, triggering builds automatically.

For detailed instructions, refer to the AWS documentation on integrating GitHub with CodeBuild.

I will update the guide to reflect these changes and ensure it aligns with the current AWS services. Thank you for your valuable feedback.

Collapse
 
michael_balogun_9a0c48333 profile image
MICHAEL BALOGUN

Thank you for this.
I will like to learn and develop myself in devops. I've been taking some lessons on YouTube, but need more interactive lessons.
Is there anyway I can learn faster or better.
😊

Collapse
 
aadarsh-nagrath profile image
Aadarsh Nagrath

Nice one

Collapse
 
notharshhaa profile image
H A R S H H A A

Thanks 👍@aadarsh-nagrath